urlscan.io logo urlscan.io
SecurityTrails logo

heroinvesting.com Open in urlscan Pro
2600:9000:2251:5800:6:1c12:bd80:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://heroinvesting.com/
Effective URL: https://heroinvesting.com/
Submission: On December 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 92 IPs in 13 countries across 78 domains to perform 352 HTTP transactions. The main IP is 2600:9000:2251:5800:6:1c12:bd80:93a1, located in United States and belongs to AMAZON-02, US. The main domain is heroinvesting.com. The Cisco Umbrella rank of the primary domain is 322732.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 15th 2023. Valid for: a year.
This is the only time heroinvesting.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:225... 16509 (AMAZON-02)
25 2600:9000:225... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 2a03:2880:f17... 32934 (FACEBOOK)
50 2606:4700:303... 13335 (CLOUDFLAR...)
9 2606:4700:e2:... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
11 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 108.138.37.209 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
10 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:3::c 44788 (ASN-CRITE...)
1 108.138.36.117 16509 (AMAZON-02)
1 35.244.193.51 396982 (GOOGLE-CL...)
2 3.248.28.20 16509 (AMAZON-02)
4 141.95.33.120 16276 (OVH)
2 34.248.85.3 16509 (AMAZON-02)
7 3.33.220.150 16509 (AMAZON-02)
1 2620:116:800d... 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 18.173.191.32 16509 (AMAZON-02)
1 184.30.211.26 16625 (AKAMAI-AS)
1 108.138.36.46 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 94.130.203.123 24940 (HETZNER-AS)
1 2600:9000:20c... 16509 (AMAZON-02)
2 46.228.174.115 56396 (AMOBEE)
1 185.86.139.58 201081 (SMARTADSE...)
6 216.52.2.86 30282 (AS-INAPCD...)
1 157.245.86.108 14061 (DIGITALOC...)
1 3.69.209.105 16509 (AMAZON-02)
1 207.148.17.110 20473 (AS-CHOOPA)
1 209.192.253.60 7979 (SERVERS-COM)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 34.149.50.64 396982 (GOOGLE-CL...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
3 5 145.40.97.66 54825 (PACKET)
7 52.48.240.80 16509 (AMAZON-02)
1 69.166.1.32 27630 (AS-XFERNET)
5 7 208.93.169.131 46244 (WEBMD-IDC...)
1 3.126.222.73 16509 (AMAZON-02)
1 2602:803:c003... 26667 (RUBICONPR...)
2 3 104.18.36.155 13335 (CLOUDFLAR...)
1 77.245.57.72 36057 (WEBAIR-IN...)
5 23.22.117.179 14618 (AMAZON-AES)
1 54.171.197.233 16509 (AMAZON-02)
1 2.19.217.101 16625 (AKAMAI-AS)
1 199.212.255.178 25948 (FHMNET)
1 52.213.252.243 16509 (AMAZON-02)
1 52.58.170.244 16509 (AMAZON-02)
1 178.128.135.204 14061 (DIGITALOC...)
5 51.89.9.252 16276 (OVH)
1 34.149.20.76 15169 (GOOGLE)
2 54.84.92.154 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 67.202.105.24 32748 (STEADFAST)
3 5 13.248.245.213 16509 (AMAZON-02)
10 2.19.217.60 16625 (AKAMAI-AS)
2 143.198.173.135 14061 (DIGITALOC...)
22 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 2.19.216.27 16625 (AKAMAI-AS)
4 6 44.195.133.130 14618 (AMAZON-AES)
1 172.240.155.100 7979 (SERVERS-COM)
1 172.64.149.180 13335 (CLOUDFLAR...)
1 1 193.0.160.131 54312 (ROCKETFUEL)
4 2607:f350:3:2... 27630 (AS-XFERNET)
3 6 3.122.48.206 16509 (AMAZON-02)
9 12 37.252.171.149 29990 (ASN-APPNEX)
3 69.173.144.137 26667 (RUBICONPR...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
4 35.186.253.211 15169 (GOOGLE)
7 7 46.228.174.117 56396 (AMOBEE)
2 2 2001:678:cb4:... 56396 (AMOBEE)
3 3.75.62.37 16509 (AMAZON-02)
3 34.249.137.246 16509 (AMAZON-02)
4 198.47.127.18 3257 (GTT-BACKB...)
3 18.198.247.190 16509 (AMAZON-02)
5 5 81.17.55.171 60781 (LEASEWEB-...)
3 6 172.217.16.194 15169 (GOOGLE)
2 2 185.29.134.248 30419 (MEDIAMATH...)
2 2 2.18.160.23 16625 (AKAMAI-AS)
27 34.247.205.196 16509 (AMAZON-02)
4 4 35.244.159.8 396982 (GOOGLE-CL...)
3 3 54.166.150.36 14618 (AMAZON-AES)
3 2a05:d018:d29... 16509 (AMAZON-02)
3 3 52.86.247.227 14618 (AMAZON-AES)
3 8.18.47.7 398989 (DEEPINTENT)
3 3 50.31.142.191 22075 (AS-OUTBRAIN)
5 5 37.157.3.20 198622 (ADFORM)
3 184.30.16.195 16625 (AKAMAI-AS)
3 3 124.146.153.169 2514 (INFOSPHER...)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
4 4 104.64.126.246 16625 (AKAMAI-AS)
2 2 172.64.151.101 13335 (CLOUDFLAR...)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 1 35.214.243.89 15169 (GOOGLE)
1 34.255.154.78 16509 (AMAZON-02)
1 1 35.210.239.72 19527 (GOOGLE-2)
2 2 35.210.53.219 19527 (GOOGLE-2)
5 69.173.144.139 26667 (RUBICONPR...)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
352 92
1    2600:9000:2251:9e00:6:1c12:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
heroinvesting.com
25    2600:9000:2251:5800:6:1c12:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
heroinvesting.com
1    2600:9000:223f:e00:3:6d3c:dac0:93a1 (United States)

ASN16509 (AMAZON-02, US)
adgarden.market
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
50    2606:4700:3036::ac43:9447 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.heroinvesting.com
9    2606:4700:e2::ac40:8a0c (United States)

ASN13335 (CLOUDFLARENET, US)
vrl9rgsahh7mx6ndn.ay.delivery
3    2606:4700::6812:651 (United States)

ASN13335 (CLOUDFLARENET, US)
static.vidazoo.com
11    2606:4700:10::ac43:15e8 (United States)

ASN13335 (CLOUDFLARENET, US)
static.kueezrtb.com
u.kueezrtb.com
track.kueezrtb.com
gtrack.kueezrtb.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    108.138.37.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-37-209.muc50.r.cloudfront.net
c.amazon-adsystem.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
10    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
scontent.xx.fbcdn.net
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    108.138.36.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-117.muc50.r.cloudfront.net
config.aps.amazon-adsystem.com
1    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
2    3.248.28.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-28-20.eu-west-1.compute.amazonaws.com
d9.flashtalking.com
4    141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu
id5-sync.com
lb.eu-1-id5-sync.com
2    34.248.85.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-85-3.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
bcp.crwdcntrl.net
7    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
2    2606:4700:4400::ac40:90a6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    18.173.191.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-191-32.muc50.r.cloudfront.net
aax.amazon-adsystem.com
1    184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    108.138.36.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-46.muc50.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    94.130.203.123 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.123.203.130.94.clients.your-server.de
api.assertcom.de
1    2600:9000:20c3:9e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)
targeting.unrulymedia.com
1    185.86.139.58 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
6    216.52.2.86 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    157.245.86.108 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
exchange.kueezrtb.com
1    3.69.209.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-209-105.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    207.148.17.110 (Piscataway, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 207.148.17.110.vultrusercontent.com
prebid.cootlogix.com
1    209.192.253.60 (United States)

ASN7979 (SERVERS-COM, US)
colossusssp.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
1    2606:4700:4400::ac40:994e (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
5    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
7    52.48.240.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-240-80.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
1    69.166.1.32 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
7    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bid.contextweb.com
bh.contextweb.com
1    3.126.222.73 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-222-73.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    2602:803:c003:200::43 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum.casalemedia.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
cpm.qortex.ai
5    23.22.117.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-117-179.compute-1.amazonaws.com
pbs.nextmillmedia.com
1    54.171.197.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-197-233.eu-west-1.compute.amazonaws.com
hb.yellowblue.io
1    2.19.217.101 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-101.deploy.static.akamaitechnologies.com
a.teads.tv
1    199.212.255.178 (Canada)

ASN25948 (FHMNET, CA)
prebid.dblks.net
1    52.213.252.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-252-243.eu-west-1.compute.amazonaws.com
hb.minutemedia-prebid.com
1    52.58.170.244 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-170-244.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    178.128.135.204 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
brightcombid.marphezis.com
5    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
2    54.84.92.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-92-154.compute-1.amazonaws.com
report2.hb.brainlyads.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    67.202.105.24 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
5    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
10    2.19.217.60 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-60.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    143.198.173.135 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.kueezrtb.com
sync.cootlogix.com
22    2606:4700:e6::ac40:c60b (United States)

ASN13335 (CLOUDFLARENET, US)
s.0cf.io
1    2.19.216.27 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-216-27.deploy.static.akamaitechnologies.com
contextual.media.net
6    44.195.133.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-133-130.compute-1.amazonaws.com
cookies.nextmillmedia.com
1    172.240.155.100 (United States)

ASN7979 (SERVERS-COM, US)
sync.colossusssp.com
1    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    2607:f350:3:2569:0:10:0:c (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
6    3.122.48.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-48-206.eu-central-1.compute.amazonaws.com
x.bidswitch.net
12    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
3    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
4    2606:4700:10::ac43:8ae (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
3    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
prebid-match.dotomi.com
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
7    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
3    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    34.249.137.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-137-246.eu-west-1.compute.amazonaws.com
ads.servenobid.com
4    198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
3    18.198.247.190 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-247-190.eu-central-1.compute.amazonaws.com
match.sharethrough.com
5    81.17.55.171 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
6    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
cm.g.doubleclick.net
2    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
hbx.media.net
27    34.247.205.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
4    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
3    54.166.150.36 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-150-36.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    2a05:d018:d29:3601:7018:7dc3:a4e8:e820 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    52.86.247.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-247-227.compute-1.amazonaws.com
sync.ipredictive.com
3    8.18.47.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
3    50.31.142.191 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
5    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    124.146.153.169 (Miyado, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
4    104.64.126.246 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-126-246.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    35.214.243.89 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 89.243.214.35.bc.googleusercontent.com
csync.loopme.me
1    34.255.154.78 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-154-78.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
1    35.210.239.72 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
dblksync.dblks.net
Apex Domain
Subdomains		 Transfer
76 heroinvesting.com
heroinvesting.com — Cisco Umbrella Rank: 322732
cdn.heroinvesting.com — Cisco Umbrella Rank: 421885
7 MB
34 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1524
rtb.gumgum.com — Cisco Umbrella Rank: 1472
usersync.gumgum.com — Cisco Umbrella Rank: 1858
11 KB
23 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
eus.rubiconproject.com — Cisco Umbrella Rank: 588
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 788
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946
token.rubiconproject.com — Cisco Umbrella Rank: 461
74 KB
22 0cf.io
s.0cf.io — Cisco Umbrella Rank: 9866
268 KB
13 kueezrtb.com
static.kueezrtb.com — Cisco Umbrella Rank: 11681
u.kueezrtb.com — Cisco Umbrella Rank: 12839
track.kueezrtb.com — Cisco Umbrella Rank: 10748
gtrack.kueezrtb.com — Cisco Umbrella Rank: 10751
exchange.kueezrtb.com — Cisco Umbrella Rank: 7780
sync.kueezrtb.com — Cisco Umbrella Rank: 7242
89 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
8 KB
11 nextmillmedia.com
pbs.nextmillmedia.com — Cisco Umbrella Rank: 2834
cookies.nextmillmedia.com — Cisco Umbrella Rank: 2362
6 KB
10 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 953
scontent.xx.fbcdn.net — Cisco Umbrella Rank: 445
174 KB
9 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
167 KB
9 ay.delivery
vrl9rgsahh7mx6ndn.ay.delivery — Cisco Umbrella Rank: 198489
341 KB
8 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 661
ads.pubmatic.com — Cisco Umbrella Rank: 544
image6.pubmatic.com — Cisco Umbrella Rank: 793
18 KB
8 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
us-u.openx.net — Cisco Umbrella Rank: 491
1 KB
7 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1196
x.bidswitch.net — Cisco Umbrella Rank: 336
8 KB
7 contextweb.com
bid.contextweb.com — Cisco Umbrella Rank: 4049
bh.contextweb.com — Cisco Umbrella Rank: 501
4 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
2 KB
7 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1596
ssc.33across.com — Cisco Umbrella Rank: 3699
ssc-cms.33across.com — Cisco Umbrella Rank: 904
564 B
6 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
1 KB
6 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 592
eb2.3lift.com — Cisco Umbrella Rank: 372
2 KB
6 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
3 KB
6 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1657
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1332
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
1 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
3 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 546
3 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
696 B
5 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
ssum.casalemedia.com — Cisco Umbrella Rank: 1351
3 KB
5 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2225
sync.go.sonobi.com — Cisco Umbrella Rank: 951
3 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
902 B
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
77 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
1 KB
4 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 4388
sync-eu.connectad.io — Cisco Umbrella Rank: 3826
2 KB
4 gstatic.com
fonts.gstatic.com
169 KB
4 dblks.net
prebid.dblks.net — Cisco Umbrella Rank: 53619
dblksync.dblks.net — Cisco Umbrella Rank: 11055
24 KB
4 media.net
prebid.media.net — Cisco Umbrella Rank: 1498
contextual.media.net — Cisco Umbrella Rank: 665
hbx.media.net — Cisco Umbrella Rank: 1215
10 KB
4 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1054
match.sharethrough.com — Cisco Umbrella Rank: 495
159 B
4 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 805
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258
1 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404
121 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 425
cdn.id5-sync.com — Cisco Umbrella Rank: 893
35 KB
3 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
2 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 586
927 B
3 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 925
76 B
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 836
1 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
4 KB
3 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2371
871 B
3 dotomi.com
prebid-match.dotomi.com — Cisco Umbrella Rank: 1982
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1628
mp.4dex.io — Cisco Umbrella Rank: 2346
25 KB
3 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2417
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
12 KB
3 vidazoo.com
static.vidazoo.com — Cisco Umbrella Rank: 3456
63 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4682
749 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1031
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
868 B
2 brainlyads.com
report2.hb.brainlyads.com — Cisco Umbrella Rank: 4674
1 KB
2 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 1354
sync.colossusssp.com — Cisco Umbrella Rank: 1503
139 B
2 cootlogix.com
prebid.cootlogix.com — Cisco Umbrella Rank: 4850
sync.cootlogix.com — Cisco Umbrella Rank: 2363
711 B
2 assertcom.de
api.assertcom.de — Cisco Umbrella Rank: 11548
619 B
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1567
105 KB
2 flashtalking.com
d9.flashtalking.com — Cisco Umbrella Rank: 1842
12 KB
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
376 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
158 KB
1 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 4714
238 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 582
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 870
286 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
734 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
4 KB
1 marphezis.com
brightcombid.marphezis.com — Cisco Umbrella Rank: 15670
20 KB
1 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3730
431 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1466
382 B
1 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 2147
431 B
1 qortex.ai
cpm.qortex.ai — Cisco Umbrella Rank: 24835
238 B
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 1600
371 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1296
642 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
277 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6765
455 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1042
17 KB
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1276
9 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
255 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
15 KB
1 adgarden.market
adgarden.market — Cisco Umbrella Rank: 91112
8 KB
0 avct.cloud Failed
ads.avct.cloud Failed
352 78
Domain Requested by
50 cdn.heroinvesting.com heroinvesting.com
27 usersync.gumgum.com rtb.gumgum.com
26 heroinvesting.com 1 redirects heroinvesting.com
22 s.0cf.io vrl9rgsahh7mx6ndn.ay.delivery
s.0cf.io
rtb.gumgum.com
10 eus.rubiconproject.com vrl9rgsahh7mx6ndn.ay.delivery
rtb.gumgum.com
cookies.nextmillmedia.com
eus.rubiconproject.com
9 vrl9rgsahh7mx6ndn.ay.delivery heroinvesting.com
vrl9rgsahh7mx6ndn.ay.delivery
8 ib.adnxs.com 5 redirects
8 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
7 match.adsrvr.org vrl9rgsahh7mx6ndn.ay.delivery
s.0cf.io
rtb.gumgum.com
6 cm.g.doubleclick.net 3 redirects rtb.gumgum.com
6 rtb.gumgum.com s.0cf.io
rtb.gumgum.com
6 x.bidswitch.net 3 redirects rtb.gumgum.com
6 bh.contextweb.com 5 redirects vrl9rgsahh7mx6ndn.ay.delivery
s.0cf.io
6 cookies.nextmillmedia.com 4 redirects vrl9rgsahh7mx6ndn.ay.delivery
cookies.nextmillmedia.com
6 ap.lijit.com vrl9rgsahh7mx6ndn.ay.delivery
s.0cf.io
cookies.nextmillmedia.com
5 token.rubiconproject.com eus.rubiconproject.com
5 c1.adform.net 5 redirects
5 sync.1rx.io 5 redirects
5 eb2.3lift.com 3 redirects vrl9rgsahh7mx6ndn.ay.delivery
cookies.nextmillmedia.com
s.0cf.io
5 ssc-cms.33across.com vrl9rgsahh7mx6ndn.ay.delivery
s.0cf.io
cookies.nextmillmedia.com
5 onetag-sys.com vrl9rgsahh7mx6ndn.ay.delivery
s.0cf.io
5 pbs.nextmillmedia.com vrl9rgsahh7mx6ndn.ay.delivery
cookies.nextmillmedia.com
5 prebid.a-mo.net 3 redirects vrl9rgsahh7mx6ndn.ay.delivery
s.0cf.io
4 secure-assets.rubiconproject.com 4 redirects
4 creativecdn.com 4 redirects
4 us-u.openx.net 4 redirects
4 secure.adnxs.com 4 redirects
4 image8.pubmatic.com s.0cf.io
cookies.nextmillmedia.com
4 rtb.openx.net s.0cf.io
cookies.nextmillmedia.com
4 ssum.casalemedia.com 4 redirects s.0cf.io
4 sync.go.sonobi.com s.0cf.io
4 fonts.gstatic.com heroinvesting.com
4 gtrack.kueezrtb.com heroinvesting.com
4 track.kueezrtb.com heroinvesting.com
3 dblksync.dblks.net s.0cf.io
3 tg.socdm.com 3 redirects
3 ads.pubmatic.com rtb.gumgum.com
3 ssbsync.smartadserver.com 3 redirects
3 b1sync.zemanta.com 3 redirects
3 match.deepintent.com rtb.gumgum.com
3 sync.ipredictive.com 3 redirects
3 pr-bh.ybp.yahoo.com rtb.gumgum.com
3 sync.srv.stackadapt.com 3 redirects
3 match.sharethrough.com s.0cf.io
3 ads.servenobid.com s.0cf.io
3 ups.analytics.yahoo.com s.0cf.io
3 prebid-match.dotomi.com s.0cf.io
3 cdn.connectad.io s.0cf.io
3 prebid-server.rubiconproject.com s.0cf.io
3 fundingchoicesmessages.google.com vrl9rgsahh7mx6ndn.ay.delivery
3 id5-sync.com vrl9rgsahh7mx6ndn.ay.delivery
3 c.amazon-adsystem.com heroinvesting.com
c.amazon-adsystem.com
3 static.vidazoo.com heroinvesting.com
static.vidazoo.com
2 pool.admedo.com 2 redirects
2 hbx.media.net 2 redirects s.0cf.io
2 sync.mathtag.com 2 redirects s.0cf.io
2 ssbsync-global.smartadserver.com 2 redirects s.0cf.io
2 sync.targeting.unrulymedia.com 2 redirects s.0cf.io
2 ad.turn.com 2 redirects
2 report2.hb.brainlyads.com heroinvesting.com
2 targeting.unrulymedia.com vrl9rgsahh7mx6ndn.ay.delivery
2 api.assertcom.de vrl9rgsahh7mx6ndn.ay.delivery
2 script.4dex.io vrl9rgsahh7mx6ndn.ay.delivery
script.4dex.io
2 cdn.confiant-integrations.net vrl9rgsahh7mx6ndn.ay.delivery
cdn.confiant-integrations.net
2 d9.flashtalking.com vrl9rgsahh7mx6ndn.ay.delivery
d9.flashtalking.com
2 gum.criteo.com vrl9rgsahh7mx6ndn.ay.delivery
2 scontent.xx.fbcdn.net www.facebook.com
2 securepubads.g.doubleclick.net heroinvesting.com
securepubads.g.doubleclick.net
2 www.googletagmanager.com heroinvesting.com
www.googletagmanager.com
2 static.kueezrtb.com heroinvesting.com
static.kueezrtb.com
1 u.ipw.metadsp.co.uk 1 redirects
1 ads.yieldmo.com cookies.nextmillmedia.com
1 csync.loopme.me 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 sync-eu.connectad.io cdn.connectad.io
1 p.rfihub.com 1 redirects
1 js-sec.indexww.com vrl9rgsahh7mx6ndn.ay.delivery
1 sync.colossusssp.com vrl9rgsahh7mx6ndn.ay.delivery
1 sync.cootlogix.com vrl9rgsahh7mx6ndn.ay.delivery
1 contextual.media.net vrl9rgsahh7mx6ndn.ay.delivery
1 sync.kueezrtb.com vrl9rgsahh7mx6ndn.ay.delivery
1 fonts.googleapis.com
1 ssc.33across.com vrl9rgsahh7mx6ndn.ay.delivery
1 brightcombid.marphezis.com vrl9rgsahh7mx6ndn.ay.delivery
1 grid.bidswitch.net vrl9rgsahh7mx6ndn.ay.delivery
1 hb.minutemedia-prebid.com vrl9rgsahh7mx6ndn.ay.delivery
1 prebid.dblks.net vrl9rgsahh7mx6ndn.ay.delivery
1 a.teads.tv vrl9rgsahh7mx6ndn.ay.delivery
1 hb.yellowblue.io vrl9rgsahh7mx6ndn.ay.delivery
1 cpm.qortex.ai vrl9rgsahh7mx6ndn.ay.delivery
1 htlb.casalemedia.com vrl9rgsahh7mx6ndn.ay.delivery
1 fastlane.rubiconproject.com vrl9rgsahh7mx6ndn.ay.delivery
1 tlx.3lift.com vrl9rgsahh7mx6ndn.ay.delivery
1 bid.contextweb.com vrl9rgsahh7mx6ndn.ay.delivery
1 apex.go.sonobi.com vrl9rgsahh7mx6ndn.ay.delivery
1 g2.gumgum.com vrl9rgsahh7mx6ndn.ay.delivery
1 mp.4dex.io vrl9rgsahh7mx6ndn.ay.delivery
1 s.seedtag.com vrl9rgsahh7mx6ndn.ay.delivery
1 prebid.media.net vrl9rgsahh7mx6ndn.ay.delivery
1 colossusssp.com vrl9rgsahh7mx6ndn.ay.delivery
1 prebid.cootlogix.com vrl9rgsahh7mx6ndn.ay.delivery
1 btlr.sharethrough.com vrl9rgsahh7mx6ndn.ay.delivery
1 exchange.kueezrtb.com vrl9rgsahh7mx6ndn.ay.delivery
1 prg.smartadserver.com vrl9rgsahh7mx6ndn.ay.delivery
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 rules.quantcount.com secure.quantserve.com
1 lb.eu-1-id5-sync.com vrl9rgsahh7mx6ndn.ay.delivery
1 www.google.de heroinvesting.com
1 www.google.com heroinvesting.com
1 cdn.id5-sync.com vrl9rgsahh7mx6ndn.ay.delivery
1 tags.crwdcntrl.net vrl9rgsahh7mx6ndn.ay.delivery
1 secure.cdn.fastclick.net vrl9rgsahh7mx6ndn.ay.delivery
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 secure.quantserve.com heroinvesting.com
1 id.crwdcntrl.net vrl9rgsahh7mx6ndn.ay.delivery
1 lexicon.33across.com vrl9rgsahh7mx6ndn.ay.delivery
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 u.kueezrtb.com static.kueezrtb.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.facebook.com heroinvesting.com
1 adgarden.market heroinvesting.com
0 ads.avct.cloud Failed rtb.gumgum.com
352 123

This site contains no links.

Subject Issuer Validity Valid
*.heroinvesting.com
Amazon RSA 2048 M02		 2023-02-15 -
2024-03-16		 a year crt.sh
*.adgarden.market
Amazon RSA 2048 M01		 2023-02-08 -
2024-03-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-22 -
2023-12-21		 3 months crt.sh
heroinvesting.com
E1		 2023-10-27 -
2024-01-25		 3 months crt.sh
ay.delivery
GTS CA 1P5		 2023-10-28 -
2024-01-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
kueezrtb.com
GTS CA 1P5		 2023-10-18 -
2024-01-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-11-27 -
2024-02-25		 3 months crt.sh
tag.device9.com
Go Daddy Secure Certificate Authority - G2		 2023-07-19 -
2024-08-19		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2023-10-08 -
2024-11-06		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-11-19 -
2024-02-17		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
api.assertcom.de
R3		 2023-10-15 -
2024-01-13		 3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.kueezrtb.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-17 -
2024-09-14		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.cootlogix.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-19 -
2024-11-17		 a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2023-09-08 -
2024-10-09		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-29 -
2024-04-15		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
qortex.ai
R3		 2023-11-14 -
2024-02-12		 3 months crt.sh
pbs.nextmillmedia.com
Amazon RSA 2048 M01		 2023-06-13 -
2024-07-12		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-19 -
2024-05-17		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.dblks.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-15 -
2024-08-14		 a year crt.sh
*.minutemedia-prebid.com
Amazon ECDSA 256 M01		 2023-04-18 -
2024-05-16		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.marphezis.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-03 -
2024-01-03		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
report2.hb.brainlyads.com
R3		 2023-10-22 -
2024-01-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
cookies.nextmillmedia.com
Amazon RSA 2048 M02		 2023-06-13 -
2024-07-11		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2023-03-16 -
2024-03-15		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
dblks.net
GTS CA 1P5		 2023-10-21 -
2024-01-19		 3 months crt.sh

This page contains 115 frames:

Primary Page: https://heroinvesting.com/
Frame ID: 9B98B55030764E639043886D81D7DE52
Requests: 173 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fheroinvesting%2F&tabs&width=360&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&hide_cta=true&appId=3624856587599651
Frame ID: 9676BC5F10DC43EC9ED7734F598F8AB5
Requests: 11 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dUOeOqXmSr7AmkrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Frame ID: 71CE0D951D6BD206FBA020D22C5E6781
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 817A1D357FAB3760AE96D7324CCF1FD6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 19138ADFECE634C0FA2ADB7271742183
Requests: 3 HTTP requests in this frame

Frame: https://sync.kueezrtb.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: E8B06BD72C90736A43CF4F931588FD67
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Frame ID: 4CF4A6CD6DA8830F16E92CE007E60FA6
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUK6VG18&prvid=2012%2C2034%2C2033%2C2055%2C2030%2C3020%2C251%2C233%2C2027%2C236%2C237%2C459%2C70%2C97%2C55%2C77%2C2022%2C3012%2C262%2C461%2C244%2C201%2C2039%2C246%2C4%2C203%2C10000%2C108%2C9%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 4FEA6F3BF0047FEB85AEC488E14CEA07
Requests: 1 HTTP requests in this frame

Frame: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 3FFEB44099E34E52DCC87E3E72D80C1A
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13530234
Frame ID: C00B934F8DC709A1D0140D10601D666F
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 60138EBD43C8C0C94F53B5943BFE5333
Requests: 1 HTTP requests in this frame

Frame: https://cookies.nextmillmedia.com/sync?type=iframe
Frame ID: 0D1FA72E87D9E0524278CBE8927ACC5C
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: 3C4373AE22F82A1D60AFCF89D6994844
Requests: 1 HTTP requests in this frame

Frame: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Frame ID: 3D117BF1108ABAE6C1CDED434FAB4D6E
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 425288D85A393E13A702ECFAE4899B87
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1702517906365
Frame ID: 213BFD37CE555071E3A527C600D7DCDD
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 88163B8131F928D2E4869DBA137537E6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D
Frame ID: CDEF86C193BD27089330456805616A87
Requests: 1 HTTP requests in this frame

Frame: https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D10%26uid%3D
Frame ID: 1E937B8AF01F5E18304491DBB8EBCDEA
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Frame ID: 34EB2C627A7AACB365467534448B2DCE
Requests: 11 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 2EB6EDBE4A5FA9FF5ADB913EDACD61D4
Requests: 1 HTTP requests in this frame

Frame: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D19%26uid%3D%24%7BUID%7D
Frame ID: 60D327B8C65E54E10BFFF192AF6E71D7
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D25%26uid%3D%24UID
Frame ID: 7E94C9DC117C0E3E0E0F5C834F70DF77
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D26%26uid%3D%5BUID%5D
Frame ID: C60F2D324610AA57417852FAAADF8151
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 7C479ADD0EAE650BE62E59381309C797
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58448/occ?uid=435fef186a0201477%26uid%3D
Frame ID: EAFF5151781995C13D54851E371F3B2C
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 8D0E67A1F5465F6A642941B6ECF57D58
Requests: 5 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D
Frame ID: 181574577273680ABEBCAE0A49B1B85D
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D1%26uid%3D33XUSERID33X
Frame ID: 774C6531F80ED1EE0BDDCE06A39DB105
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID
Frame ID: 9425264137BEB199C254510DDEBF6AEC
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: E1B1CE431238BDED6CE6F810E5369475
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=Uj448boa
Frame ID: B958A64918D6E7550286FCFC8AF18697
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 2D25DCF369E473DFBF08AB73EF4D4E2F
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/ps/?dbid=435fef186a02014
Frame ID: 504BDC7CB9D2272DFFFCA3B5850A4541
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 3F0C806E8A08FFB62FFBEF43DB0C36A6
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 3FA6AF3493B31FD96F7FE6175C1B22B0
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=4940570022738590713&gdpr=0&gdpr_consent=0
Frame ID: AF788BE66C0471427701B67D7F0876A9
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85N2FkMzZmYS1lMDliLTRlNDAtOWRiMC00ODU0OTkwMjBiYTE=&gdpr=0&gdpr_consent=0&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: DCF0D21EBBEDFDB80FA1F957950ED2FE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=0
Frame ID: 8F7314FD05F95EFA1DA47C04AFBA9081
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0
Frame ID: E21CB5F95E9D44FCA7517373EF693F8D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZXpclcCo8YQAAPbJVFwAAAAA
Frame ID: B174564A8A9DA0206729995DBCB8420B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=MnHKa4YKBiEV-eg2_qC9ltwXs7k1aWnZNxAQgGs3iPE&pi=gumgum&tc=1
Frame ID: 5622BE3E743EEF82D49AB2C029D09D67
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: FF7CD2AD846A76DB75E29378220BFB4E
Requests: 3 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 4EA9A82094736759FFAA5E92A2A1A317
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D
Frame ID: 18C0601E1C8B09F54A668F52EBE8E983
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 0083056B5921CD3694BB02C823DE7A72
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D
Frame ID: 96599BCA3135AC52BE8F0C9F57FCBCF5
Requests: 1 HTTP requests in this frame

Frame: https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D10%26uid%3D
Frame ID: A61003C80EF3755020EFADB52F25AFD3
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Frame ID: 2550C0F52614F0D65BDBE346AE5221C2
Requests: 11 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 770FC8CB13DE45272783CB56A306CB81
Requests: 1 HTTP requests in this frame

Frame: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D19%26uid%3D%24%7BUID%7D
Frame ID: 682AECEE007E594245BDE980609BF635
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D25%26uid%3D%24UID
Frame ID: 2B865FE7542483A0691C7DB206A77F44
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D26%26uid%3D%5BUID%5D
Frame ID: 710027D89A19C68A204A39E01745E9CE
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 34B946B7FB065DD476CF4E56AE6EFC25
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58448/occ?uid=435fef186a0201477%26uid%3D
Frame ID: 7FAD3043D934EFF5B2FAFD22D1B756ED
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 7F3AC52443C05A674FD5DD52F926E593
Requests: 5 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D
Frame ID: 35F0AC625934B7F6A39010EAF89846AA
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D1%26uid%3D33XUSERID33X
Frame ID: 21B6C9AF9A0D0F099C462D1D25206E47
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID
Frame ID: B46AE7712416D6CC0897865E16C8A8EF
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 45AC95698D42D09FA82E237AE4064104
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=Uj448boa
Frame ID: 3C5BB3BA9336EF750192C41562265053
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 83DA4CF79594EF0228FF3EF044093263
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/ps/?dbid=435fef186a02014
Frame ID: 755BA73AE959A5AEFD4C3A71BD44C77B
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: F28279975623BA1A7DC9B44F24CF8381
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 0AA76C6A5124B370C95B88D9108BB9DB
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Frame ID: DCEE8C6AF3890E5781C01E3D95D1661A
Requests: 1 HTTP requests in this frame

Frame: https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=&gpp_sid=%7B%7B.GPPSID%7D%7D&gpp=%7B%7B.GPP%7D%7D
Frame ID: 10CC8CC810D055C0A1F46B18633847A7
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=8174363493500510630
Frame ID: 0FB31072F483401E65A694927CDF0DDF
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=b729c95f-e0ea-43d0-87f4-4fde90f93fce
Frame ID: 9E96FEE0047D8E56BC4FFD04F2CA8C50
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZXpclNI1WoWEvN1Ct49KnQAA&5225
Frame ID: E0DB0282058A6F3087E701993C974E2B
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=bfaec979-4f77-4829-bdde-657d977682e8
Frame ID: D7D5F1AE6D0E70413C47187B98F598E7
Requests: 1 HTTP requests in this frame

Frame: https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUID%7D
Frame ID: FE259C596A4DD0DFADB2476F95A66295
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?p=157577&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%23PMUID
Frame ID: F06CBBF89153BF80D43FBA68CD582CE1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Frame ID: 1AABD945436FBC70FE1849FD2EA6503E
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dsovrn%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Frame ID: 05BA59198F81B819F5D95F9290D90311
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Frame ID: 446856CF8BB9318FAEF806293B77BE8B
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dyieldmo%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Frame ID: 03B6F647780F88AAC3413F3220C3FE30
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=5610494100543643409&gdpr=0&gdpr_consent=0
Frame ID: B097A6BF1FF913452657A03D91AC2CA7
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85N2FkMzZmYS1lMDliLTRlNDAtOWRiMC00ODU0OTkwMjBiYTE=&gdpr=0&gdpr_consent=0&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 5E381D1C4D3845E8E713A3C826D1E8C1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=0
Frame ID: 5A9B3B514571E5F1C4DA9782D8ED60D0
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0
Frame ID: 0369A0E69361D3BE7FC8A19E78D14DCB
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZXpclcCo8XoAAPDAyS0AAAAA
Frame ID: 87944AEE0B67B73D98B2A1F5F7AD0BB5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=MnHKa4YKBiEV-eg2_qC9ltwXs7k1aWnZNxAQgGs3iPE&pi=gumgum
Frame ID: 733B970C9723228717D206838ED00772
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 2D6D14534679BB0854A47F9D49BCB186
Requests: 3 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: B87DEEFF17E34624C1363F4D30DEB8F5
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D76%26uid%3D%24UID
Frame ID: 87660D192F430D20A29F5D543CFEBC6F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D
Frame ID: 6B98D4DC6F725997CDA0A627EDD5179D
Requests: 1 HTTP requests in this frame

Frame: https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D10%26uid%3D
Frame ID: 4CC48F6D38E0CE13F509632916D9CC09
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Frame ID: EB17BF1BE21934DE65790A12F8F0FD0C
Requests: 11 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D74%26uid%3D
Frame ID: 56C001A65AC84C8F4C815A7C1147D10F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D19%26uid%3D%24%7BUID%7D
Frame ID: E89CA8EAD58C9A43A2D11C85C5E3DAE2
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D25%26uid%3D%24UID
Frame ID: 6F6018122F40595503E5C5A04FC56442
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D26%26uid%3D%5BUID%5D
Frame ID: 6209E92FC346986695EDD4E1DA397AD2
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-b5dcbb40-44b5-48b8-a207-0db1bfb5f5cb-003?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D22%26uid%3DRX-b5dcbb40-44b5-48b8-a207-0db1bfb5f5cb-003
Frame ID: 439812F461F00C1F688F8E3D4F1A87DE
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58448/occ?uid=435fef186a0201477%26uid%3D
Frame ID: 03029E70D3F9F8DFDAEA8C1F8371EAE1
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D81%26uid%3D
Frame ID: 520C5DD290E440D7EB5A06C64AC5FA87
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D
Frame ID: D5BAE35BBF01F5CA8143D6B256657A84
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D1%26uid%3D33XUSERID33X
Frame ID: 6A9822FA9411A35DAD13122D64E06237
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID
Frame ID: 3E1A2B588213CA49937E8C71438CBB87
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D21%26uid%3D%25%25VGUID%25%25
Frame ID: CCADCAD0CA0BFA429768B099F6C805E2
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=Uj448boa
Frame ID: EAD50F58B10AD0230CC74E247457D178
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D82%26uid%3D%5Bssb_sync_pid%5D
Frame ID: 4E5977DD4DCCA66A5EC2442E89F20A43
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/ps/?dbid=435fef186a02014
Frame ID: 800EA2A2678256A13C75830F76E6F8D9
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D61%26uid%3D%5BMM_UUID%5D
Frame ID: B6BD0499E809EC29DCA82FF69EBD2B5C
Requests: 1 HTTP requests in this frame

Frame: https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D88%26uid%3D%3Cvsid%3E
Frame ID: D604B269F9CA752977A31DD336F4865A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=5610494100543643409&gdpr=0&gdpr_consent=0
Frame ID: 461E8AD85181C8F51C9F53833FEF7DB5
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85N2FkMzZmYS1lMDliLTRlNDAtOWRiMC00ODU0OTkwMjBiYTE=&gdpr=0&gdpr_consent=0&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 2B1E637439F3A96657CFDEEA6FE15A64
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=0
Frame ID: 318B6B0CE6E56EC4CF15FF3FF706BB0A
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0
Frame ID: 2635A3F36B7AB886EAEFA63595F66015
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZXpclcCo8YMAANVdOhgAAAAA
Frame ID: 99E84EDB40DFEC6E750E2EF30FA242CB
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=MnHKa4YKBiEV-eg2_qC9ltwXs7k1aWnZNxAQgGs3iPE&pi=gumgum
Frame ID: C97FD4FC18B58789D0BBA60C7370541D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 18E81DC51E450AD964B602053AD28943
Requests: 3 HTTP requests in this frame

Frame: https://dblksync.dblks.net/dblksync/
Frame ID: F2C02DB897BB4457CFCA57B0DA1B9642
Requests: 1 HTTP requests in this frame

Frame: https://dblksync.dblks.net/dblksync/
Frame ID: DC58B92378557D6DD4BB35E395F7E79E
Requests: 1 HTTP requests in this frame

Frame: https://dblksync.dblks.net/dblksync/
Frame ID: 49F547FF27F9B8DC5E62800D827B2B1E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HeroInvesting

Page URL History Show full URLs

  1. http://heroinvesting.com/ HTTP 301
    https://heroinvesting.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

352
Requests

90 %
HTTPS

30 %
IPv6

78
Domains

123
Subdomains

92
IPs

13
Countries

9276 kB
Transfer

14819 kB
Size

63
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://heroinvesting.com/ HTTP 301
    https://heroinvesting.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 197
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5140084928859533869
Request Chain 199
  • https://ib.adnxs.com/getuid?https://ib.adnxs.com/getuidj HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fib.adnxs.com%2Fgetuidj HTTP 302
  • https://ib.adnxs.com/getuidj
Request Chain 200
  • https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D76%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D76%26uid%3D%24UID HTTP 302
  • https://s.0cf.io/
Request Chain 206
  • https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D74%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D74%26uid%3D&s=184932&C=1 HTTP 302
  • https://s.0cf.io/
Request Chain 210
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D22%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1702517908340 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5382031778 HTTP 302
  • https://sync.1rx.io/usersync/turn/3370552569649972732?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b5dcbb40-44b5-48b8-a207-0db1bfb5f5cb-003?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D22%26uid%3DRX-b5dcbb40-44b5-48b8-a207-0db1bfb5f5cb-003 HTTP 302
  • https://s.0cf.io/
Request Chain 212
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D81%26uid%3D HTTP 302
  • https://s.0cf.io/
Request Chain 217
  • https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D21%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://s.0cf.io/
Request Chain 219
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D82%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://s.0cf.io/
Request Chain 220
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=datablocks_inc&google_hm=435fef186a02014&dbid=435fef186a02014 HTTP 302
  • https://s.0cf.io/ps/?dbid=435fef186a02014
Request Chain 221
  • https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D61%26uid%3D%5BMM_UUID%5D HTTP 302
  • https://s.0cf.io/
Request Chain 222
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D88%26uid%3D%3Cvsid%3E HTTP 302
  • https://s.0cf.io/
Request Chain 223
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=8174363493500510630
Request Chain 224
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_97ad36fa-e09b-4e40-9db0-485499020ba1&gdpr=0&gdpr_consent=0&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_97ad36fa-e09b-4e40-9db0-485499020ba1&gdpr=0&gdpr_consent=0&us_privacy= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
Request Chain 225
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=0&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=0&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=88680b6f-5b9b-44cc-81dc-69623d2418b5&gdpr=0&gdpr_consent=0
Request Chain 226
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0 HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-54cb0e83-20ac-590a-548e-44c5abe7216b$ip$45.141.152.73
Request Chain 228
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=f82c514e-5f85-44e0-81ab-50542a8356fd
Request Chain 230
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_97ad36fa-e09b-4e40-9db0-485499020ba1&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Request Chain 231
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=GJJLjuNJXnfP&ev=1&pid=558355
Request Chain 232
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0 HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=6713612673972781815
Request Chain 233
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0 HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=4940570022738590713&gdpr=0&gdpr_consent=0
Request Chain 237
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZXpclcCo8YQAAPbJVFwAAAAA
Request Chain 238
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=MnHKa4YKBiEV-eg2_qC9ltwXs7k1aWnZNxAQgGs3iPE&pi=gumgum&tc=1
Request Chain 239
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 242
  • https://ib.adnxs.com/getuid?https://ib.adnxs.com/getuidj HTTP 302
  • https://ib.adnxs.com/getuidj
Request Chain 243
  • https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D76%26uid%3D%24UID HTTP 302
  • https://s.0cf.io/
Request Chain 249
  • https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D74%26uid%3D HTTP 302
  • https://s.0cf.io/
Request Chain 253
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D22%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7661921972 HTTP 302
  • https://sync.1rx.io/usersync/turn/3442610163687900668?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b5dcbb40-44b5-48b8-a207-0db1bfb5f5cb-003?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D22%26uid%3DRX-b5dcbb40-44b5-48b8-a207-0db1bfb5f5cb-003 HTTP 302
  • https://s.0cf.io/
Request Chain 255
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D81%26uid%3D HTTP 302
  • https://s.0cf.io/
Request Chain 260
  • https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D21%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://s.0cf.io/
Request Chain 262
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D82%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://s.0cf.io/
Request Chain 263
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=datablocks_inc&google_hm=435fef186a02014&dbid=435fef186a02014 HTTP 302
  • https://s.0cf.io/ps/?dbid=435fef186a02014
Request Chain 264
  • https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D61%26uid%3D%5BMM_UUID%5D HTTP 302
  • https://s.0cf.io/
Request Chain 265
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D88%26uid%3D%3Cvsid%3E HTTP 302
  • https://s.0cf.io/
Request Chain 268
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=&gpp_sid=%7B%7B.GPPSID%7D%7D&gpp=%7B%7B.GPP%7D%7D
Request Chain 269
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dappnexus%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=appnexus&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=8174363493500510630 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=8174363493500510630
Request Chain 270
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dgrid%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=grid&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=b729c95f-e0ea-43d0-87f4-4fde90f93fce HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=b729c95f-e0ea-43d0-87f4-4fde90f93fce
Request Chain 271
  • https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gppsid={{.GPPSID}}&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D HTTP 302
  • https://cookies.nextmillmedia.com/setuid?gpp=%7B%7B.GPP%7D%7D&bidder=ix&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=ZXpclNI1WoWEvN1Ct49KnQAA%265225 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZXpclNI1WoWEvN1Ct49KnQAA&5225
Request Chain 272
  • https://csync.loopme.me/?pubid=11364&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7Bviewer_token%7D HTTP 307
  • https://cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=bfaec979-4f77-4829-bdde-657d977682e8&gdpr_consent=null&gdpr=null HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=bfaec979-4f77-4829-bdde-657d977682e8
Request Chain 275
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17888&endpoint=us-east&nmuid= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Request Chain 279
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=8174363493500510630
Request Chain 280
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_97ad36fa-e09b-4e40-9db0-485499020ba1&gdpr=0&gdpr_consent=0&us_privacy= HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=b729c95f-e0ea-43d0-87f4-4fde90f93fce&gdpr=0&gdpr_consent=0&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=0&user_group=0&user_id=&ssp=gumgum2&bsw_param=b729c95f-e0ea-43d0-87f4-4fde90f93fce
Request Chain 281
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=0&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=88680b6f-5b9b-44cc-81dc-69623d2418b5&gdpr=0&gdpr_consent=0
Request Chain 282
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0 HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-54cb0e83-20ac-590a-548e-44c5abe7216b$ip$45.141.152.73
Request Chain 284
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=605d0555-3e92-4b13-9284-42ef19ab71b2
Request Chain 286
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_97ad36fa-e09b-4e40-9db0-485499020ba1&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Request Chain 287
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=lFmJ4efAMLpC&ev=1&pid=558355
Request Chain 288
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0 HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=3624484212560970283
Request Chain 289
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0 HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=5610494100543643409&gdpr=0&gdpr_consent=0
Request Chain 293
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZXpclcCo8XoAAPDAyS0AAAAA
Request Chain 294
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=MnHKa4YKBiEV-eg2_qC9ltwXs7k1aWnZNxAQgGs3iPE&pi=gumgum
Request Chain 295
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 299
  • https://ib.adnxs.com/getuid?https://ib.adnxs.com/getuidj HTTP 302
  • https://ib.adnxs.com/getuidj
Request Chain 310
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D22%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7143711031 HTTP 302
  • https://sync.1rx.io/usersync/turn/2433803847156909564?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b5dcbb40-44b5-48b8-a207-0db1bfb5f5cb-003?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D22%26uid%3DRX-b5dcbb40-44b5-48b8-a207-0db1bfb5f5cb-003
Request Chain 320
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=datablocks_inc&google_hm=435fef186a02014&dbid=435fef186a02014 HTTP 302
  • https://s.0cf.io/ps/?dbid=435fef186a02014
Request Chain 324
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=8174363493500510630
Request Chain 325
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_97ad36fa-e09b-4e40-9db0-485499020ba1&gdpr=0&gdpr_consent=0&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=b729c95f-e0ea-43d0-87f4-4fde90f93fce HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=b729c95f-e0ea-43d0-87f4-4fde90f93fce HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=ed0fadbd-55e0-42d9-a8c6-8c09733b3966&user_group=1&ssp=gumgum2&bsw_param=b729c95f-e0ea-43d0-87f4-4fde90f93fce
Request Chain 326
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=0&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=88680b6f-5b9b-44cc-81dc-69623d2418b5&gdpr=0&gdpr_consent=0
Request Chain 327
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0 HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-54cb0e83-20ac-590a-548e-44c5abe7216b$ip$45.141.152.73
Request Chain 329
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=6c3a2e6c-cc1e-4ab5-b82b-ea13740e1cc9
Request Chain 331
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_97ad36fa-e09b-4e40-9db0-485499020ba1&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Request Chain 332
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=ynUskHocFGaR&ev=1&pid=558355
Request Chain 333
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0 HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=3624484212560970283
Request Chain 334
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0 HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=5610494100543643409&gdpr=0&gdpr_consent=0
Request Chain 338
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZXpclcCo8YMAANVdOhgAAAAA
Request Chain 339
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=MnHKa4YKBiEV-eg2_qC9ltwXs7k1aWnZNxAQgGs3iPE&pi=gumgum
Request Chain 340
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum

352 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
heroinvesting.com/
Redirect Chain
  • http://heroinvesting.com/
  • https://heroinvesting.com/
229 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
15de52b25d63b3e1297b6a3b6f39d5113cc43bb2c83032edbb78e4bf963e81f6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
none
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 14 Dec 2023 01:38:25 GMT
etag
"3948e-d3s4TMsPaAOUhaVr2rWKqjzhoHw"
server
nginx/1.20.2
server-timing
total;dur=56;desc="Nuxt Server Time"
vary
Accept-Encoding
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-id
nzBKG5SAcNS6Z3cOmHmBKwcE7zUAvEu-C8oYMr0mDXzYVlHp3V64kg==
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Thu, 14 Dec 2023 01:38:24 GMT
Location
https://heroinvesting.com/
Server
CloudFront
Via
1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
X-Amz-Cf-Id
LHQSsOsWBrkFbotZzoNf6MSkjEqQ0Ktzbh_hGojA-DUOdetdx3ANPw==
X-Amz-Cf-Pop
FRA60-P3
X-Cache
Redirect from cloudfront
adgarden.js
adgarden.market/js/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adgarden.market/js/adgarden.js
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e00:3:6d3c:dac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
56939e06ab2cb38895d26a98e53f13e4fa8507be612ac0d2537b7f1c68988087
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
strict-transport-security
max-age=15768000
via
1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
last-modified
Wed, 25 Oct 2023 17:18:47 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA56-P5
etag
W/"1dc4-65394df7.36bb41c2"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
7620
x-amz-cf-id
I5jyqG4onvrYd3tM3Mum4OkSnhaAF_wvCCkvxmT12gUPKiScZV0gww==
fa550fa.js
heroinvesting.com/_nuxt/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heroinvesting.com/_nuxt/fa550fa.js
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
cd52d9c45a585c7ed813b9ddafdf51d15bef0ee23f12b30350ed61f3b9bacc5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:20:17 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 01:05:39 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
age
87488
etag
W/"1019-18c60b53b0d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Fsm0jwsLxUpo--yUyzHq53eQb67G2tSY0-edL_wIKKri0vl5J60zKg==
0c8f491.js
heroinvesting.com/_nuxt/ 		191 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heroinvesting.com/_nuxt/0c8f491.js
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
78b9d336523480e2595a92c19909379c57fd888fd0febfb8b3d225586ddae779

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:20:17 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 01:05:39 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
age
87488
etag
W/"2fa61-18c60b53b09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
aed4Tu1tlufLWHHSULZjDypN7ngoMhUEI-nbMSrI9nQGygPmqRBJPQ==
6d86b11.js
heroinvesting.com/_nuxt/ 		401 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heroinvesting.com/_nuxt/6d86b11.js
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e34c718c58bac46f45e18c7de762f490bf297d010f2b640190346be4651996d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:20:17 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 01:05:39 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
age
87488
etag
W/"6439c-18c60b53b0d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
SaUccwWHvqJcsd9M3H68grBWAZACOdEfGA4ZVXa9s6xH1stj9_IXDA==
3f9f0b1.js
heroinvesting.com/_nuxt/ 		123 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heroinvesting.com/_nuxt/3f9f0b1.js
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
95c1d3081fab890c2eb613eb4cc48915dd51324249a4b63596dddb11870098a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:20:17 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 01:05:39 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
age
87488
etag
W/"1ea3b-18c60b53b09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
LA_KUCbJ7ZP0VVJ32HBlUyg1CwmlcfmFwmvxoT4ICdGKYMBE0m_jQg==
23815c6.js
heroinvesting.com/_nuxt/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heroinvesting.com/_nuxt/23815c6.js
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
9ad3f7ed94da9ed82d9d55c157f591b8b2d18d277be0a37811714065d9f988c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:20:17 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 01:05:39 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
age
87488
etag
W/"1a86-18c60b53b09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
IiGHuOlxzqecbQHXzgHcZXSUvHeKzSrW2kvwwXk0EnCQ0hAO4ZvY6A==
0b58661.js
heroinvesting.com/_nuxt/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heroinvesting.com/_nuxt/0b58661.js
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
3a7982b8d656ef9ef62a5a8fee8bf2c4aed8e0ffcec8b0a8d43155ffe12b2d5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:20:17 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 01:05:39 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
age
87488
etag
W/"458f-18c60b53b09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
lPweDQ4UCe5cmhk6rQmw80tmOZacpnrB6gmZdQ5VxJLkYwv2q0hc4A==
2957b7a.js
heroinvesting.com/_nuxt/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heroinvesting.com/_nuxt/2957b7a.js
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
8a57de42d0833a00a1e8dd86578bc5aa67cb08b7d713e91194fa24ff73dfc67e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:20:17 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 01:05:39 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
age
87488
etag
W/"57c-18c60b53b11"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
nHyypjz1B9BxOOEl7Sfu3hBQaZGrNCZh9vp0zawyPOXZTUEYwyJkgQ==
6c3de1e.js
heroinvesting.com/_nuxt/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heroinvesting.com/_nuxt/6c3de1e.js
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
b66ff480a50248d84dbee2cd4e63d47b6e809b7a6d8b8bd425b879ef17af4fe2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 01:05:39 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
etag
W/"4b20-18c60b53b0d"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
server-timing
total;dur=0;desc="Nuxt Server Time"
accept-ranges
bytes
x-amz-cf-id
YuiK3B3-QVcO3lHwIGVSmGt5_jcASvy830TGGWvvbIzmNTw0bLFEaQ==
7af5397.js
heroinvesting.com/_nuxt/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heroinvesting.com/_nuxt/7af5397.js
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
10eeaeb69b1492d330ee1c84a643247c3911e0863c9875df5c9e88f8a3a12d21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:20:17 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 01:05:39 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
age
87488
etag
W/"4af1-18c60b53b0d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Iet5G_gBkUw1cvBEjitsCs6d1u_KSroseS06AWHaAEUk-JNEy881sw==
9e83ed3.js
heroinvesting.com/_nuxt/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heroinvesting.com/_nuxt/9e83ed3.js
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
cda916e31b503b3bd54dc7efc94c844cd3f272847ffdb0bc75d9bc41c7f76ee2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:20:17 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 01:05:39 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
age
87488
etag
W/"1697-18c60b53b0d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
9Jnc4ogSKMDEsOoRgausufWBKb3bH8QfG2XHKVXqEg-MYrFIhXsr_g==
910e002.js
heroinvesting.com/_nuxt/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heroinvesting.com/_nuxt/910e002.js
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
a250a617fd2dd89d950be12d819f28672cca4b7fdcc4160c647fb447c7d4e6af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:20:17 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 01:05:39 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
age
87488
etag
W/"4bf2-18c60b53b0d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
zKyPih1qM2KyAv_ArWN4YNXUbFv5UdORvlG-Nuu-riAZtm_eBSkHRQ==
8755d30.js
heroinvesting.com/_nuxt/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heroinvesting.com/_nuxt/8755d30.js
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
ee67a5dfcc355e47ce8620f4cd98e99bbc408a7d88530d1f40f5ad4653e0d12f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:20:17 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 01:05:39 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
age
87488
etag
W/"1b62-18c60b53b0d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
9qfaVtwoYq0ULl2KtfOHzlHPYLTvcsWOhnlbgMqWg7yHeiQ4pGXfqg==
5146c03.js
heroinvesting.com/_nuxt/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heroinvesting.com/_nuxt/5146c03.js
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
a2b5f1a74ee0bc02cdf170381f49339efdd6373f6ae5b786921c877653127ba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:20:17 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 01:05:39 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
age
87488
etag
W/"1397-18c60b53b09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
PwlO7c-vypbo_4XYkCP-h8xW1lQvugWxD1VkefRY0jmUsUwg6PUBjQ==
ef5d8ca.js
heroinvesting.com/_nuxt/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heroinvesting.com/_nuxt/ef5d8ca.js
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
02b6a4cea9e3cb9cae8bc6e8823137f630bc4bba3034e991aad496a143f9607e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:20:17 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 01:05:39 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
age
87488
etag
W/"97a-18c60b53b11"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
UYPgkjw8nGy5KdMyxtZ61a11s5QaVYambWKbC2fdXMgY2ucnciytHA==
eeb9f02.js
heroinvesting.com/_nuxt/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heroinvesting.com/_nuxt/eeb9f02.js
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
4e5f1b14f824baaaad1b124e0612095b690172c222fdc6ded6426f0dc8aac91a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:20:17 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 01:05:39 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
age
87488
etag
W/"1af8-18c60b53b09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Vgwso2HgGvTUPs8AxXdsCegfyL9DDm7S7ttAH-0dhYHVaZynXR1eQw==
f9718382f4ac8b8ecab5d3b19d3da446.svg
heroinvesting.com/_nuxt/ 		13 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://heroinvesting.com/_nuxt/f9718382f4ac8b8ecab5d3b19d3da446.svg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
a9b5d62445d48f75234b683670ffd3f95f5c7240decae3146a38f0d19abd76dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 02:58:57 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 01:05:39 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
age
81568
etag
W/"355c-18c60b53b05"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
v5Bz5OXdyadaW00kkj5NF9PhnWqRJ6n6lW8WiIpM4h2JlesqqGLa6g==
page.php
www.facebook.com/plugins/ Frame 9676 		45 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fheroinvesting%2F&tabs&width=360&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&hide_cta=true&appId=3624856587599651
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
36610f138aeb9e753446a1b66543a01475b655c4d5263dee82ebff410964ebf0
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heroinvesting.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 01:38:25 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
ai1x4YfToPbfOWvezNBSj+XG66VzCq/0F54KM+M4i/tzJz/H9/lfKvl93svW4a/73BqLDbOdl0ggjp1qbW7gUA==
x-xss-protection
0
heroinvesting.61dbeee.png
heroinvesting.com/_nuxt/img/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heroinvesting.com/_nuxt/img/heroinvesting.61dbeee.png
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
288d1aff6b40d91889a5f0efc906a5316d3f732641f32462f2ec4dd854f55981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:54:18 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 01:05:39 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
age
85447
etag
W/"5b89-18c60b53b05"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
23433
x-amz-cf-id
jbqKT0uCYbNss0_jPUkAYScIDHVh9vpCJm4qfW9-zepMADpdrbfsXw==
herosubscribe.962871f.png
heroinvesting.com/_nuxt/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heroinvesting.com/_nuxt/img/herosubscribe.962871f.png
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
f97b357206c08f2a73432addcaf75b90afb626778d60519bc830d33ca28b626c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 01:05:39 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
etag
W/"1de6-18c60b53b05"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
server-timing
total;dur=0;desc="Nuxt Server Time"
accept-ranges
bytes
content-length
7654
x-amz-cf-id
KtOvQwli6VgQltqtpENkwi_h3yJyrK9WOecOaAXy7AGTgoSy3E7CKQ==
Top-6-Best-Places-To-Retire-In-Panama.jpg
cdn.heroinvesting.com/content/images/2023/11/ 		137 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/11/Top-6-Best-Places-To-Retire-In-Panama.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d5915b502e41b30c5615303301c70515cc3a303e7fbc62dbcc1ca078935491d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
140273
last-modified
Tue, 07 Nov 2023 00:17:18 GMT
server
cloudflare
etag
W/"223f1-18ba72409e4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VugLgHqxcSf%2FYlgWd97NWYtFv20viI7%2F8IE%2FfUDFqsrK1oki1IiGcMDrZ5p8xf3I8CZGmARdp7jtybejGY8qm%2FYwfiw8sSHetDiDtFfolt4NBIs1Y3eJDSgT%2BjJMujufq9%2Bq6KzkE0%2BYR9EdYhbRGMLMN5M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2cad8c37d7-FRA
x-proxy-cache
MISS
4-Best-Places-To-Retire-In-Washington-State-On-A-Budget-1.jpg
cdn.heroinvesting.com/content/images/2023/10/ 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/10/4-Best-Places-To-Retire-In-Washington-State-On-A-Budget-1.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
009a6be7dbc551e6f53c525875fed89d7da48c41e5f1a123c38d91e4e4a9b846

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
137820
last-modified
Tue, 31 Oct 2023 17:47:20 GMT
server
cloudflare
etag
W/"21a5c-18b86d8da8e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=07e1mJbv7YoeEh1%2B0D6i78TMCKpk4wHOgL%2BCG49s4bTIc6FKGCHI%2F0Neau8N9v5Y9xQqiKhr7mmNXrvodU%2B%2BQYvVpA%2FbD42t%2F8o5qmz84tTk3SJmHzTRSqmFqD6yKqkmMbFFbcmSeAGJk5w%2F4mKeM0nmmAk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2cad8e37d7-FRA
x-proxy-cache
MISS
Hard-Money-Vs-Soft-Money.jpg
cdn.heroinvesting.com/content/images/2023/10/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/10/Hard-Money-Vs-Soft-Money.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0de5d56039ab501a4791d2db4f049e3ff363f97b64e9f4d7e5d4eb92ec058588

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
55610
last-modified
Mon, 23 Oct 2023 19:19:07 GMT
server
cloudflare
etag
W/"d93a-18b5dfa0011"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J7FulnSaSfNHJOfFo6LG8RWXNpG%2BqhSX%2BsbZK2M9CFkq1zaXyuCeziBSgfPoX9U6zCnVc5mYgZHoPml9v%2Fq3LIMRo%2FVE%2FntOVzx%2FUJl%2BHxaIIlqBtGcBq6czXbSlxE9tUnhE%2F6rWSVg2Gr0xU9dgn4plGcI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2cad8637d7-FRA
x-proxy-cache
MISS
Old-Money-Vs-New-Money-1.jpg
cdn.heroinvesting.com/content/images/2023/10/ 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/10/Old-Money-Vs-New-Money-1.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b5e700284424ca0cbe29494aeba247313172c1aea0ebbdf5c2790851ec89010b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
96336
last-modified
Mon, 16 Oct 2023 18:37:29 GMT
server
cloudflare
etag
W/"17850-18b39c761d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMVIr1%2B1ofyWPuQ9w%2BJdUAeiaQNWhs38Bj1YvYl94S7HUK3P8DzijAyJgpWgjs3Ux9Z0fd2HTxnCVM0Z7UC4Gf6d%2BA2tluKHSopJDBUiBnbnANZdgrp0K3dpaC71%2BudVhEqi9SAa6ErW%2BM9hDkUzWjEq1xo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2cad8837d7-FRA
x-proxy-cache
MISS
op-12-Best-Places-To-Retire-In-Texas.jpg
cdn.heroinvesting.com/content/images/2023/10/ 		191 KB
191 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/10/op-12-Best-Places-To-Retire-In-Texas.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0a8962b0bb1b97d791d1c4f031adbda78917d572becb7e382ee73841adae192f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
195273
last-modified
Tue, 10 Oct 2023 18:08:50 GMT
server
cloudflare
etag
W/"2fac9-18b1ac6fd0f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpA7ZNUEfvcE6QJuJTwx7tb8eN%2BaYooImQnJygz9Nwilp4NZ1pS6yFm%2B%2FEzZIwzLMh3FOlwEYaPAJ0cvM0mDmzlqedSGnt%2Ffh3ayiJIiRx8C4sAeQUgNZu1Eb2H5vYgDgFxC6yThubnL3jdVVsIBJLzqDws%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2cad8937d7-FRA
x-proxy-cache
MISS
6-Best-Places-To-Retire-In-South-Carolina.jpg
cdn.heroinvesting.com/content/images/2023/10/ 		159 KB
159 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/10/6-Best-Places-To-Retire-In-South-Carolina.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2e487fb39e7490a9f4a64909ff2874fe4bcea0a157f9b3746b3fe896c67069fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
162645
last-modified
Tue, 03 Oct 2023 17:18:28 GMT
server
cloudflare
etag
W/"27b55-18af68c5dbb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lRkB5cj1ORi%2FYOgqjCCbSg6lKl7XyTYFNLDyYxeAV8kh7B13vBk6oFaubXCczYAff9Xy4Go1w2DTzLxbgNhsVAUENyR7yCwf0wclq5he%2BsgbbH7m%2F7STps7LIygoIBeUSanCLeAnkiTye%2BcZ0xHPzXf3xrY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2cad8a37d7-FRA
x-proxy-cache
MISS
How-To-Sell-Your-House-Without-A-Realtor.jpg
cdn.heroinvesting.com/content/images/2023/09/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/09/How-To-Sell-Your-House-Without-A-Realtor.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
25581311dd8d50e3059dab384f4c34c4ab6c3cf50ad6f56af4a85e07321c169c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
70871
last-modified
Wed, 27 Sep 2023 17:20:25 GMT
server
cloudflare
etag
W/"114d7-18ad7a7fd20"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVPJKP9IbcQ46kAmhihgHZnsmxjAD%2BA0cPHEK5YUuzkpAvO093opwUuw0q4YxR0J7PKjxV80zm0vJn%2FRTlyPqhxFbGPWS4GcWBJfvD70oVbJ3tQWCVfpW11WLBVpcKJn%2BwedKanR9x3AA%2Fi%2FmKx2kH%2Bo0Yk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2cfdb237d7-FRA
x-proxy-cache
MISS
The-Girlfriends--Wives--And-Ex-Wives--of-Billionaires.jpg
cdn.heroinvesting.com/content/images/2023/09/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/09/The-Girlfriends--Wives--And-Ex-Wives--of-Billionaires.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4a123bff683144a7ecc232725e55af4c182a03dfa634d5d39f0da05c09d8f633

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
129735
last-modified
Mon, 18 Sep 2023 21:14:30 GMT
server
cloudflare
etag
W/"1fac7-18aaa25100d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1FgNuUrZp7pSiJvnySV3jQP8HB7FZTJOTNWRPGZB1Wlu6KDv7BhI1HPK%2FnFe5qZxKSWcxQ8HKkiZf01CycLbkLhpjDaCWS2TdJ96CYjS3rw92rfZy0X0BthP6v53juLHTBbg1xeR1R%2B2o%2FnLv95mpbeT3I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2cfdb337d7-FRA
x-proxy-cache
MISS
how-long-does-it-take-to-sell-a-house.jpg
cdn.heroinvesting.com/content/images/2023/09/ 		176 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/09/how-long-does-it-take-to-sell-a-house.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c59c29f4f48ecb4bb4bb5ac8544ac47ab9fb06c3ae03f0a5af4b94e50886e4b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
180090
last-modified
Mon, 18 Sep 2023 20:04:43 GMT
server
cloudflare
etag
W/"2bf7a-18aa9e52d70"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvYxrn8OmFibMOYHE0oPeCYBGKQgtMnkHNo4jUvXNxZMDafFy9XmKKBzc%2BAW2gXekaNBDhozNx9oYfxXLKF2heQNcry9NnjA00Lwrdk6YPHXV7o6JoAXJyuCTjMEabab%2BDIS5YxSaflMoCOA0NmEFCThdfk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2cfdb437d7-FRA
x-proxy-cache
EXPIRED
roboto-v29-latin-700.woff2
heroinvesting.com/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heroinvesting.com/fonts/roboto-v29-latin-700.woff2
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Request headers

Referer
https://heroinvesting.com/
Origin
https://heroinvesting.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:54:18 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Thu, 17 Mar 2022 00:04:00 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
age
85447
etag
W/"3dd4-17f95303b8f"
x-cache
Hit from cloudfront
content-type
font/woff2
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
15828
x-amz-cf-id
9lHMLiz0NW4HRIQbRnY_WwWzK9Au2u_X0QiMjFT3VnKL2c-LLpp4hg==
roboto-v29-latin-regular.woff2
heroinvesting.com/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heroinvesting.com/fonts/roboto-v29-latin-regular.woff2
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Request headers

Referer
https://heroinvesting.com/
Origin
https://heroinvesting.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:54:18 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Thu, 17 Mar 2022 00:04:00 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
age
85447
etag
W/"3d48-17f95303b93"
x-cache
Hit from cloudfront
content-type
font/woff2
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
15688
x-amz-cf-id
UEFmDVOlPPMBaXgkjeX4pGga0TjgSYfIT1bwhUzZQMNl9UJp7FggxQ==
roboto-v29-latin-500.woff2
heroinvesting.com/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heroinvesting.com/fonts/roboto-v29-latin-500.woff2
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Request headers

Referer
https://heroinvesting.com/
Origin
https://heroinvesting.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Thu, 17 Mar 2022 00:04:00 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
etag
W/"3e30-17f95303b8f"
x-cache
Miss from cloudfront
content-type
font/woff2
cache-control
public, max-age=86400
server-timing
total;dur=0;desc="Nuxt Server Time"
accept-ranges
bytes
content-length
15920
x-amz-cf-id
3_tx69UEG1FF0qfQAPS30HHhMAWQHnixgzGC7htyaNQoZGDjyMEryw==
roboto-v29-latin-900.woff2
heroinvesting.com/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heroinvesting.com/fonts/roboto-v29-latin-900.woff2
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Request headers

Referer
https://heroinvesting.com/
Origin
https://heroinvesting.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Thu, 17 Mar 2022 00:04:00 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
etag
W/"3d6c-17f95303b8f"
x-cache
Miss from cloudfront
content-type
font/woff2
cache-control
public, max-age=86400
server-timing
total;dur=0;desc="Nuxt Server Time"
accept-ranges
bytes
content-length
15724
x-amz-cf-id
cC_CpPK11Ri7vcBUjcNIOGgFtxGT66oig7RMbzsSXII_civ129H0vQ==
vRL9rGsaHH7Mx6NDN
vrl9rgsahh7mx6ndn.ay.delivery/manager/ 		750 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vrl9rgsahh7mx6ndn.ay.delivery/manager/vRL9rGsaHH7Mx6NDN
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8a0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c350eb652edc57b4c0c35709ad32046d7940f195ddfa2038a343f8889b3c791

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"662d25e368a1b39274864c82"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DjT8dBo0zIYolhTIpxoaonaxvfO0xtTz8aHV4reO2UDIDYqCHbLRse9QAVsnOIsjb2o34QqSGEiZ2ZkmH6aemO19vZeAehgxjmIdYqi9MtyejpCGlCLRXrWX6feTc6Vq5izb4PVH%2F6thgqFnkZSIMnC2ZqAmeq4AnuDzcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
cf-ray
8352ba2d7cad3734-FRA
link
<https://securepubads.g.doubleclick.net/tag/js/gpt.js>; rel=preload; as=script, <https://vRL9rGsaHH7Mx6NDN.ay.delivery/manager-script/yield-manager-script-v2.2.16-prod>; rel=preload; as=script, <https://c.amazon-adsystem.com/aax2/apstag.js>; rel=preload; as=script, <https://vRL9rGsaHH7Mx6NDN.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L>; rel=preload; as=script
alt-svc
h3=":443"; ma=86400
vwpt.js
static.vidazoo.com/basev/ 		229 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/vwpt.js
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e605414c5d690913c053ec344fd3fd58b19ecd5f111fb05e4e912bc52a77fa66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
EB02XRDB0TC79R9Y
age
66953
x-amz-server-side-encryption
AES256
content-length
56429
x-amz-id-2
Gjj2gR7fkNOHvMNgNKhEEGKw19EV5dAa7tPVMEoe8ruEuGaz8wl5/6rjuVpxozOHec8sw72VWbA=
last-modified
Tue, 07 Nov 2023 11:26:12 GMT
server
cloudflare
etag
"576a1e0bb56226dbd3a2a239a03e01ae"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8352ba2d18b66ae2-FRA
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Fri, 15 Dec 2023 01:38:25 GMT
latest.js
static.kueezrtb.com/ 		439 B
758 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.kueezrtb.com/latest.js
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fbee40d848d6df79b375ca87bdb53f4e97bfb3c6dc2a1d03cb8fd74a395eca4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
P4TPETV18399ATPW
age
1508934
x-amz-id-2
6irYq/BhoH37vkqdxq3uzRnhwxtl82MaSNHQhwBQbYnnrRmitR/ZKr70OEy2oXFAG4WOvr9NxC0=
last-modified
Sun, 08 Oct 2023 15:41:30 GMT
server
cloudflare
etag
W/"f89c5fc5dc377ecc028df3e7a69bce1d"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods
cache-control
max-age=31536000
cf-ray
8352ba2d0b605c32-FRA
js
www.googletagmanager.com/gtag/ 		244 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PNTYD12RWN&l=dataLayer
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/6d86b11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7b46c964eee482ba234ba35d88c8272c386719dac81448c7032373dfe6a7c5af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86180
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 14 Dec 2023 01:38:25 GMT
9cf8b1f.js
heroinvesting.com/_nuxt/ 		49 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heroinvesting.com/_nuxt/9cf8b1f.js
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/fa550fa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
dcb0e94d9309114999e91c29c6261aa10511135be61a235bceeaec91a4381ec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:20:19 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 01:05:39 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
age
87486
etag
W/"c390-18c60b53b09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
0U3Eeks4F_rl0UmmDaduDcvzuHmP9HoNMbjOAqUG8ZUtzEwAmx0d_A==
op-8-Cheapest-States-To-Buy-A-House.jpg
cdn.heroinvesting.com/content/images/2023/09/ 		136 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/09/op-8-Cheapest-States-To-Buy-A-House.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ddc3c129677114da7c0f261ded73146caef312f0c819bc69d7336c9ab24edc66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
139620
last-modified
Mon, 11 Sep 2023 17:34:33 GMT
server
cloudflare
etag
W/"22164-18a854f2ef7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0dQr%2B6ifNh90SsWJR0DE4p108xWtN%2BRpfSoCfXVu5ZP0DEg%2BPF7nkkM6fXbpB4ue3KTRZFAsE23zTajaMmcovdRzS1Fp69F6IIALayxhp7TbBcDxvJul%2FCxZbrlZmeXAGYupUDrl6NCZCGQ8jLlpU1b%2BZk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dae3737d7-FRA
x-proxy-cache
MISS
How-to-Make-Money-in-Real-Estate.jpg
cdn.heroinvesting.com/content/images/2023/09/ 		117 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/09/How-to-Make-Money-in-Real-Estate.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f2136cad836f6718b547510ddc64eb39360e8ab7ba83b09aace7444b4be3820a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
119915
last-modified
Tue, 05 Sep 2023 19:46:35 GMT
server
cloudflare
etag
W/"1d46b-18a66e1e73c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4BOjTNRA8gJhK8Pkl0ZNZpPX3sEYoIhA%2BBJqAe0lOwZdRBNLdLZ7P7S0kLhsvvJUouGFIfrqUr%2BP6HAv%2FVeymWcZbz5OprJzn%2Bygut%2F7PDkUrs%2BZbeaLHp2SYkK%2FkPvyCooGaIi%2Bd8qUgEu%2Fd8RhTY%2B91o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dae3837d7-FRA
x-proxy-cache
MISS
Assisted-Living-Vs-Nursing-Home.jpg
cdn.heroinvesting.com/content/images/2023/08/ 		117 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/08/Assisted-Living-Vs-Nursing-Home.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a1082fad1c573f075461d23efa791f3f1a0f52d4e8d21c4fa9f99527660052a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
120175
last-modified
Mon, 28 Aug 2023 18:42:51 GMT
server
cloudflare
etag
W/"1d56f-18a3d74ae8d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2UJZ6iNlGRT6T%2FRDkhNxc%2BCJ%2FxiZnIomeghxl7Z5qgoaCVN%2Fc6pcQfPb%2BIumbfYJvFd8P84dqiJl9lPKBZ6mIuWPC%2ByXe42XeqSnPR%2BnUuZvkXEfdxi0S5C%2B7M8zGN%2BY6hv3UOylaHmVhYuqJCxI%2BsE33U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dae3937d7-FRA
x-proxy-cache
MISS
How-To-Retire-At-50.jpg
cdn.heroinvesting.com/content/images/2023/08/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/08/How-To-Retire-At-50.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a0046a671aa51cf5e7e32ff8472fb5cedb4ca0b30e1fd5cbbead849cfa241db2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
58228
last-modified
Mon, 21 Aug 2023 19:05:03 GMT
server
cloudflare
etag
W/"e374-18a197c7c15"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdFOqKtKNczjcUaggYeExvm9u9bpUONgCM%2FnYJ5MZBY8OEz6BdXP825mXs4nfYZjtLfncd2QMdu5xCKQuX7GPvBhr3%2FNaaQvAVper0BmrBY4nZwREFt%2FP2tz1EDuTk80fZA8CdNO9q5KbPzT8QlvjNEQL2k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dae3a37d7-FRA
x-proxy-cache
MISS
8-Best-Places-To-Retire-In-Spain.jpg
cdn.heroinvesting.com/content/images/2023/08/ 		214 KB
214 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/08/8-Best-Places-To-Retire-In-Spain.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f9b01a3da483e7102d50a7a205a0f52f0966cdbbf098aa9d997d2a549fe3fdf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
218865
last-modified
Tue, 15 Aug 2023 17:19:41 GMT
server
cloudflare
etag
W/"356f1-189fa35dd34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7YG260jG57eSGt1NNfEIuimC7FadDFg1fO5ojogd%2BxDtlMad%2BKxnAJ13GQ11EPD5ZL1YUX1EhyLHqE2W6l5fHECsdhSS4uep33g5Gm7mt8lvVeicYoDG28z5bgavRS5yVT4d2%2FNQcfwRAYkEP7MkbuiGfHE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dae3c37d7-FRA
x-proxy-cache
MISS
70s-Stars-_-Then-And-Now-v1.jpg
cdn.heroinvesting.com/content/images/2023/09/ 		140 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/09/70s-Stars-_-Then-And-Now-v1.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
47e0c902d11889abf7a636c8e981d7653995c8b30c22f7d01233275e199c3c81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
143730
last-modified
Mon, 18 Sep 2023 18:39:53 GMT
server
cloudflare
etag
W/"23172-18aa9978356"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THcuzXiyOBEM3r80A3KvJ361agExt0qTT1YXcFkRiQH%2F07h117G92q3GLR1KdXC%2FUTpT%2FBU38eaH99NBZm0Dms3BGAgeUR3oQb6Oi%2Bc6dFTkuuXKFB682yAi%2FE907zc%2FSpM2gV2CspbcvHd2TDAGhW6i1iw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dae3d37d7-FRA
x-proxy-cache
MISS
11-Signs-It-Might-Be-Time-For-Assisted-Living.jpg
cdn.heroinvesting.com/content/images/2023/08/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/08/11-Signs-It-Might-Be-Time-For-Assisted-Living.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
10e85cad8aa79f58268db0ff78f64523fd0bdf5a4e2d8286a49f115f8a86a4cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
81513
last-modified
Tue, 08 Aug 2023 17:59:11 GMT
server
cloudflare
etag
W/"13e69-189d64d8454"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c12tMsXasxnGkGzdFSHveHKiCRaVEm7kQaytTHTYLpb6VpvqepiIFFJXX0I4KbHQCe%2F4bKm4RCaXndeKhUh2irrAfSVKUODZqxQ5J71NeSZw%2BunEFrAYSMIEVrqZ2Ij5J7iHFeExoT2AjUm1vB2nZlMy19g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dae4037d7-FRA
x-proxy-cache
MISS
Celebrities-Who-Now-Work-Normal-Jobs-v2.jpg
cdn.heroinvesting.com/content/images/2023/09/ 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/09/Celebrities-Who-Now-Work-Normal-Jobs-v2.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9ddf06ff4aef8ed10ffc56e31c2e1bdd78a28481a39971a8e11d25cc64cb2b84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
169711
last-modified
Thu, 14 Sep 2023 21:08:30 GMT
server
cloudflare
etag
W/"296ef-18a958620c1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FJiBPRgBUICjiuzRTO4GLAoH7rL5d8uLOkgaooECZGcBEh0EQYjqpAPtiMCiyqGLcMeiikeYMaSSW%2BXBUnyfess3YbRhDnEE5mJdnEuJjzl%2BEU%2BPpCiUlufviOF%2BTUYkd4G4NhwRGbwxEs%2BV36hQIgASWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dae4237d7-FRA
x-proxy-cache
MISS
Child-Stars-All-Grown-Up.jpg
cdn.heroinvesting.com/content/images/2023/09/ 		150 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/09/Child-Stars-All-Grown-Up.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2ee5b4a88b61a823f3d2a8d95f77460081b9c656e513c346e163f721d936cc5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
153669
last-modified
Wed, 13 Sep 2023 21:11:31 GMT
server
cloudflare
etag
W/"25845-18a906289fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HyNqd9O89pRCUkuDAXt%2FED02Ke6ZkiydRWsPFCgYrmQb4iKWo8su%2Fv0P1FQ%2Fxw7u0bPKMGLI6xLUr3DnZJmuZ2yWbmRbg8L1h%2FQf4KthVCwnTMgTNMiCiDXm%2Fon%2B6XkiqgUF15ZPYaipK3N4skGbRnLR8bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dae4337d7-FRA
x-proxy-cache
MISS
Richest-Celebrities-Net-Worth-Revealed.jpg
cdn.heroinvesting.com/content/images/2023/09/ 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/09/Richest-Celebrities-Net-Worth-Revealed.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b183decea5d7862cd0a2249dd1cfbfff7b9361506d61c12100b527260508bd3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
169506
last-modified
Wed, 06 Sep 2023 17:04:26 GMT
server
cloudflare
etag
W/"29622-18a6b73cecf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRR7P3B5VFDPX2RW0iakzQE09u%2FrXKWOTiBrCD0uVNkW8IZVDI9dInj3FtvbubF6uomtwdaTbG%2F3Dhn5Vmf%2F5nd%2Bjleg3tIRG1PlKjeBeGxxNCo8KyNJlygOJFBvfoDc1MijCJ9brQSB6oQioBLqigN%2Fc90%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dae4437d7-FRA
x-proxy-cache
MISS
Mansions-No-One-Wants-to-Buy-for-Any-Price.jpg
cdn.heroinvesting.com/content/images/2023/07/ 		202 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/07/Mansions-No-One-Wants-to-Buy-for-Any-Price.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2b809092933155217e4c079a6ee4f9f222dc7bda019697017a481d825e5c93fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
206498
last-modified
Mon, 31 Jul 2023 21:37:41 GMT
server
cloudflare
etag
W/"326a2-189ade2adf7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tY45ATvbebazMz%2F1jeTFMCmU%2B14N1vMalU5e4JZ2InRdaWRwqBIN7JTZaIiD4QDk1fpwsQODWg8jHvfzjQLZGZWjiteEnsDqSFUZhol2BeSCswEM06239DHO8d7me4815iDAM91cWPSZy9YC%2F8fKqci7OvE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dae4537d7-FRA
x-proxy-cache
MISS
Abandoned-Celebrity-Mansions-That-Can-t-Sell-For-Any-Price-v1.jpg
cdn.heroinvesting.com/content/images/2023/07/ 		189 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/07/Abandoned-Celebrity-Mansions-That-Can-t-Sell-For-Any-Price-v1.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cd132dc9cbf1505dc2496fc0a6401fe0b71731536bce145f02911957c1a82747

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
193936
last-modified
Mon, 31 Jul 2023 19:15:46 GMT
server
cloudflare
etag
W/"2f590-189ad60bf59"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWG48f3%2BM%2FwGYdgK2sBU6FThMZO4pm4zdEBu3vK7nwTHfYS%2FliCiAtChDjkcJoU6r1hzEsJdRrIUGMVR3dNRWX75%2FIft1ZYvCPkDgcGfLAx7ZlV52zMo3xhNms4Hb82eU%2BgIl9hAClOz4GOEO6%2F18Z5S530%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dae4737d7-FRA
x-proxy-cache
MISS
Legends-of-the-Land--A-Look-at-the-World-s-Most-Famous-Real-Estate-Investors-1.jpg
cdn.heroinvesting.com/content/images/2023/07/ 		154 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/07/Legends-of-the-Land--A-Look-at-the-World-s-Most-Famous-Real-Estate-Investors-1.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
af377810107047cffd1cbb097f000d85002b82817de4f80fcfe5189de0311809

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
158050
last-modified
Mon, 31 Jul 2023 18:58:50 GMT
server
cloudflare
etag
W/"26962-189ad513ed6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=foz4t9owqKJA82PNHaBa%2BPcHJfQNXJV0%2Ff9QBSMXA0ewVB%2BV%2FrjZ8H8Q81bv4SpXBfBum3wAQtngTv%2By9zXXMMj0aujTQa7neN5I%2FgRzYvrC8QlcLI5v8F6aTmbeDo4j0l9b9ed571vjxDkPjKUEB3rZtPo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dae4837d7-FRA
x-proxy-cache
EXPIRED
Hilarious-Boat-Life-Is-The-Only-Life-v2.jpg
cdn.heroinvesting.com/content/images/2023/08/ 		143 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/08/Hilarious-Boat-Life-Is-The-Only-Life-v2.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
30bbd756bf57f0ab238ae540e25864babf2bc5cae06da6d297ef07e769468c35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
146820
last-modified
Mon, 14 Aug 2023 16:04:48 GMT
server
cloudflare
etag
W/"23d84-189f4caf453"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WK%2F%2BHzBdkNIPXN5WHBHaZQx3Abg0R5bg3JykLYC7mz2YHYlYtr28M3PldVe4eIN6e041KPHinU%2B1Tvfh8gtelvrer8Kmmwqh61cL10gC3LNxEDlQ4vf9C5%2F1oQ%2BZj49W1CsYEil1p7V2XRHT2bBWaa76oRs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dae4937d7-FRA
x-proxy-cache
MISS
Are-Texas-Municipal-Bonds-A-Good-Investment.jpg
cdn.heroinvesting.com/content/images/2023/07/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/07/Are-Texas-Municipal-Bonds-A-Good-Investment.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5bda6629647f72090e2e060d37a82b896e5db4c4f292a27c711713bb4af566ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
98149
last-modified
Mon, 24 Jul 2023 18:28:39 GMT
server
cloudflare
etag
W/"17f65-18989291995"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3TmdfiddG4l28%2FnhOSGRAqL0F2VYe07dmYQHSLAn1lOsXLvBBBUscFAe%2FVIKQobzJnks3IndiMNDyd42IwHT9zeGHqNtwkEbT%2F21Dp%2FD8IVuTB2odKvvok92EpzaacjcLKPddq5j8aJg47%2BOM0hRZ98gBc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dae4c37d7-FRA
x-proxy-cache
MISS
Beautiful-Actresses-Of-The-1980s-Then---Now-v3.jpg
cdn.heroinvesting.com/content/images/2023/09/ 		139 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/09/Beautiful-Actresses-Of-The-1980s-Then---Now-v3.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5d90313e752d9a70502b59e6a405b2dd9bfe407becd61f1cc44e2a4c988478aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
142535
last-modified
Thu, 14 Sep 2023 22:43:31 GMT
server
cloudflare
etag
W/"22cc7-18a95dd1ff7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUp04mFS9j1SXFmeURN9%2F512J34pUi1IoiBI4xuN%2BtpriZvCObHWzj3QyCwJ4bpXBn62MmgFTCK8%2BinjWunLcEVC1zGZNCVoyfRJ9kzXrT3RrnBoe30%2BPzzSn1OP9iMTXFjgefaEfSU%2BnueNy4w9qrPN%2F6s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dae4d37d7-FRA
x-proxy-cache
MISS
Most-Unusual-Shoppers.jpg
cdn.heroinvesting.com/content/images/2023/10/ 		167 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/10/Most-Unusual-Shoppers.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
dc3b896b624e3166ce5175285bfa09e99afc2888caabb96b5f0473f0ca3bb036

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
171161
last-modified
Tue, 10 Oct 2023 23:48:43 GMT
server
cloudflare
etag
W/"29c99-18b1bfe29d5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0o9xNZHqcY2Oi%2FutBRjpZ477%2B%2BE9xjf4wsKDULhB3aJ1900kIfahl4AetlxTON9VUamJwK2Jk4gfO%2FK1gInUK5psjGEYbqlxgdZxkGrizU7nBJKIbQzn0%2BtOCSimcybd%2BZ%2F8X5JyPZvoduo9S%2F8pRzYleg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dae4f37d7-FRA
x-proxy-cache
MISS
Unlock-Hidden-Wealth--Exploring-the-Most-Valuable-Collectible-Investments.jpg
cdn.heroinvesting.com/content/images/2023/07/ 		162 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/07/Unlock-Hidden-Wealth--Exploring-the-Most-Valuable-Collectible-Investments.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8712124400acb4adbdf68dfe256b6c07b1f0a20c43a28d58783001891e9be999

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
53901
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
166219
last-modified
Tue, 18 Jul 2023 16:56:24 GMT
server
cloudflare
etag
W/"2894b-18969ee7df6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SfmlQVSxVR8%2Bh2JzleZ%2BFGz0aep2Uk1ShlyQbWxdPoHsbWNLAkSo6ZlxceBFW6PYaP7PE3%2BL5ZYG%2B7E%2FwSOiP1t7VPg4ZQwmKoqD2cgAQAv0yGsOlvZW7PcbnGhGlGfQhqnbcfamd9jHXDC071dcfEgIZC4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dae5037d7-FRA
x-proxy-cache
MISS
Profitable-Paradises--Top-Mexican-Cities-for-Real-Estate-Investments.jpg
cdn.heroinvesting.com/content/images/2023/07/ 		203 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/07/Profitable-Paradises--Top-Mexican-Cities-for-Real-Estate-Investments.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0c0dbe11130009b028ada6960f7e69e3d1c24cdd4a4294af0a9778339f1be6ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
53858
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
207598
last-modified
Tue, 11 Jul 2023 22:08:42 GMT
server
cloudflare
etag
W/"32aee-18946ffe3e2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZquA69Epc%2FoJ%2FF0VUa7NnaWgYb7G7Rfnyq2xN3RN%2BzdMcSIAvCuuhyFCWr3hWcoEae4FweYR7gnUxZrpmF08EKgWMLwiOrgN3P9y5bKzgPnpNU49iiN55PUOCIpiAmb6X4KRJMaBgQJU24WvNr4yDfF2nBA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dbe5337d7-FRA
x-proxy-cache
MISS
Rarely-Seen-Pics-Of-Hollywood-s-Classic-Screen-Beauties-Colorized-v1.jpg
cdn.heroinvesting.com/content/images/2023/09/ 		158 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/09/Rarely-Seen-Pics-Of-Hollywood-s-Classic-Screen-Beauties-Colorized-v1.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b00e095c26a1cf90a20a5f74241458ed7f467d10fe92713efaac6b9e558f5d56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
161439
last-modified
Mon, 18 Sep 2023 20:13:22 GMT
server
cloudflare
etag
W/"2769f-18aa9ed17b6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2lZiLjRd04J3FPPMqpV7l8MydH%2FLT6%2FefZR1wgAVJT3mds%2Bb5Y%2BXw%2FKspGacHu3f8kDhwZyLrtoygTTHxe1KGoJNRuUM%2BEP6Z85ZFW5IIbVuLsSDI8ay0UyS5g4%2B4wTnJDGaJkbfc9DQUPu96%2F9176i2w04%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dbe5437d7-FRA
x-proxy-cache
MISS
Diversifying-Your-Portfolio--How-to-Get-Into-Commercial-Real-Estate.jpg
cdn.heroinvesting.com/content/images/2023/07/ 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/07/Diversifying-Your-Portfolio--How-to-Get-Into-Commercial-Real-Estate.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
69c45b9cb0396b768d7bf68dbe59a89f7d5905bd6bf47656d7c7ce590707c2e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
118664
last-modified
Tue, 04 Jul 2023 19:50:55 GMT
server
cloudflare
etag
W/"1cf88-18922753b1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKyq2mFD1M5gbsAEpD1kFSKeexHqThhhvErrmDXZnMnJUlDoa3wmWGONfJLEt5mN6zYjTpkthsiwKrcf3bEaPQKdYY5R2lJfqo45CwndTy6onPCYVQCtiUuUODAepoXNypZWlDk29%2FZnhW6zjNOI9bVyGHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dbe5637d7-FRA
x-proxy-cache
MISS
These-Work-Mistakes-Are-Too-Funny-To-Ignore.jpg
cdn.heroinvesting.com/content/images/2023/09/ 		162 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/09/These-Work-Mistakes-Are-Too-Funny-To-Ignore.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fcf2d590317ceca4857d61b3de3861dc72cd6b3632daa57ad50fe047bec60614

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
166111
last-modified
Wed, 06 Sep 2023 17:44:09 GMT
server
cloudflare
etag
W/"288df-18a6b982a6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhHZzxx2%2F960o4gPR4ggjVjwJL8v1ofYlKt2ozCjLNAZNKOcAVeqiyOZvkIoaR9434UqFfbdpjjbK%2FIFm%2BGH9njbwC50hlRuz%2FKw1sbZHmk9IceDwnTqVvi9T0dQBniAzU5R1scxOqkNxXEIVvQz4CgcOm8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dbe5837d7-FRA
x-proxy-cache
MISS
Hilarious-Weddings-That-Didn-t-Go-As-Planned.jpg
cdn.heroinvesting.com/content/images/2023/09/ 		160 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/09/Hilarious-Weddings-That-Didn-t-Go-As-Planned.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0adf3c9350c649d2b7218be2bf95e0d362cfd57f73ddf4373f252fcebe4cb0a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
164073
last-modified
Thu, 14 Sep 2023 21:53:58 GMT
server
cloudflare
etag
W/"280e9-18a95afc104"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCfSDY3SWvGTRBxhPQ%2B40QdPSxpo0%2BuX2PIcCWGxnz1jg8%2BngMxNAg2t3%2FLAttSTG2EQnczVyZ6hFPFl%2FcYOYp7T1rBBRgPGCv0Q3G3xpEgRP5bFlaxZ%2FbzL%2FVog9x8MCK%2Fw4rLKkI7cn5fLGxED3z8FOEM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dbe5a37d7-FRA
x-proxy-cache
MISS
Inside-The-Most-Extravagant-Celebrity-Mansions.jpg
cdn.heroinvesting.com/content/images/2023/09/ 		210 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/09/Inside-The-Most-Extravagant-Celebrity-Mansions.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f4e357ce8bcfae0dfa36a5705311291180ea2bc11f8e5b182685383e088b16d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
214806
last-modified
Tue, 19 Sep 2023 19:32:57 GMT
server
cloudflare
etag
W/"34716-18aaeee7510"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAi0bRs28Brq7mlUyrfynln4ljEPAAW8Tvc2TkbkAPKGzLq4aFSCeCtC0sZIudqxz97aC5Fae1Vq%2FQMxFLEWFnqI4rZOeO%2Bye2AYHrcTPRAu3EcxumBXtgG8cm1tXjO5hEfznwqnAIXeMju7FqQLDCDgJ3M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dbe5c37d7-FRA
x-proxy-cache
MISS
8-Best-Places-To-Retire-In-Tennessee-1.jpg
cdn.heroinvesting.com/content/images/2023/06/ 		155 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/06/8-Best-Places-To-Retire-In-Tennessee-1.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2f81a0db72dd60cad903ccf6f4cb0eb23de179c450040731b5a5e90fca85840a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
158723
last-modified
Mon, 26 Jun 2023 21:05:02 GMT
server
cloudflare
etag
W/"26c03-188f98637aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0koIFA0U7yaYL0M2VCRtnr%2Fxx2Z%2F7CA4gS1HClfEvVuJET%2FFkDy2ADIHWTJfYC37ywaQIL%2BS3quaBcGla3QghzcOuVgee3IPG%2Bc%2F7ZH5YQ2XNSbol%2FJxP4U1eX5V9spEzx7xOm1lb9YbGyK77%2FG8xOmVOo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dbe5d37d7-FRA
x-proxy-cache
MISS
How-To-Negotiate-Credit-Card-Debt.jpg
cdn.heroinvesting.com/content/images/2023/06/ 		117 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/06/How-To-Negotiate-Credit-Card-Debt.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
21ab500bcb9567d957868c369e32d24e3de5c9d0077037a528b0e43ade895d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
120078
last-modified
Wed, 21 Jun 2023 17:47:36 GMT
server
cloudflare
etag
W/"1d50e-188df11aaa1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dq3UoNOjUHzlrjcp3y53n%2Fed%2F3VL%2FWjfQpyrauQOicKSjHOT%2FBvtDCxnAVWFsIK3voI2MZUwoluI37JNh3zmEiYrIthUrVEqT%2FMFqlPCNiffPk8jMEMmgTDOB11XccIXbQvOAuZWwfSWtBWfhkU5ON76lm0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dbe5f37d7-FRA
x-proxy-cache
MISS
Header-TemplateDiversifying-Your-Portfolio--How-to-Get-Into-Commercial-Real-Estate.jpg
cdn.heroinvesting.com/content/images/2023/06/ 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/06/Header-TemplateDiversifying-Your-Portfolio--How-to-Get-Into-Commercial-Real-Estate.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a419430671c692bb6feaa153dd70c8cb45d7330af771945627517c69f9178e1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
139271
last-modified
Tue, 13 Jun 2023 00:16:12 GMT
server
cloudflare
etag
W/"22007-188b21c311c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUdgz5k4JdsXpLX9Ib5Ak1wL27QyebO%2BUF5GC6s1FZQK2UjU%2Fk263Ar%2FDwlMHdwoZYAtiXCspniDJjck0o3wQ9DmQ9KgGmAxciOTv6Hqnikq91kxzbj%2B6bHxBcFWVkGEMIJQzmCfHG4%2F2wjOCopz00Ok7Ss%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dbe6037d7-FRA
x-proxy-cache
MISS
Wholesaling-Real-Estate--A-Beginner-s-Guide-to-Profits.jpg
cdn.heroinvesting.com/content/images/2023/06/ 		187 KB
188 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/06/Wholesaling-Real-Estate--A-Beginner-s-Guide-to-Profits.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ff451152a1b8870a4eea684a88cebe0e7c2da192ef293cf24ca8f7df671fc60c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
191932
last-modified
Thu, 08 Jun 2023 16:34:21 GMT
server
cloudflare
etag
W/"2edbc-1889bdbed1f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fvrso127bQ7p9COpeD0qAFisBixz1KuBRj1Yvhh0i%2FQs8Lvsuomm0llH65fA3kutEf31k7UQsAYlc0pjErTVQeovTfCWzlAIeLcTvZrkbMd3NrzOfCFYhiPaZlQFFPk%2FkgzNOzQFV9QvWGUIDSRu9TV89xQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dbe6137d7-FRA
x-proxy-cache
EXPIRED
Try-Not-To-Laugh-Weekends-In-America-v1.jpg
cdn.heroinvesting.com/content/images/2023/09/ 		150 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/09/Try-Not-To-Laugh-Weekends-In-America-v1.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
bf4aee80fda9289a2513b0a11860587a459ffff6f514377f4144f3b49d131923

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
153357
last-modified
Wed, 20 Sep 2023 16:25:24 GMT
server
cloudflare
etag
W/"2570d-18ab3691b9c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UjUmu4b6RoiGRfg08HezeJvePsadY%2B%2B%2FZWVzvlJp020amLvdw%2BoMhApZaF2IBZ0%2Feg%2Bq1rWrPB6vlzHR6RtL13lCDzKIuc6DtOZXafM6YFDzikKY0oCsmjzXuE4%2FcCvrfctyIkYzP2NYQvduT6ocoRiR2HI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dbe6237d7-FRA
x-proxy-cache
MISS
8-Best-Places-To-Retire-In-California.jpg
cdn.heroinvesting.com/content/images/2023/05/ 		209 KB
209 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/05/8-Best-Places-To-Retire-In-California.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0e9bc90553426ee05176b51669d1158118047057a21b7210e2b3949867552607

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
213944
last-modified
Wed, 31 May 2023 16:13:16 GMT
server
cloudflare
etag
W/"343b8-1887295c125"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0HNBcp3qLo4lQ6Sz9VgSAyI%2FxuwSOBtXz9kiTKWDZKGtc0k7iewN3%2BNlwjIWgTdzxWeWpY61J7tQSmPhY5ivb4B1efH6rriEOaG251o5OfcG%2Bht00hYkOv0ojJzwwYFD0OgxIad6TCKplri1LSMNw3CbMo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dbe6337d7-FRA
x-proxy-cache
EXPIRED
Volunteering-Abroad-for-Adventure-Seeking-Seniors.jpg
cdn.heroinvesting.com/content/images/2023/05/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/05/Volunteering-Abroad-for-Adventure-Seeking-Seniors.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
67d925b372e6d3c1f16737bc4c3be142c656d3584b16a3db4225ea7206276d26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
109406
last-modified
Fri, 19 May 2023 17:10:30 GMT
server
cloudflare
etag
W/"1ab5e-18834fdd54b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Tnw4RhyU0hbNBPDaZzQF5EQ%2FGDHFAhDEXevVn8vViHwlX6h4beUoKQRUgtwrPAqNtjhJ%2BwnrMgZ%2BzYpYzpMvaU82JcluLsys1kE%2FUYLTopIbHa2Imgpxe6aGCCE%2BQ%2BkQOcplO58V%2BBVU21Ff75k8kscSBU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dbe6537d7-FRA
x-proxy-cache
EXPIRED
Tips-for-Avoiding-Living-Trust-Mistakes.jpg
cdn.heroinvesting.com/content/images/2023/05/ 		170 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/05/Tips-for-Avoiding-Living-Trust-Mistakes.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4a17bf30016786630e6f00ef0689bbaff043fe680fbc0991dfb57aa5cff60ed7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
174107
last-modified
Fri, 19 May 2023 16:39:06 GMT
server
cloudflare
etag
W/"2a81b-18834e11743"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abyNtrLxiAxj9h7yVXcrinYE1UEgmhCuea7CT65RuSIx%2Bc3e7VySkW%2FfBRRlJM1mT7kW36uEdkmaZwFklOQjrcuzp%2Fpu3Igkvmar0T7SuiQabQrmHgk20FRg2jCBj6f7L6SbIabUYkUPmYy8YjkpBPlepX4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dbe6737d7-FRA
x-proxy-cache
MISS
What-Happens-To-Credit-Card-Debt-When-You-Die-.jpg
cdn.heroinvesting.com/content/images/2023/05/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/05/What-Happens-To-Credit-Card-Debt-When-You-Die-.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c3a7d1b2bb387c1f03e7809c00b4594b3f80dc72cc1b664dac82d8d168d9b0f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
103998
last-modified
Wed, 24 May 2023 16:49:41 GMT
server
cloudflare
etag
W/"1963e-1884eaa926f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJyoqGgxxnrOgzUHXMXO0NItTLA8eO0Gbzi8%2FtrKko14OWtrFEuwsqrUfe6W9TmB2T4%2B95rLPqSGl0JnmRQfbLj11JBs9GvY8fPc9zTJNKBZW%2F36o4XyM9zor8Ro7vLETEpXvfECl%2BJlTosLq6xHjmrZq74%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dbe6837d7-FRA
x-proxy-cache
EXPIRED
Why-Should-You-Perform-Volunteer-Work-After-Retirement.jpg
cdn.heroinvesting.com/content/images/2023/05/ 		96 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/05/Why-Should-You-Perform-Volunteer-Work-After-Retirement.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2506212509b1d340b5330bbc500c0226469fd51e2c9fd182facff7b6ae64da24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
98331
last-modified
Fri, 12 May 2023 23:31:31 GMT
server
cloudflare
etag
W/"1801b-188124e2464"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vfo2%2BBh0uylslV602y1x7jBzoBuEqvR%2FejM4E8WawhwCh%2FJ%2BU2hDgY3o5FGLQOihlf%2BiiL3r0wIbAoubIkzTUw%2BbMlfPG7OmPZ%2BZSgkerxhS6kOf80KUa%2BKFSusET5GdU9BjK7JWLJRsWEMvrhnxhEfiSwM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dbe6937d7-FRA
x-proxy-cache
EXPIRED
How-to-Choose-the-Right-RV-for-Your-Retirement-Road-Trip.jpg
cdn.heroinvesting.com/content/images/2023/05/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/05/How-to-Choose-the-Right-RV-for-Your-Retirement-Road-Trip.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cf203740dc9baffee1d429b0b0f17846eebbcc3437e01026b4617159a5419204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
98087
last-modified
Fri, 12 May 2023 23:25:59 GMT
server
cloudflare
etag
W/"17f27-18812491662"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOPwVNU21QBrjS8A%2BKJIMGu%2BLTuERwaGfn%2BK1UGYdq3zL2Q9pMnd7UNdBIC3ZAZUn28gbgCbu3qzoxwCmgYB5L%2BaIeDhlTCctOBD2vFWK8ahMuu643YSxc4YCCaEgcC5GdCA65JlOmToDzZcZoppOID5%2Fwk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dbe6a37d7-FRA
x-proxy-cache
MISS
Managing-Your-Retirement-Portfolio.jpg
cdn.heroinvesting.com/content/images/2023/05/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/05/Managing-Your-Retirement-Portfolio.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f0a272140f39235a8c48f5065d49e3f9a9cef387f8a3a76ef56ea4cd43783376

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
117055
last-modified
Wed, 17 May 2023 16:56:10 GMT
server
cloudflare
etag
W/"1c93f-1882aa3fe6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hshj2hxf9Pr%2BWJCIJG8AkwIBJW7tvL39vSbdnPBKDm6nK%2FlVh9WtsA52i1Qo8vras%2FbRLHwFhQ6QOQEVrUHecwLGoeM66wRg%2FmJAbXI5GDIe7lHdp%2Bx8BUJIYjWC6QSeu1DCoGFLvPw%2B7RurJZ%2B1QjL4J4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dbe6b37d7-FRA
x-proxy-cache
EXPIRED
Smart-Ways-to-Budget-for-Expenses-During-Retirement.jpg
cdn.heroinvesting.com/content/images/2023/05/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/05/Smart-Ways-to-Budget-for-Expenses-During-Retirement.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8fdd3ef0e419019b4ed7077983c7c32074e85493e323033dbadc3dbfddbbcc60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
52999
last-modified
Fri, 12 May 2023 18:14:56 GMT
server
cloudflare
etag
W/"cf07-188112c502b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g846sjmDp90JwiefxTbQgFqd5AJYmOmCJFuM%2F2vg6zNJeqJ9ckggTpioXasBudE4WeMAPNpaND7eG7n34mumU9aF41G4TeUBZzX00U%2FhSa4ycUf45D4Q3lUbnwi9qmN63NerWQDKvCYLWzs0%2BN4ze1Q6zvg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dbe6d37d7-FRA
x-proxy-cache
EXPIRED
Best-Coastal-Retirement-Communities-for-Beach-Lovers.jpg
cdn.heroinvesting.com/content/images/2023/05/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/05/Best-Coastal-Retirement-Communities-for-Beach-Lovers.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cb7ea6a539cc6f9a651bde3ca31fefdda677f55ce3a63f82c4b8c3b20e47a77e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
110054
last-modified
Fri, 12 May 2023 18:06:24 GMT
server
cloudflare
etag
W/"1ade6-18811247e87"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=buDUeHvgXjal%2FVr8Q6crC5p7lDhXW72GQPHYQMNUz%2FUlW3Bhj7eM89Q4sdwEvzsVQ5kM5K9oRJVh0WwF%2Fyc45vW%2BkDukpjqaH8Py%2FiLm6NCfFnz1hvvZl909wcIOqQob3X9ldNm4SUomqvJlBer6bIR2JyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dbe6e37d7-FRA
x-proxy-cache
EXPIRED
Iconic-Vintage-Photos-Capture-More-Than-Expected.jpg
cdn.heroinvesting.com/content/images/2023/10/ 		140 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/10/Iconic-Vintage-Photos-Capture-More-Than-Expected.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0b1f978922b7cefed8ac48debfbf7443b859425a36a3df23ed8b7620fd9963fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
143459
last-modified
Thu, 26 Oct 2023 23:36:43 GMT
server
cloudflare
etag
W/"23063-18b6e58eeb1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujw1KE1K2rmIAi0O81o4wLmYTUP4x9snTmdlu0wHZW5dTo8G4423Qlc4C46FMj6GpzUrL8EBjIFOtLWDV8t%2BSR27w1wEqthElQegmb%2ByW0IzIsUF%2Baj%2B0rdK7g5vVDDx9BPN%2BvFelAXGJXsPZQrbOM48bK0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dbe6f37d7-FRA
x-proxy-cache
MISS
Unlocking-Your-401k--How-to-Withdraw-Money-Before-Retirement.jpg
cdn.heroinvesting.com/content/images/2023/05/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/05/Unlocking-Your-401k--How-to-Withdraw-Money-Before-Retirement.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3b59be6e38f5b2c2751c62b2b78e261075b0e19d7a192e7058e1b5c1e4b4cd33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
44402
last-modified
Wed, 10 May 2023 19:25:53 GMT
server
cloudflare
etag
W/"ad72-18807208ccc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIZ2l8jKKGU509CpGH%2B0WSq4%2BfNa0k%2B92N4tLLdD%2BWa9o0uzHJ%2BsqMhaUvfr%2BmUx%2Fq3dKTylxfhRQScKlmQKEubUIxyLpa9PTZlOLQJe4ZgNQHKtMVFGk%2F%2FjXeFOP%2B5dENv1%2FrfPqNHjWtnZElWOxZdmikc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dbe7137d7-FRA
x-proxy-cache
EXPIRED
The-Major-Ways-Retirees-Are-Using-Smart-Homes-to-Live-Their-Best-Lives.jpg
cdn.heroinvesting.com/content/images/2023/04/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.heroinvesting.com/content/images/2023/04/The-Major-Ways-Retirees-Are-Using-Smart-Homes-to-Live-Their-Best-Lives.jpg
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/3f9f0b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
07122ce61daf21bf874662912424803780ab5653d793ccdcb943ac502016b320

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-proxy-https
true
alt-svc
h3=":443"; ma=86400
content-length
62701
last-modified
Fri, 28 Apr 2023 23:36:34 GMT
server
cloudflare
etag
W/"f4ed-187ca39bc51"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozfERmv%2FEHYYbJ3N8bnVSmRaQlUHJT9njBD2c%2BF5a%2BATHJxaw7yg2c%2FiEVPeFqDtwcKM2yc%2B1vtp%2B2fF6DCvUBywqJFadWHf8Oyidrlc3qyX3zaUgGcKBFwkeXDhP7M6pSKXroqC7PZAmBMfRq9ug7YmlnQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8352ba2dbe7237d7-FRA
x-proxy-cache
EXPIRED
23331d4.js
heroinvesting.com/_nuxt/ 		1 KB
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://heroinvesting.com/_nuxt/23331d4.js
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/_nuxt/fa550fa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5800:6:1c12:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e0625a022bd3b199157833e0338f4eae7eb814ad18da77a4f315851c3e0d2e57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:20:19 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 01:05:39 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA60-P3
age
87486
etag
W/"47e-18c60b53b09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Bz_o53uh6o-Poakf1w7dnQMkkTecbGRhZCoiy90iv9UsCR8W0z5q0g==
latest.js
static.kueezrtb.com/js/ 		204 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.kueezrtb.com/js/latest.js?_=1702517905586
Requested by
Host: static.kueezrtb.com
URL: https://static.kueezrtb.com/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9abdc15a542e768089fb710b4a62a7afe41b6a7b025429c8fc5fc0f8d5010d57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 26 Nov 2023 14:28:50 GMT
server
cloudflare
x-amz-request-id
X56XCGC7JZETW7XH
age
1508936
etag
W/"fa7e5da19fcb32d8c6f7e5d0361837f0"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods
cf-ray
8352ba2debd35c32-FRA
x-amz-id-2
A5qBbqim/1ERkHPgur4F4oqn8NiesD/FsCfNZx8crCkHTPVGT92/00g0TFDyc4mKBc0/kThjbcE=
cmp.js
static.vidazoo.com/basev/cmp/1.0.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/cmp/1.0.1/cmp.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b70b5ab26a51f7829a43fa74bbb2abc2fab541d5842d7c481274f9aaa239a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
THJ8PTYHWNR62A0S
age
69905
x-amz-server-side-encryption
AES256
content-length
1392
x-amz-id-2
/bCLEw/0kRRPQPdG4ohjpi77LgtNI7GMeVKACN7safN2h0QZjIhXIq5liCAeT70yL1BkmtvzJ1E=
last-modified
Tue, 26 Sep 2023 11:15:59 GMT
server
cloudflare
etag
"ae30727db9cee5c3bcee5965142f5f72"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8352ba2df9806ae2-FRA
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Fri, 15 Dec 2023 01:38:25 GMT
tcf.js
static.vidazoo.com/basev/tcf/1.0.2/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/tcf/1.0.2/tcf.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e602d10aeab60c205781599d1dd4e46d615c1938e62f66d5752fb08ad800fa2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
P86EE4HXJEGYDP50
age
80910
x-amz-server-side-encryption
AES256
content-length
5069
x-amz-id-2
8uekcYLwIGctxfUeHDkfeCWq+kbm5pUUBFPen1eo/Uu7loT2t/PqFyjzC8t6ugpmrz6DSTAbFU8=
last-modified
Thu, 27 Jul 2023 14:01:24 GMT
server
cloudflare
etag
"ccd7d1f71f0b08742cb487f337f006fb"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8352ba2df9816ae2-FRA
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Fri, 15 Dec 2023 01:38:25 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
edeaf3dab33e3317eaf0d3898a230af52f438f8d95fb9a0078f4e4696c8eca34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29416
x-xss-protection
0
server
cafe
etag
577 / 19705 / 31080056 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 01:38:25 GMT
yield-manager-script-v2.2.16-prod
vrl9rgsahh7mx6ndn.ay.delivery/manager-script/ 		103 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/yield-manager-script-v2.2.16-prod
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8a0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f59dbed256a49b03bcc01c5f11c989bb62af94e19c52c42986fd957e77a19b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8o6i3JC5XFfVnt71bvQXuo8u2V9nvsJMdylMZ6j%2BaWua4mgUd6oDJLeoEZQWBalvbe7MPoMERecZopuVsS7YAiBkOK9G%2FmJp8PMiOfNEEKRUUhx%2BZ%2FjbAxDOP%2FQ4cV48jceV%2BFBr%2F7I9PyK9e250q8tK2yuRs59U6C5ysA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
8352ba2e1d063734-FRA
alt-svc
h3=":443"; ma=86400
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:25:57 GMT
content-encoding
gzip
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront), 1.1 7f6fdb9a0ec439bac9ac6cc0db13237e.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, MUC50-P2
age
749
x-amz-server-side-encryption
AES256
etag
W/"d6937d02acbbf691a008906e9d0617e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
6YAqfJyZ5fEIuM3hHFaAjVDtAdpwPu9pQKEagOfEF9P0Do5t-A30XQ==
vRL9rGsaHH7Mx6NDN.deploy
vrl9rgsahh7mx6ndn.ay.delivery/manager-script/ 		572 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8a0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edc3addac64118a9081562b7e30b00acb671432d94d39bc4442e54d78d49c209

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7neJkkEouVm1na1fPutVCvLpEmnSvWTSLXxGZgVOiEvdl2e2gVc4CbtQUK%2Fwp4MHBgmS%2Fn0wNo6%2FPOp2zAianH421yYQy%2BHKaLIOmrmCjE1RneEoA%2F5ixjD7yu0xrtxEw%2B2yv0Lf3Jpz71w4NZKBIsvBdsSfFxaDcNNc6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8352ba2e1d073734-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		206 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10887832869&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PNTYD12RWN&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
88f455dec0dc17f9cf1ebe9eea22d58287a0015b865d66dc56edeb8f3bd670cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75538
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 14 Dec 2023 01:38:25 GMT
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PNTYD12RWN&gtm=45je3bt0v879042239&_p=1702517905487&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=12581626.1702517906&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=index&dp=%2F&dl=https%3A%2F%2Fheroinvesting.com%2F&sid=1702517905&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=732
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PNTYD12RWN&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heroinvesting.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nYpzKWqvlq9.css
static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/ Frame 9676 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fheroinvesting%2F&tabs&width=360&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&hide_cta=true&appId=3624856587599651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2863b52bbc74d053b6415278249cb4258747dd6f355f6ba30739b1f84e76861a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
o/7VM47+HYG0hT0S5PaW4w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5162
reporting-endpoints
x-fb-debug
XnaI4YbWMhfkN1NXZD0GskdwmNuKSknvtFTWrvbwHUAdwyElhs7dJjz5PNAtvIqgzpVV+xPX/o7h1d24N8onGA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 10 Dec 2024 17:49:42 GMT
0w2JUNvyUGS.js
static.xx.fbcdn.net/rsrc.php/v3/yg/r/ Frame 9676 		354 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yg/r/0w2JUNvyUGS.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fheroinvesting%2F&tabs&width=360&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&hide_cta=true&appId=3624856587599651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7734ffd5f6910db74d114ad0d7d14022a9529e2d46d40e214894d0dfbc703698
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ySRBWaBWLS4S6iGPpjGQSQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
93772
reporting-endpoints
x-fb-debug
T+4n0YWkAJ0mzTPlEA2BYH9UwM/m8C5ZPHtR1giXDJqrmOI5BsbDmFd6SUxMtbdcCD5VEamZA30bvwLW4L/GPg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 12 Dec 2024 20:53:19 GMT
ecc9spa1308.js
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame 9676 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/ecc9spa1308.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fheroinvesting%2F&tabs&width=360&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&hide_cta=true&appId=3624856587599651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f276072e7a6c8d236837b6bb94ed110bb58715939479dde97a86aae4589cba78
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
j3QnMGCopCPPLhIdggoTYQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3153
reporting-endpoints
x-fb-debug
8OEY9Hy8wWy+5n30I7Rd3Sh0vMiijLbqOuuLHWniln5UILIVkELgAAh5QXdVd4HJUKTU0ia7OFEf6zSV2G7o+A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 12 Dec 2024 19:11:19 GMT
ZvbJLvqRjQB.js
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 9676 		93 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ZvbJLvqRjQB.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fheroinvesting%2F&tabs&width=360&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&hide_cta=true&appId=3624856587599651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
970bfb4004579c73787d2f2744ce0c8c66d202ffbfd553ce318f458fdcfec5c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
AcoVBXNEE77A/1jMZzYlSg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27054
reporting-endpoints
x-fb-debug
73g9+0/5D0rAZvU8qGgtsZxd/qVOpR3C6AuuPIP2wey9M9GHxDj1DJGitbv7j60SKdckqPwi1QCfp87U7SDDAg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 17:56:17 GMT
8bldmsbpAhD.js
static.xx.fbcdn.net/rsrc.php/v3/y1/r/ Frame 9676 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/8bldmsbpAhD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fheroinvesting%2F&tabs&width=360&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&hide_cta=true&appId=3624856587599651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3bee7ba056f5c932c33bc388aa4e7f9275e1b07d11cd6aae039dd274d2c99594
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4LY6iPvdsoz2sXdsRhqtTw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16955
reporting-endpoints
x-fb-debug
fnYSF3LO73BYybI2LTPCJIin5F9H8DPZFhySA1OfudjXidhgatzGPutnKKtdp0G0s7UPzjo/Z46250+Wylmn1w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 21:53:11 GMT
KudK-WKp3ZH.js
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yx/l/de_DE/ Frame 9676 		70 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yx/l/de_DE/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fheroinvesting%2F&tabs&width=360&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&hide_cta=true&appId=3624856587599651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3827a6dd36894e2178e76226f61a99f2099896b5d088e2a8db6c405402b4bcbd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mPl1TBwuoZqEeIwYXpaEUg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20134
reporting-endpoints
x-fb-debug
CJzY//Q34RDsuE42nxho50Ip2exwxIaCmvDdP8v8MeYhFlYMsTarnDcLz2XbSteFMh+Xn99hJyxjQ1fhCSoLxg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 30 Nov 2024 23:22:09 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 9676 		507 B
488 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fheroinvesting%2F&tabs&width=360&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&hide_cta=true&appId=3624856587599651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
reporting-endpoints
x-fb-debug
9maZBObvpZYSG3dalOpnm6u8PE2kFpLdPdkBjgHwW2+t0QXcVWAUJ6qAxl+JaUPC6DlRy/bh1tPTWrHgk563Ug==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 15:44:01 GMT
278482311_116380361018885_1836512003623861853_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 9676 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-6/278482311_116380361018885_1836512003623861853_n.jpg?stp=dst-jpg_p206x206&_nc_cat=105&ccb=1-7&_nc_sid=081abc&_nc_ohc=STSn6PpzqVQAX_lv9Nf&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfDADcj8khTjGmLbPfwD7jzkEXdotS_q-bvLn-hk6YYPDQ&oe=657F7E83
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fheroinvesting%2F&tabs&width=360&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&hide_cta=true&appId=3624856587599651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dedf366251268708e5b04677d175714ed61cd669e16383f4857f2df80647b466

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Wed, 13 Apr 2022 00:24:14 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3536979056
thrift_fmhk
GBAL7WmYhigDmFAsaZd0pEPiFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2405290262
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
6716
278502272_116380517685536_169863435363523684_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame 9676 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-1/278502272_116380517685536_169863435363523684_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=104&ccb=1-7&_nc_sid=4da83f&_nc_ohc=fuoArUhwHwQAX8MAwNu&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfAfXX13yjmtnPBDlh1Uxz3K1EctPFQtNAqFeHjc2vUeTQ&oe=657F1535
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fheroinvesting%2F&tabs&width=360&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&hide_cta=true&appId=3624856587599651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
535291b89d01e51c8366ca2268b580c203f70e106d5e0dddaaa2fc7d5b2235b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Wed, 13 Apr 2022 00:24:57 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1610464874
thrift_fmhk
GBCRhuiUw7NS/71bJJfyq0PmFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2857374795
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1427
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10887832869/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10887832869/?random=1702517905747&cv=11&fst=1702517905747&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fheroinvesting.com%2F&tiba=HeroInvesting&hn=www.googleadservices.com&frm=0&auid=505266229.1702517906&uamb=0&uaw=0&data=event%3Dpage_view%3Bpage_path%3D%2F&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10887832869&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21598c86f88f5ded6552fd74b2f623a98df70ed6635baf1035f6e9e9b2e73df9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1244
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 23:18:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
8371
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 12 Dec 2024 23:18:54 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 04:41:52 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
75394
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
PeLnK7xV4HStKDBnVVea8XJj6bprQVKV3MOKgen_pfQDAieTrK4Ucw==
fpd
u.kueezrtb.com/ 		408 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.kueezrtb.com/fpd?_=1702517905788&yv=5ca6bcf&h=heroinvesting.com
Requested by
Host: static.kueezrtb.com
URL: https://static.kueezrtb.com/js/latest.js?_=1702517905586
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d267587081a80162795b163508030672a025f9b005e16f4a6da90f0013f915b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://heroinvesting.com
access-control-allow-credentials
true
cf-ray
8352ba2f5c505c32-FRA
content-length
323
dye
track.kueezrtb.com/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.kueezrtb.com/dye?ac=2&acm=G3L&uid=97510ea5f4c94d79&sid=3ac60678beb3d1e8&pvi=67bda1c7c1fd1831&h=heroinvesting.com&wh=1600x1200&b=Chrome&bv=120.0.6099.109&dev=&os=Windows%2010&p=&uri=%2F&furl=https%3A%2F%2Fheroinvesting.com%2F&sr=1600x1200&type=latest:init&_=1702517905787
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8352ba2f4c4f5c32-FRA
dye
gtrack.kueezrtb.com/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gtrack.kueezrtb.com/dye?ac=2&acm=G3L&uid=97510ea5f4c94d79&sid=3ac60678beb3d1e8&pvi=67bda1c7c1fd1831&h=heroinvesting.com&wh=1600x1200&b=Chrome&bv=120.0.6099.109&dev=&os=Windows%2010&p=&uri=%2F&furl=https%3A%2F%2Fheroinvesting.com%2F&sr=1600x1200&type=latest:init&_=1702517905787
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8352ba2f4c4b5c32-FRA
dye
track.kueezrtb.com/ 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.kueezrtb.com/dye?ac=2&acm=G3L&uid=97510ea5f4c94d79&sid=3ac60678beb3d1e8&pvi=67bda1c7c1fd1831&h=heroinvesting.com&wh=1600x1200&b=Chrome&bv=120.0.6099.109&dev=&os=Windows%2010&p=&uri=%2F&furl=https%3A%2F%2Fheroinvesting.com%2F&sr=1600x1200&type=latest:fpdr&_=1702517905787
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8352ba2f4c4e5c32-FRA
dye
gtrack.kueezrtb.com/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gtrack.kueezrtb.com/dye?ac=2&acm=G3L&uid=97510ea5f4c94d79&sid=3ac60678beb3d1e8&pvi=67bda1c7c1fd1831&h=heroinvesting.com&wh=1600x1200&b=Chrome&bv=120.0.6099.109&dev=&os=Windows%2010&p=&uri=%2F&furl=https%3A%2F%2Fheroinvesting.com%2F&sr=1600x1200&type=latest:fpdr&_=1702517905787
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8352ba2f4c4a5c32-FRA
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fheroinvesting.com%2F&domain=heroinvesting.com&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://heroinvesting.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://heroinvesting.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 14 Dec 2023 01:38:25 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
220393
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
d34c3868-1544-44a2-9899-167326b5d575
config.aps.amazon-adsystem.com/configs/ 		746 B
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/d34c3868-1544-44a2-9899-167326b5d575
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-117.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
d57a4fc2310235023d50417a3fb3cf6087155272ea7e7fb36d4804d6bc05dc56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
via
1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-P2
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
746
x-amz-cf-id
ahKINqlJHdMSorOR8IECCXqJ0xLnzYcPsoIBMfURmYr6-X7KJEQOAg==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fheroinvesting.com&pubid=d34c3868-1544-44a2-9899-167326b5d575
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
Server /
Resource Hash
afcad60b0734d52542c2dafbb14debcd1f8d4e9c09833af39b07be5081c8a0d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 22:28:17 GMT
via
1.1 7f6fdb9a0ec439bac9ac6cc0db13237e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P2
age
11407
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://heroinvesting.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1544
x-amz-cf-id
0g8IbFrXcFXqUPPJ7k6xXROUEwH2bKREDxhSV-XWVvMB_U2GPkaQ3w==
envelope
lexicon.33across.com/v1/ 		49 B
251 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003Ek3OWAAZ&gdpr=0&src=pbjs&ver=8.25.0&coppa=0
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://heroinvesting.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
json
gum.criteo.com/sid/ 		2 B
376 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fheroinvesting.com%2F&domain=heroinvesting.com&lsw=1
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:25 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://heroinvesting.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
233088
expires
0
d9core
d9.flashtalking.com/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/d9core
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.28.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-28-20.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
bb0786d9d88c18915a5d7e93480c428e02389ced39ae34793d6cea768f05380a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 01:38:25 GMT
Server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
ETag
5bc31bf7d4a298e1bef9d35fce222bfc
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
d9.flashtalking.com
Content-Type
application/javascript;charset=utf-8
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
10814
prebid
id5-sync.com/api/config/ 		136 B
419 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
0c945aa0bb5ba5a939754f316628f652efd88279fdba1fda70102f12984e7c9f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://heroinvesting.com
date
Thu, 14 Dec 2023 01:38:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		43 B
319 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?c=17525
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.85.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-85-3.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:25 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://heroinvesting.com
cache-control
no-cache
x-server
10.45.11.224
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ 		63 B
423 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e9e2185f6126274091e9bc9f2f5093ff6a7a50843a8f95ec1e7a2a51c87725bb

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://heroinvesting.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 13 Jan 2024 01:38:25 GMT
quant.js
secure.quantserve.com/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
gzip
etag
"e23JaXq4HVtlOmThpFhluQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 21 Dec 2023 01:38:25 GMT
config.js
cdn.confiant-integrations.net/MQmKrmitn70_4-erVruOwhgSQSU/gpt_and_prebid/ 		97 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/MQmKrmitn70_4-erVruOwhgSQSU/gpt_and_prebid/config.js
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/yield-manager-script-v2.2.16-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf23d067f410466c9572ac7c2741239aa5a9c88d1f83a8c05451b177af70a96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 14 Dec 2023 00:16:33 GMT
server
cloudflare
x-amz-request-id
72JAZ79HQR2FVM59
etag
W/"3eb76976b2156a4b82c8962ee6fa27f6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
8352ba2f6b1a4da8-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
JHOXRWMBkN3O2pHFq+2GV36ZFrzZWXLgR4//nEMamYWE4IVPJGM69yFz/tSCE/9EyoQoF41eZ7M=
client-v2.js
vrl9rgsahh7mx6ndn.ay.delivery/ 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vrl9rgsahh7mx6ndn.ay.delivery/client-v2.js
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/yield-manager-script-v2.2.16-prod
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8a0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1ef75864a2c2d2ec331f7ce7a5b0005d4f505d603f55fd154316c3a32828621

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 14 Dec 2023 00:51:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uGyWeuGq1VR0Od2Wl1TLaqDvExxBPwVPXrrUB5g%2BqcCG5kYEaFP96o7JnKTAi02TGIVw7%2FnmqYXxbxyMdcSZKUx0DaSLSYSlKEC5%2BUIdo4AXbzlWlaBc%2BChArb7wrpLgB8RvIdP8%2B6%2F5byoSgs4JulhgOk8iQAFCAre0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cf-ray
8352ba2f4d3a2c6e-FRA
alt-svc
h3=":443"; ma=86400
IIQUniversalID.js
vrl9rgsahh7mx6ndn.ay.delivery/ 		95 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vrl9rgsahh7mx6ndn.ay.delivery/IIQUniversalID.js
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/yield-manager-script-v2.2.16-prod
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8a0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51c349494e8d137a4d9dc882ae293647d5f8bf60b11e5b3014d116a95405399a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 21:38:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2804
etag
W/"65723b68-17a65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FyX8CmHOWCkym8NKQ4ni8YvNkQNY5SUHdTF4ul9dD1pc%2B55Wxrmy4Hy74VDm80jRvypOEjWiAYY77jJcqlYhy6ChDsBV0iWkoqnpFeXgnokKIsyIoZBKReVDuhGiyL%2BnD9IOQjriyYpkhYksEMn83qsCiCCf04MovRJgsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
8352ba2f4d3b2c6e-FRA
alt-svc
h3=":443"; ma=86400
localstore.js
script.4dex.io/ 		483 B
1023 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 01:38:25 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1448617
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H20mvpR5Ic0w6sceqgaZT%2BHrYVEo4ydDwamBFfZbbpyVvLTgguaGbqfTaclkMe1RNacVbdrzVQ2ATUs%2FrCMjhWtk%2BEVb%2Bgx%2BwD0HHbdgazA5RkM4EFvC83g9pynyD8PBQ3EtDCgGElZakGxR"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
8352ba2f7f981d8e-FRA
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fheroinvesting.com%2F&pid=0DARY5qctNYjZ&cb=0&ws=1600x1200&v=23.1211.1645&t=2400&slots=%5B%7B%22sd%22%3A%22if_ay_dsk_ic_1__ayManagerEnv__1%22%2C%22s%22%3A%5B%22320x100%22%2C%22320x50%22%2C%22300x250%22%2C%22300x100%22%5D%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=d34c3868-1544-44a2-9899-167326b5d575&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A50%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.191.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-191-32.muc50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 b25ea630a0bc5820a6901f77047718fe.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P4
x-amz-rid
89NVQY12VSNRG9BS0X81
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://heroinvesting.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
7Tu3KQ5TFCJWZEE6KM-RJ203DUr1C2SYGcOwG-OW0HyKazUHThJzmA==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/yield-manager-script-v2.2.16-prod
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Thu, 14 Dec 2023 01:53:25 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/yield-manager-script-v2.2.16-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-46.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:52:32 GMT
content-encoding
gzip
via
1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
85553
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
8O5mLHWVuhP2NvupHXNAHaYpI-0QPSFp5aLu6FfUBI2TVwFxy2tZ_w==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/yield-manager-script-v2.2.16-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
26WVEK0W4DZ80ESK
age
1055
etag
W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8352ba2fcd025d63-FRA
x-amz-id-2
3ujHa/tp8go3OhpKtzAoXE8vrgPkoUmGKKyw78YY/cff8SYUZ7Gm8e6GQBg2bgrXfeLNOkpbbPI=
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 9676 		573 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 14 Dec 2023 01:38:25 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
reporting-endpoints
x-fb-debug
nS5u1bFlnRp+uO/HSs8wSlutqbjvQxYmqBZIgeaNsXe+km+rB0IdpW6iKbRAYfas/H20VIMJm/PMue3lpqsm/Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 06 Dec 2024 05:05:01 GMT
/
www.google.com/pagead/1p-user-list/10887832869/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10887832869/?random=1702517905747&cv=11&fst=1702515600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fheroinvesting.com%2F&tiba=HeroInvesting&frm=0&data=event%3Dpage_view%3Bpage_path%3D%2F&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_hQ894_87K4lwz5AQQ0accZ5AGDB7zg&random=805794255&rmt_tld=0&ipr=y
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10887832869/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/10887832869/?random=1702517905747&cv=11&fst=1702515600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fheroinvesting.com%2F&tiba=HeroInvesting&frm=0&data=event%3Dpage_view%3Bpage_path%3D%2F&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_hQ894_87K4lwz5AQQ0accZ5AGDB7zg&random=805794255&rmt_tld=1&ipr=y
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
22890879159
fundingchoicesmessages.google.com/i/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/22890879159?ers=3
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/yield-manager-script-v2.2.16-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e6f8e46cf4b8432344e468dc3c4c5ed281e0d58e5125ff9e127ea78f597bc20d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yFNUx4jwZLZ1Ib3eo6gjmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-yFNUx4jwZLZ1Ib3eo6gjmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
277 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
cf16cbb8f22081db4534c964ca53060477b6b59b4d4f25323b1a101ec11cf297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://heroinvesting.com
date
Thu, 14 Dec 2023 01:38:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 01:38:25 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1261548
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zy8Hg3aVvsS7T7IbDSrkp5sG6GSS08pSO3RCAilZNxAEaftaMpiP45OHaEdtR8D715RKsEXnU8SOLpuN12YkTLBhNDL9P4RWjVVnT6Tu%2Bl8r61X%2Fd7fG2ZqYthGO%2F5kI9Q1XW9ghKTDugzaG"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
8352ba2fcf0f907c-FRA
hash
vrl9rgsahh7mx6ndn.ay.delivery/ 		4 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vrl9rgsahh7mx6ndn.ay.delivery/hash?e=vRL9rGsaHH7Mx6NDN&k=%7C318&v=5000
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/client-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8a0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe4f4f270df95e1b05dc0f682ec6f10ec55644cd1d6cfe07ade1807347020057

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
4
last-modified
Wed, 13 Dec 2023 23:48:32 GMT
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6cYW577Y%2Fifv8Sxxfhf0euW3wxuICf8urGAf208U1aDd64cFq86o1UFYOaFuI1gQ2469QrNxhwsHjY%2FoxLoATE4pPE%2Bmu3afjQE%2Ba35Zk6YW3ESEwFPu3YoaObPwI3B10QLLpj%2BysvMcO2CDEWGk%2B6kDcloQFY0GyC1Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1800
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8352ba2fd92b19af-FRA
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
pageview
api.assertcom.de/ 		0
310 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/pageview
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/client-v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.203.123 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.123.203.130.94.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://heroinvesting.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
linreg.min.js
vrl9rgsahh7mx6ndn.ay.delivery/floorPrice/vRL9rGsaHH7Mx6NDN/js/floorPrice/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://vrl9rgsahh7mx6ndn.ay.delivery/floorPrice/vRL9rGsaHH7Mx6NDN/js/floorPrice/linreg.min.js
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/yield-manager-script-v2.2.16-prod
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8a0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
linreg_da.min.js
vrl9rgsahh7mx6ndn.ay.delivery/floorPrice/vRL9rGsaHH7Mx6NDN/js/floorPrice/ 		187 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vrl9rgsahh7mx6ndn.ay.delivery/floorPrice/vRL9rGsaHH7Mx6NDN/js/floorPrice/linreg_da.min.js
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/yield-manager-script-v2.2.16-prod
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8a0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b2c6965aa7376479feba76fe01d46108d6199372d9e36b2e194fff0192ea0c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 13 Dec 2023 23:09:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"657a39b3-2eab8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5iGckU1DGGf1OsER4d8MGxbHH8OTELshv78XBcJe8yhgNXpGp9hvD63ZJNNqQuGXZ4dyN28a5d4QezIrhMPlkdoIkFUo1YtrKCmq2zpBQTtjsf8rftxmEOGiFW%2Fz2f9rz405v4RByTWCYbNeids%2BzbW7TjS0cpW%2BQWi9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
8352ba2fcdb52c6e-FRA
alt-svc
h3=":443"; ma=86400
forest.min.js
vrl9rgsahh7mx6ndn.ay.delivery/forest/vRL9rGsaHH7Mx6NDN/js/bid/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://vrl9rgsahh7mx6ndn.ay.delivery/forest/vRL9rGsaHH7Mx6NDN/js/bid/forest.min.js
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/yield-manager-script-v2.2.16-prod
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8a0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
rules-p-WzjNX3PMcYj_N.js
rules.quantcount.com/ 		160 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-WzjNX3PMcYj_N.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:9e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42bf6e31193cd649102b8659c55eec10c7e6a89082e6be1dbd8f9903613e5646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
via
1.1 af3abf09293a5c762de5e451f8d6a912.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
age
2816
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 01 Dec 2023 06:53:33 GMT
server
AmazonS3
etag
"af4a2b117f6d2beaeb52a3b89bfc20bb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
59iouPLSFGTJKIPcvMUcHFpSlC6RrbXi0gz7dSW0_XJppHf7binGgw==
map
bcp.crwdcntrl.net/6/ 		60 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.85.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-85-3.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
cfc413e9f5965041886ce6cb1abfb6e59c0d6830be8359ce1b6f372f3675099f

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:25 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://heroinvesting.com
cache-control
no-cache
x-server
10.45.31.111
access-control-allow-credentials
true
content-length
60
expires
0
1468.json
id5-sync.com/g/v2/ 		251 B
534 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1468.json
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
fe012bb6f0d0ca33816d510728233a15aab78b90eaed314ff1e205960153ac9a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://heroinvesting.com
date
Thu, 14 Dec 2023 01:38:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
dye
track.kueezrtb.com/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.kueezrtb.com/dye?ac=2&acm=G3L&uid=97510ea5f4c94d79&sid=3ac60678beb3d1e8&pvi=67bda1c7c1fd1831&h=heroinvesting.com&wh=1600x1200&b=Chrome&bv=120.0.6099.109&dev=&os=Windows%2010&p=&uri=%2F&furl=https%3A%2F%2Fheroinvesting.com%2F&sr=1600x1200&type=latest:fpdrd&_=1702517905926
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8352ba301c945c32-FRA
dye
gtrack.kueezrtb.com/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gtrack.kueezrtb.com/dye?ac=2&acm=G3L&uid=97510ea5f4c94d79&sid=3ac60678beb3d1e8&pvi=67bda1c7c1fd1831&h=heroinvesting.com&wh=1600x1200&b=Chrome&bv=120.0.6099.109&dev=&os=Windows%2010&p=&uri=%2F&furl=https%3A%2F%2Fheroinvesting.com%2F&sr=1600x1200&type=latest:fpdrd&_=1702517905926
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8352ba301c965c32-FRA
lgc
d9.flashtalking.com/ 		147 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/lgc
Requested by
Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.28.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-28-20.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
c952f0a89724b34925fb80c26f687cb9c34335e67b55f60ba1b5d0e1c6abcaf9

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Thu, 14 Dec 2023 01:38:25 GMT
Server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
https://heroinvesting.com
Content-Type
application/json;charset=ISO-8859-1
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
AGSKWxXOrwSUspzVy5XTKjIZQFFIKGk-FTcZnnCe8-0jrU0Apj7froELrc4mcLb1eH5gZ46del0O8kynt0LVstqzb52w2bRTzd8Zmwoj4tXfQrV2Vwgsuf1ZaClSTxMPF6gdhHSwDmXE_w==
fundingchoicesmessages.google.com/f/ 		375 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXOrwSUspzVy5XTKjIZQFFIKGk-FTcZnnCe8-0jrU0Apj7froELrc4mcLb1eH5gZ46del0O8kynt0LVstqzb52w2bRTzd8Zmwoj4tXfQrV2Vwgsuf1ZaClSTxMPF6gdhHSwDmXE_w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyNTE3OTA2LDQzMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2hlcm9pbnZlc3RpbmcuY29tLyIsbnVsbCxbWzgsInd1UnJjZllsWWh3Il0sWzksImRlIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/yield-manager-script-v2.2.16-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2ef080288269a8a8ce80d194eb5c127d75b354ca578ee5864a98168ea8cb0090
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nKtQbiD62O9WKGorhnUtBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-nKtQbiD62O9WKGorhnUtBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://heroinvesting.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://heroinvesting.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 14 Dec 2023 01:38:26 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://heroinvesting.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		5 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.25.0
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
0e0cfbf250eb7c8c24b89079c123d38d6b30724a230c2a8f24d975a86e62fde7

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 14 Dec 2023 01:38:26 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://heroinvesting.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
2527
641ab9f7284b9911720b9b75
exchange.kueezrtb.com/prebid/multi/ 		0
289 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://exchange.kueezrtb.com/prebid/multi/641ab9f7284b9911720b9b75
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.245.86.108 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://heroinvesting.com
date
Thu, 14 Dec 2023 01:38:26 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
v1
btlr.sharethrough.com/universal/ 		0
159 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.209.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-209-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://heroinvesting.com
date
Thu, 14 Dec 2023 01:38:26 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
63ebe4b23a3c92dafc0c2e06
prebid.cootlogix.com/prebid/multi/ 		0
289 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/63ebe4b23a3c92dafc0c2e06
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.148.17.110 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
207.148.17.110.vultrusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://heroinvesting.com
date
Thu, 14 Dec 2023 01:38:26 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
/
colossusssp.com/ 		2 B
139 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.192.253.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://heroinvesting.com
date
Thu, 14 Dec 2023 01:38:26 GMT
access-control-allow-credentials
true
server
openresty
content-length
2
content-type
application/json
prebid
prebid.media.net/rtb/ 		1 KB
1007 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUK6VG18
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
7d5071f3bc15cef5f545a6613f5b241bfd37e60296275735b737312a3b93cd57

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:25 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://heroinvesting.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
88
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 14 Dec 2023 01:38:26 GMT
bid
s.seedtag.com/c/hb/ 		11 B
371 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
via
1.1 google
server
openresty
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://heroinvesting.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
mp.4dex.io/ 		60 B
398 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:26 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://heroinvesting.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8352ba320d1bbbad-FRA
expires
0
c
prebid.a-mo.net/a/ 		0
354 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://heroinvesting.com
date
Thu, 14 Dec 2023 01:38:25 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
server
envoy
vary
origin, Accept-Encoding
imp
g2.gumgum.com/hbid/ 		360 B
618 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1702517906216&to=-60&id5Id=0&id5IdLinkType=null&aun=if_ay_dsk_ic_1__ayManagerEnv__1&ftrackId=82d8ab727bad4bff96aaa49624e2574a&id5id=0&pubcid=9312d890-7947-466b-9f51-11fbeffd649a&gpid=%2F22890879159%2Fhi_ay_dsk_ic_1&t=notmta6c&pi=3&maxw=320&maxh=100&si=1008715&bf=320x100%2C320x50%2C300x250%2C300x100&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fheroinvesting.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.25.0%22%7D&ogu=https%3A%2F%2Fheroinvesting.com&ns=9728
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.240.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-240-80.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
01e9f55f0e69b2e9c0fb373c6e96fafb3e4c83dcdc71fdaff229612c381ec68c

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:26 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://heroinvesting.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
trinity.json
apex.go.sonobi.com/ 		182 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2224da88a837a0598%22%3A%229ef57c4e1a7aad0ba98a%7C320x100%2C320x50%2C300x250%2C300x100%7Cgpid%3D%2F22890879159%2Fhi_ay_dsk_ic_1%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fheroinvesting.com%2F&s=858634c8-f7c7-4fae-a205-0a03ee0b15c7&pv=03621528-342a-49aa-9fde-02619d82aa92&vp=desktop&lib_name=prebid&lib_v=8.25.0&us=1&iqid=%7B%22pcid%22%3A%22421fa694-30b3-4d48-9aaa-edba17ce314e%22%2C%22pcidDate%22%3A1702517906218%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%227cd9a364-c89b-44da-8955-346021a71403%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22heroinvesting.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22heroinvesting.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fheroinvesting.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&eids=%5B%7B%22source%22%3A%22flashtalking.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2282d8ab727bad4bff96aaa49624e2574a%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22HHID%22%3A%22e29891ccb7ac45eeafff961729c10d57%22%2C%22DeviceID%22%3A%2282d8ab727bad4bff96aaa49624e2574a%22%2C%22SingleDeviceID%22%3A%2282d8ab727bad4bff96aaa49624e2574a%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%2C%22pba%22%3A%22K7vHKcNUhlBZDaTM3j%2FrUA%3D%3D%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%229312d890-7947-466b-9f51-11fbeffd649a%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
d3634a965859828e5adbc3b822c573a18060433683710ad83780eeaf75470670
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:26 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-114
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://heroinvesting.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
207
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
ortb
bid.contextweb.com/header/ 		0
772 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb?src=prebid
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
cwdl
22/120
access-control-allow-origin
https://heroinvesting.com
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
cw-server
bid-deployment-stage-0
auction
tlx.3lift.com/header/ 		19 B
528 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.25.0&referrer=https%3A%2F%2Fheroinvesting.com%2F&tmax=2500
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.222.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-222-73.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:26 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt
content-type
application/json; charset=utf-8
access-control-allow-origin
https://heroinvesting.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		377 B
903 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25504&site_id=478470&zone_id=2840484&size_id=15&alt_size_ids=19%2C43%2C117&eid_flashtalking.com=82d8ab727bad4bff96aaa49624e2574a%5E1&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=9312d890-7947-466b-9f51-11fbeffd649a%5E1&rf=https%3A%2F%2Fheroinvesting.com%2F&tg_i.domain=heroinvesting.com&tg_i.page=https%3A%2F%2Fheroinvesting.com%2F&tg_i.pbadslot=%2F22890879159%2Fhi_ay_dsk_ic_1&tk_flint=pbjs_lite_v8.25.0&x_source.tid=7cd9a364-c89b-44da-8955-346021a71403&l_pb_bid_id=3037f195bc15bcf&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=fb2234f2-b509-4e0f-887e-2b306eaac519&rp_maxbids=1&p_gpid=%2F22890879159%2Fhi_ay_dsk_ic_1&m_ch_mobile=%3F0&slots=1&rand=0.2058581839265612
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0a7ee71c2346a4eb86ecb4ec21dbf46b623fa65c4cde95b0e8a3e201e155fb10

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://heroinvesting.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/ 		11 B
207 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://heroinvesting.com
pragma
no-cache
date
Thu, 14 Dec 2023 01:38:26 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
550 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=974236
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d14962f14c491324c8c92c5733b2937ef365dc76f583e9306aee24afd3cdcb8

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=API%2Bhl2Unj8P6otLhVSXS8JAsMzIufH%2FZaUjwMc7j8V9BUO0Bv4rU1KqIv2Ow%2Fols4n0nSe049rMtIE0%2Bs50%2BtpQihA358yNaaDLWuREjy8pnPbQL%2BbtElCnIM9q4boQDeBU7M0B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://heroinvesting.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8352ba32185139c7-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
hb
cpm.qortex.ai/ 		0
238 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cpm.qortex.ai/hb?zone=194374&v=1.6
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://heroinvesting.com
Date
Thu, 14 Dec 2023 01:38:26 GMT
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Server
nginx
Connection
close
Content-Length
0
auction
pbs.nextmillmedia.com/openrtb2/ 		234 B
619 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.117.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-117-179.compute-1.amazonaws.com
Software
/
Resource Hash
7a89914ab9b628434f26a5bacd9cabe379846450d4544513c70f2440eb15ee63

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:26 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://heroinvesting.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
234
expires
0
hb-multi
hb.yellowblue.io/ 		84 B
431 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.171.197.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-197-233.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
b262f4fb303ea90bf8b5fbe0e71792e74ee1a98c9d0a406d5eab0cfa2cd99286

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://heroinvesting.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
bid-request
a.teads.tv/hb/ 		16 B
382 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:27 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://heroinvesting.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 14 Dec 2023 01:38:27 GMT
/
prebid.dblks.net/openrtb/ 		160 B
423 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.dblks.net/openrtb/?sid=2724499
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.212.255.178 , Canada, ASN25948 (FHMNET, CA),
Reverse DNS
Software
nginx/1.20.1 / Express
Resource Hash
e92128cb55f443e32d428309f895593cd75dad8303d4e9c9162bfd94aa670011

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 14 Dec 2023 01:38:14 GMT
x-openrtb-version
2.5
server
nginx/1.20.1
x-powered-by
Express
etag
W/"a0-M0aoslRaKh3eY7+EpX36j5QnHtQ"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://heroinvesting.com
cache-control
max-age=0, no-cache, no-store, private
access-control-allow-credentials
true
content-length
160
hb-mm-multi
hb.minutemedia-prebid.com/ 		84 B
431 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.213.252.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-252-243.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
b76b148cb1d15053d22acf8f650f95c8c9fa1e24c87e70e09657fbf1ae9048ac

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://heroinvesting.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
hbjson
grid.bidswitch.net/ 		13 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.170.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-170-244.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f922c265455a8ba73559c668901e9eef567a2aef4b3b494f97f775913db38b49

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 14 Dec 2023 01:38:26 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://heroinvesting.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
7213
hb
brightcombid.marphezis.com/ 		20 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://brightcombid.marphezis.com/hb
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
9c27e2d1bfac22ddba7f4222553c93d7667c7a694f5bfc53333d7446ddfcd6a6

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:26 GMT
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://heroinvesting.com
cache-control
no-store
access-control-allow-credentials
true
content-length
19978
expires
0
prebid-request
onetag-sys.com/ 		15 B
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://heroinvesting.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
hb
ssc.33across.com/api/v1/ 		66 B
313 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dUOeOqXmSr7AmkrkHcnlxd
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
3a33349da0a3f6b12ec87ff79fa8b2e505e76e4aff12e9af66090e89638970db

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://heroinvesting.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
dye
track.kueezrtb.com/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.kueezrtb.com/dye?ac=2&acm=G3L&uid=97510ea5f4c94d79&sid=3ac60678beb3d1e8&pvi=67bda1c7c1fd1831&h=heroinvesting.com&wh=1600x1200&b=Chrome&bv=120.0.6099.109&dev=&os=Windows%2010&p=&cc=DE&ig=0&uri=%2F&furl=https%3A%2F%2Fheroinvesting.com%2F&sr=1600x1200&type=latest:br&_=1702517906205&bidder=kueezrtb&at=display&v=1
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8352ba324d915c32-FRA
dye
gtrack.kueezrtb.com/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gtrack.kueezrtb.com/dye?ac=2&acm=G3L&uid=97510ea5f4c94d79&sid=3ac60678beb3d1e8&pvi=67bda1c7c1fd1831&h=heroinvesting.com&wh=1600x1200&b=Chrome&bv=120.0.6099.109&dev=&os=Windows%2010&p=&cc=DE&ig=0&uri=%2F&furl=https%3A%2F%2Fheroinvesting.com%2F&sr=1600x1200&type=latest:br&_=1702517906205&bidder=kueezrtb&at=display&v=1
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8352ba324d935c32-FRA
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidRequested&bidder=nextMillennium&source=pbjs&groups=1214
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 01:38:26 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
css
fonts.googleapis.com/ 		69 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.wuRrcfYlYhw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMz85aq2O98uA1KP-loqAx_kUdBoZA/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a9c37dd205548772c03f6e0d878006fd608c3aebe96eb9ea9ec6363450a1b873
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 14 Dec 2023 01:38:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 01:38:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Dec 2023 01:38:26 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 		264 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/MQmKrmitn70_4-erVruOwhgSQSU/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 16:04:16 GMT
server
cloudflare
x-amz-request-id
J77G4MM0WR1P5JVV
age
2760668
etag
W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
8352ba32dd3d4da8-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
cEEmM5ZH1HytHupQ6mYxbZdtKCrk03Ab1rvy+Yeja//lYQxsG1Su7xGSFtGK0fFEDuZQp5YP0nu0BrLS99CWgw==
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v15/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heroinvesting.com/
Origin
https://heroinvesting.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:54:06 GMT
x-content-type-options
nosniff
age
146660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14720
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 21:49:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 08:54:06 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heroinvesting.com/
Origin
https://heroinvesting.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:59:49 GMT
x-content-type-options
nosniff
age
146317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 08:59:49 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v15/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heroinvesting.com/
Origin
https://heroinvesting.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:27:58 GMT
x-content-type-options
nosniff
age
400228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14544
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 21:49:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 10:27:58 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v15/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heroinvesting.com/
Origin
https://heroinvesting.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 07:29:10 GMT
x-content-type-options
nosniff
age
410956
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14048
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 21:49:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 07:29:10 GMT
AGSKWxU89Ky6iYR0V4OBUNw0N1fS_Nf5bqGRVryenbOKa3caO9xRPAyXCkp15gDEX2Mdc5OAbocBokBLvXRpKJnXuOY0bhEt70YoisF6Q9RxkImcEroQpmnVyRLgx_DSeAaSVw3IU7158Q==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU89Ky6iYR0V4OBUNw0N1fS_Nf5bqGRVryenbOKa3caO9xRPAyXCkp15gDEX2Mdc5OAbocBokBLvXRpKJnXuOY0bhEt70YoisF6Q9RxkImcEroQpmnVyRLgx_DSeAaSVw3IU7158Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.wuRrcfYlYhw.es5.O/am=wA/d=1/rs=AJlcJMw99yMC4vvT6S8_Dhkdg53ioapJtw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-p4y0ftIR9HINVuD87GapmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://heroinvesting.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-p4y0ftIR9HINVuD87GapmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://heroinvesting.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=noBid&bidder=nextMillennium&source=pbjs&groups=1214
Requested by
Host: heroinvesting.com
URL: https://heroinvesting.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 01:38:26 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
error
api.assertcom.de/ 		0
309 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/error
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/client-v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.203.123 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.123.203.130.94.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:26 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://heroinvesting.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
/
ssc-cms.33across.com/ps/ Frame 71CE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dUOeOqXmSr7AmkrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP017 /
Resource Hash

Request headers

Referer
https://heroinvesting.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 14 Dec 2023 01:38:27 GMT
server
33XP017
x-33x-status
2000208
sync
eb2.3lift.com/ Frame 817A 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://heroinvesting.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 14 Dec 2023 01:38:28 GMT
usync.html
eus.rubiconproject.com/ Frame 1913 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://heroinvesting.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Dec 2023 01:38:28 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
sync.kueezrtb.com/api/sync/iframe/ Frame E8B0 		109 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.kueezrtb.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.198.173.135 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a1aa01f31d4087317f5d4e5ef4ea70a73e38124a45f1553dbe8968ea16068b84

Request headers

Referer
https://heroinvesting.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS, POST
access-control-allow-origin
*
content-length
109
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
/
s.0cf.io/ Frame 4CF4 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://heroinvesting.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
MISS
cf-ray
8352ba3dd85c9136-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 14 Dec 2023 02:08:28 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7UiqkFUDOL66m5rLdABtMMzQf0ubPyDDcTCzo3Li6Dn8MpTh9GlW%2FHIoqiCTBtWCqGb1GqX%2Bk23sHLB%2F3R0ssJ38ME4LuDopSuhYSD7snb%2F81VADY3xC3Lcvrs%2F3IQt6NTino0UuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 4FEA 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUK6VG18&prvid=2012%2C2034%2C2033%2C2055%2C2030%2C3020%2C251%2C233%2C2027%2C236%2C237%2C459%2C70%2C97%2C55%2C77%2C2022%2C3012%2C262%2C461%2C244%2C201%2C2039%2C246%2C4%2C203%2C10000%2C108%2C9%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-216-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
84939ff5fe379c22d98eedb6f371080e36ef6d9f2848e44ae0e257e9e63945a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://heroinvesting.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8331
content-type
text/html; charset=UTF-8
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Sat, 16 Dec 2023 01:38:28 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
/
sync.cootlogix.com/api/sync/iframe/ Frame 3FFE 		109 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.198.173.135 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a1aa01f31d4087317f5d4e5ef4ea70a73e38124a45f1553dbe8968ea16068b84

Request headers

Referer
https://heroinvesting.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS, POST
access-control-allow-origin
*
content-length
109
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
beacon
ap.lijit.com/ Frame C00B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13530234
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://heroinvesting.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Thu, 14 Dec 2023 01:38:28 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ams1
isyn
prebid.a-mo.net/ Frame 6013 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://heroinvesting.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Thu, 14 Dec 2023 01:38:28 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
sync
cookies.nextmillmedia.com/ Frame 0D1F 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cookies.nextmillmedia.com/sync?type=iframe
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.133.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-133-130.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
cbb470390431a28455afefcded54718a12e0c0acfe31b79e1562f31d94d3cf1f

Request headers

Referer
https://heroinvesting.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
2981
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
server
fasthttp
visitormatch
bh.contextweb.com/ Frame 3C43 		27 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://heroinvesting.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
de-DE
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-5c6449b65-r7wcs
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
iframe
sync.colossusssp.com/ Frame 3D11 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.155.100 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://heroinvesting.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Thu, 14 Dec 2023 01:38:28 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
ixmatch.html
js-sec.indexww.com/um/ Frame 4252 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://heroinvesting.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1107
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8352ba3dd913381a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 14 Dec 2023 05:38:28 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 213B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1702517906365
Requested by
Host: vrl9rgsahh7mx6ndn.ay.delivery
URL: https://vrl9rgsahh7mx6ndn.ay.delivery/manager-script/vRL9rGsaHH7Mx6NDN.deploy?v=PgiQG6R5WBrQPh83L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://heroinvesting.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
9.gif
id5-sync.com/s/441/ 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Thu, 14 Dec 2023 01:38:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5140084928859533869
49 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5140084928859533869
Protocol
H2
Server
2607:f350:3:2569:0:10:0:c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:28 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-114
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5140084928859533869
Date
Thu, 14 Dec 2023 01:38:28 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
x.bidswitch.net/ 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=themediagrid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.48.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-48-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroinvesting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
getuidj
ib.adnxs.com/ Frame 4CF4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ib.adnxs.com/getuidj
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fib.adnxs.com%2Fgetuidj
  • https://ib.adnxs.com/getuidj
29 B
700 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0a1441f574fecc7072db6a99dfe016500c014f228af1335bc7616eca86f15223
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:28 GMT
an-x-request-uuid
dcef7357-44bd-4bec-9e5a-8ec5a6d02b57
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://s.0cf.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.73; 45.141.152.73; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
29
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:28 GMT
an-x-request-uuid
91ad021c-2f9a-4c6d-a1cf-ac1ed755f76d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://s.0cf.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ib.adnxs.com/getuidj
x-proxy-origin
45.141.152.73; 45.141.152.73; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
s.0cf.io/ Frame 8816
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D76%26uid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D76%26uid%3D%24UID
  • https://s.0cf.io/
38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5799
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
8352ba3eeabc65b2-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 14 Dec 2023 02:08:28 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gglXqPXIskP7gje8Xlb8XYg2Rwvl256UHjWFh5RgpEpuSqOwlAWFjD016G8nN2mGLGPAIxB392yzTUNRd2XANNqwMfhMnTBg%2BMEKamaTsKiqLAgYU27tzZTmBkXmTIRcTTyd8Qx%2B%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 14 Dec 2023 01:38:28 GMT
location
https://s.0cf.io/#ps=true&dbid=435fef186a02014&id=76&uid=4539146590055929270413
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
getuids
prebid-server.rubiconproject.com/ Frame 4CF4 		44 B
348 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/getuids
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b7e13a2884ddad18fd6a29c401b86c380a4a044908218c3e9a54005c6f654cdb

Request headers

Referer
https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json;charset=utf-8
access-control-allow-origin
https://s.0cf.io
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
70
Expires
0
rid
match.adsrvr.org/track/ Frame 4CF4 		63 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
2d9d1f635958175fe0bc11b7b7695152533696f3cd7fc5d55e65299fcea5f851

Request headers

Referer
https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 14 Dec 2023 01:38:28 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://s.0cf.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 13 Jan 2024 01:38:28 GMT
connectmyusers.php
cdn.connectad.io/ Frame CDEF 		1 KB
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2997
alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
8352ba3efdd491f3-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 14 Dec 2023 01:38:28 GMT
last-modified
Thu, 14 Dec 2023 00:48:31 GMT
server
cloudflare
vary
Accept-Encoding
current
prebid-match.dotomi.com/match/bounce/ Frame 1E93 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D10%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private, max-age=0, no-store
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
0
pragma
no-cache
server
nginx
prbds2s
rtb.gumgum.com/usync/ Frame 34EB 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.240.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-240-80.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ed1bf070e67c6efe7f9fe07c33688c79e3098d61e1242f0239362f2eca52e260

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 14 Dec 2023 01:38:28 GMT
etag
W/"0ef6ee046df7806c5ba4c74ce33a7c2b3"
server
nginx
timing-allow-origin
*
/
s.0cf.io/ Frame 2EB6
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D74%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D74%26uid%3D&s=184932&C=1
  • https://s.0cf.io/
38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5799
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
8352ba3f3aea65b2-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 14 Dec 2023 02:08:28 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zYRlWrBDrIxG%2B2LmPYlXHpzLEKOZ%2BCLd5uBd7QMv7WqnbEZNQjMYtTFbZUdHg8KFZVNrwTOdLEcYUbUANvQN8S0PkElepgYQS45YbCIQVvQYupUgv8wP2ELzmet8JD%2BGeRHj3MaDA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8352ba3eff4239c7-FRA
content-length
0
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
0
location
https://s.0cf.io/#ps=true&dbid=435fef186a02014&id=74&uid=ZXpclNI1WoWEvN1Ct49KnQAA%265225
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FpvEn%2FlE0INOtRQwTbjyQMLYzl6PBV7CrcPQY%2FaSYFeW07h1gwDLHA7NE4GU%2FcPDq%2FEnrHmLA%2FJ6O%2Brla56Iw6gwxKNUz4Itja%2F2C%2BOvjKVpUFLn%2FBElzrkMpmcRf8475%2FFCYQ3J"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
prebid
rtb.openx.net/sync/ Frame 60D3 		43 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D19%26uid%3D%24%7BUID%7D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 14 Dec 2023 01:38:28 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
via
1.1 google
pixel
ap.lijit.com/ Frame 7E94 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D25%26uid%3D%24UID
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Thu, 14 Dec 2023 01:38:28 GMT
X-Sovrn-Pod
ad_ap4ams1
us.gif
sync.go.sonobi.com/ Frame C60F 		49 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D26%26uid%3D%5BUID%5D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, private
content-length
49
content-type
image/gif
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma
no-cache
server
sonobi-go
tcn
Choice
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-114
x-xss-protection
0
/
s.0cf.io/ Frame 7C47
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D22%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1702517908340
  • https://ad.turn.com/r/cs?pid=45&rndcb=5382031778
  • https://sync.1rx.io/usersync/turn/3370552569649972732?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-b5dcbb40-44b5-48b8-a207-0db1bfb5f5cb-003?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D22%26uid%3DRX-b5dcbb40-44b5-48b8...
  • https://s.0cf.io/
38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5799
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
8352ba40ec5865b2-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 14 Dec 2023 02:08:28 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEz%2Bvi%2F0dOKmp0AJQl7V%2BRR9UgUiN1qDboJ34D6LPWBpJWmr2ICn%2BY7L7LR1u9lYVAbab3icnbCTdxEWW2%2FCHMTsSyo0KwJ4Cc3VOYnCG6Y9ecFxmelYtful8dErvKZ%2FIVempPnHYA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
etag
RXb5dcbb4044b548b8a2070db1bfb5f5cb003
location
https://s.0cf.io/#ps=true&dbid=435fef186a02014&id=22&uid=RX-b5dcbb40-44b5-48b8-a207-0db1bfb5f5cb-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
occ
ups.analytics.yahoo.com/ups/58448/ Frame EAFF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58448/occ?uid=435fef186a0201477%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Thu, 14 Dec 2023 01:38:28 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.94
strict-transport-security
max-age=31536000
/
s.0cf.io/ Frame 8D0E
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D81%26uid%3D
  • https://s.0cf.io/
38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5799
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
8352ba3efac065b2-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 14 Dec 2023 02:08:28 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSm1wo8NzuVCj8lyMKk6YgERq0a2s5O2Mpjb8f%2FWVWfdZwWKOG4XgV2xvDvGb46AciJYG%2Fs3Ior%2Fncm9PEvJwNu%2By2T81dwQ1pIn0Qwp3lmgIbJiJVaC6L5MoTb%2BqUGKsxd0OThQCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

cache-control
max-age=0, private, must-revalidate
content-length
0
date
Thu, 14 Dec 2023 01:38:28 GMT
location
https://s.0cf.io/#ps=true&dbid=435fef186a02014&id=81&uid=?gdpr=0&gdpr_consent=0
server
envoy
x-envoy-upstream-service-time
0
/
onetag-sys.com/usync/ Frame 1815 		0
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
content-length
0
strict-transport-security
max-age=15552000
getsync
ads.servenobid.com/ Frame 4CF4 		9 B
291 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=0&us_privacy=0&format=json
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.137.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-137-246.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
72d427b7264997760074a94dcc1c9e54ae2c33b05276bfb3cfcd0f5d2d8bba3a

Request headers

Referer
https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 14 Dec 2023 01:38:28 GMT
amp-access-control-allow-source-origin
*
content-type
text/plain;charset=ISO-8859-1
access-control-allow-origin
https://s.0cf.io
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
9
/
ssc-cms.33across.com/ps/ Frame 774C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D1%26uid%3D33XUSERID33X
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP019 /
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 14 Dec 2023 01:38:28 GMT
server
33XP019
x-33x-status
2000208
ImgSync
image8.pubmatic.com/AdServer/ Frame 9425 		0
42 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Thu, 14 Dec 2023 01:38:27 GMT
/
s.0cf.io/ Frame E1B1
Redirect Chain
  • https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D21%26uid%3D%25%25VGUID%25%25
  • https://s.0cf.io/
38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5799
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
8352ba3efac565b2-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 14 Dec 2023 02:08:28 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWCoEedlNUlSOwLDbhxWLm3usibSFK5Mu13eOyFS6Qym73GOiy5QbjT9DOWiniK2fzrIAhWZGiGCUFYpZ9ChFMUe7926whnCbk6aI8A5RVjtO%2FhPddamKeV%2F%2BpRIBWpVf0jtfN7uAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
de-DE
cw-server
bh-deployment-5c6449b65-r7wcs
expires
-1
location
https://s.0cf.io/#ps=true&dbid=435fef186a02014&id=21&uid=KfvC6tcIcTJh&ev=1&pid=561205
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
v1
match.sharethrough.com/universal/ Frame B958 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=Uj448boa
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.247.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-247-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 14 Dec 2023 01:38:28 GMT
/
s.0cf.io/ Frame 2D25
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D82%26uid%3D%5Bssb_s...
  • https://s.0cf.io/
38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5799
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
8352ba3f8b1e65b2-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 14 Dec 2023 02:08:28 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zS5WFfaFuxuSV7R%2FwAiMZENuoiK1TxEClTADognblKwFXukhLSktc4agqScaA5XJn8bRNJ2oK7Ho4%2B5OxNgEN9KggF171Bw5yqM%2FyUPJUf%2BzQ9wytzRAYN%2FFFbX6UoUTFs%2B2RPmZ8A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

content-length
0
date
Thu, 14 Dec 2023 01:38:28 GMT
location
https://s.0cf.io/#ps=true&dbid=435fef186a02014&id=82&uid=3624484212560970283
/
s.0cf.io/ps/ Frame 504B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=datablocks_inc&google_hm=435fef186a02014&dbid=435fef186a02014
  • https://s.0cf.io/ps/?dbid=435fef186a02014
2 B
487 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.0cf.io/ps/?dbid=435fef186a02014
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d74beec1be996322ad76813bafb92d40839895d6dd7ee808b17ca201eac98be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
MISS
cf-ray
8352ba3f5afd65b2-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 14 Dec 2023 02:08:28 GMT
last-modified
Mon, 04 Oct 2021 18:28:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zl2SUo8uVSb5%2BrD0Ae6jH8NBN%2FFWsh%2Fu7m%2B4H8A2NLE5%2FyoWat0T0%2BvJtHHDbKa8KbYJjJ1mAJs8MHZbbCyCin1EDjnC1Hef4TCgpkA2YUt6onAyeCKDHMeeQ5OFlPcgsnaznWuqgA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
315
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://s.0cf.io/ps/?dbid=435fef186a02014#ps=true&id=666&uid=CAESEGCOmfShU8MuU-TGmgD4NwE&cver=1&error=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
/
s.0cf.io/ Frame 3F0C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D61%26uid%3D%5BMM_UUID%5D
  • https://s.0cf.io/
38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5799
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
8352ba3f5afc65b2-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 14 Dec 2023 02:08:28 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8F3iiXiz7ItaVScf4ZCSqu8sYKoAhc2Nd0CdP2WKmbk6dftHUcP9Q2ZGZ%2FgRDXHddvz4UVVofDX1wu4IijVVX3Y4ybDIRgXfWuWIZvJLUvZaS%2Ba1c6%2FiKXvu94QBj72nFp84ydbp4A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 14 Dec 2023 01:38:28 GMT
Expires
Thu, 14 Dec 2023 01:38:27 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1143 599e619 master cdg cdg-pixel-x27 config_version:"197"
location
https://s.0cf.io/#ps=true&dbid=435fef186a02014&id=61&uid=e5b6657a-5c94-4c00-84e0-27dfd1a720dc&gdpr=0&gdpr_consent=0
/
s.0cf.io/ Frame 3FA6
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D...
  • https://s.0cf.io/
38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5800
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
8352ba461f7f65b2-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:29 GMT
expires
Thu, 14 Dec 2023 02:08:29 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdWgXKMhU9WYorvPKEphqu69sWkgP63BW1V%2BfMIp1JamRhJGBtKbDsYAyhkaSxMLSwg8MZ37gW27xXr65IuzuLQdetNGOr8jTTarLW0NjJ4e1j6kF30wvkpzdEByYbDvrybdZQuL4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Thu, 14 Dec 2023 01:38:29 GMT
expires
Thu, 14 Dec 2023 01:38:29 GMT
location
https://s.0cf.io/#ps=true&dbid=435fef186a02014&id=88&uid=0000EEA
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
usersync
usersync.gumgum.com/ Frame 34EB
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://usersync.gumgum.com/usersync?b=apn&i=8174363493500510630
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=8174363493500510630
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:28 GMT
an-x-request-uuid
02c638ad-11be-4ed8-a9c5-b19c47684618
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=8174363493500510630
x-proxy-origin
45.141.152.73; 45.141.152.73; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
ads.avct.cloud/ Frame 34EB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_97ad36fa-e09b-4e40-9db0-485499020ba1&gdpr=0&gdpr_consent=0&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_97ad36fa-e09b-4e40-9db0-485499020ba1&gdpr=0&gdpr_consent=0&us_privacy=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
0
0
usersync
usersync.gumgum.com/ Frame 34EB
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=0&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=0&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=88680b6f-5b9b-44cc-81dc-69623d2418b5&gdpr=0&gdpr_consent=0
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=88680b6f-5b9b-44cc-81dc-69623d2418b5&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 14 Dec 2023 01:38:28 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=88680b6f-5b9b-44cc-81dc-69623d2418b5&gdpr=0&gdpr_consent=0
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 34EB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0
  • https://usersync.gumgum.com/usersync?b=sta&i=0-54cb0e83-20ac-590a-548e-44c5abe7216b$ip$45.141.152.73
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-54cb0e83-20ac-590a-548e-44c5abe7216b$ip$45.141.152.73
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-54cb0e83-20ac-590a-548e-44c5abe7216b$ip$45.141.152.73
Date
Thu, 14 Dec 2023 01:38:28 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 34EB 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:7018:7dc3:a4e8:e820 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersync
usersync.gumgum.com/ Frame 34EB
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersyn...
  • https://usersync.gumgum.com/usersync?b=vnt&i=f82c514e-5f85-44e0-81ab-50542a8356fd
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=f82c514e-5f85-44e0-81ab-50542a8356fd
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=f82c514e-5f85-44e0-81ab-50542a8356fd
Date
Thu, 14 Dec 2023 01:38:28 GMT
Connection
keep-alive
X-CI-RTID
1a7a8a22-cd96-4a0a-9f55-7fa2ee83e7f7
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 34EB 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:28 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 34EB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_97ad36fa-e09b-4e40-9db0-485499020ba1&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
102
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 34EB
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=GJJLjuNJXnfP&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=GJJLjuNJXnfP&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=GJJLjuNJXnfP&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5c6449b65-r7wcs
expires
-1
usersync
usersync.gumgum.com/ Frame 34EB
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0
  • https://usersync.gumgum.com/usersync?b=sad&i=6713612673972781815
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=6713612673972781815
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=6713612673972781815
date
Thu, 14 Dec 2023 01:38:27 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame AF78
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0
  • https://rtb.gumgum.com/usersync?b=adf&i=4940570022738590713&gdpr=0&gdpr_consent=0
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=4940570022738590713&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.240.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-240-80.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=4940570022738590713&gdpr=0&gdpr_consent=0
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame DCF0 		170 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85N2FkMzZmYS1lMDliLTRlNDAtOWRiMC00ODU0OTkwMjBiYTE=&gdpr=0&gdpr_consent=0&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8F73 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=46423
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 14 Dec 2023 14:32:11 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame E21C 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Thu, 14 Dec 2023 01:38:28 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame B174
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZXpclcCo8YQAAPbJVFwAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZXpclcCo8YQAAPbJVFwAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 14 Dec 2023 01:38:29 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 14 Dec 2023 01:38:29 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZXpclcCo8YQAAPbJVFwAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad62.dc4p.scaleout.jp
X-SO-IP
45.141.152.73
X-SO-Key
ZXpclcCo8YQAAPbJVFwAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZXpclcCo8YQAAPbJVFwAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad62"}
X-SO-LB-Hostname
m-tgng32.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad62
usersync
usersync.gumgum.com/ Frame 5622
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=MnHKa4YKBiEV-eg2_qC9ltwXs7k1aWnZNxAQgGs3iPE&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=MnHKa4YKBiEV-eg2_qC9ltwXs7k1aWnZNxAQgGs3iPE&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 14 Dec 2023 01:38:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 14 Dec 2023 01:38:28 GMT Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=MnHKa4YKBiEV-eg2_qC9ltwXs7k1aWnZNxAQgGs3iPE&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame FF7C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Dec 2023 01:38:28 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 14 Dec 2023 01:38:28 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
/
s.0cf.io/ Frame 4EA9 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.0cf.io/
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5799
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
8352ba3f2ae965b2-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 14 Dec 2023 02:08:28 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkAsfwbwPDyHIgt1xg67CMAYv%2BJ90T7eLmxA%2Bkep4vGhip9glt9VQ%2F7h%2Bpno7SYMWt9EXka%2BXZa5hhOC2xDoo3SSpegzmZ2BxTUQOyG%2Fwg38mm0qUxtitI%2BnzXBT4qZDyvYkUjQ0Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
1
sync-eu.connectad.io/syncer/ Frame 18C0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8352ba3f6df191f3-FRA
content-type
text/html; charset=UTF-8
date
Thu, 14 Dec 2023 01:38:28 GMT
server
cloudflare
vary
Accept-Encoding Origin
getuidj
ib.adnxs.com/ Frame 8D0E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ib.adnxs.com/getuidj
  • https://ib.adnxs.com/getuidj
29 B
701 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0a1441f574fecc7072db6a99dfe016500c014f228af1335bc7616eca86f15223
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.0cf.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:28 GMT
an-x-request-uuid
9f101985-d596-46cd-8dd5-a94df6ab86a8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://s.0cf.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.73; 45.141.152.73; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
29
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:28 GMT
an-x-request-uuid
8b5961fc-787a-433d-bf3b-77070315d5e4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://s.0cf.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ib.adnxs.com/getuidj
x-proxy-origin
45.141.152.73; 45.141.152.73; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
s.0cf.io/ Frame 0083
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D76%26uid%3D%24UID
  • https://s.0cf.io/
38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5799
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
8352ba3fbb3e65b2-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 14 Dec 2023 02:08:28 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FByQdU4WNZRUbVWMDi488WOyndbxHKDTOdMXJymXEkIB4Ab4tdU8iRqRnvIDXRg94XG%2FPnTLXJnXXlrU1ioXHSdWsgK8oQXTFaL9neyLyfOdaUXl2nbfky7qJhly%2FHk1HUlFodlog%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 14 Dec 2023 01:38:28 GMT
location
https://s.0cf.io/#ps=true&dbid=435fef186a02014&id=76&uid=4539146590055929270413
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
getuids
prebid-server.rubiconproject.com/ Frame 8D0E 		44 B
348 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/getuids
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b7e13a2884ddad18fd6a29c401b86c380a4a044908218c3e9a54005c6f654cdb

Request headers

Referer
https://s.0cf.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json;charset=utf-8
access-control-allow-origin
https://s.0cf.io
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
70
Expires
0
rid
match.adsrvr.org/track/ Frame 8D0E 		63 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
2d9d1f635958175fe0bc11b7b7695152533696f3cd7fc5d55e65299fcea5f851

Request headers

Referer
https://s.0cf.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 14 Dec 2023 01:38:28 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://s.0cf.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 13 Jan 2024 01:38:28 GMT
connectmyusers.php
cdn.connectad.io/ Frame 9659 		1 KB
706 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2997
alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
8352ba3fadfc91f3-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 14 Dec 2023 01:38:28 GMT
last-modified
Thu, 14 Dec 2023 00:48:31 GMT
server
cloudflare
vary
Accept-Encoding
current
prebid-match.dotomi.com/match/bounce/ Frame A610 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D10%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private, max-age=0, no-store
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
0
pragma
no-cache
server
nginx
prbds2s
rtb.gumgum.com/usync/ Frame 2550 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.240.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-240-80.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ed1bf070e67c6efe7f9fe07c33688c79e3098d61e1242f0239362f2eca52e260

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 14 Dec 2023 01:38:28 GMT
etag
W/"0ef6ee046df7806c5ba4c74ce33a7c2b3"
server
nginx
timing-allow-origin
*
/
s.0cf.io/ Frame 770F
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D74%26uid%3D
  • https://s.0cf.io/
38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5799
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
8352ba3fdb5d65b2-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 14 Dec 2023 02:08:28 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gjuCzRCtJRCiUplnCjQOKAzBAhr%2FXgIhCpYYDFfiCe4G6WlSEcMSFlvjK9I9gPvrKlGeSjGwq57O2U6WULthc0GVfaQfASvIi7ZbD3YIMx4EBl6ZwZid9aUGwqZ1W820CE2Lrmkjw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8352ba3fa85d1957-FRA
content-length
0
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
0
location
https://s.0cf.io/#ps=true&dbid=435fef186a02014&id=74&uid=ZXpclNI1WoWEvN1Ct49KnQAA%265225
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vaAQT6rYbDUkApi3dPM7NA%2Fxb5dZKXAgMtIgynI3foACgcP%2FBGRHULNeYmA%2B7ESZrmUVgaXUDikXU6893FTAY%2FDjQJk42iWGerppnAg7y7mHH2aMGua6kgAM8iWQ9CaAJ0TkOHub"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
prebid
rtb.openx.net/sync/ Frame 682A 		43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D19%26uid%3D%24%7BUID%7D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 14 Dec 2023 01:38:28 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
via
1.1 google
pixel
ap.lijit.com/ Frame 2B86 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D25%26uid%3D%24UID
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Thu, 14 Dec 2023 01:38:28 GMT
X-Sovrn-Pod
ad_ap4ams1
us.gif
sync.go.sonobi.com/ Frame 7100 		49 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D26%26uid%3D%5BUID%5D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, private
content-length
49
content-type
image/gif
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma
no-cache
server
sonobi-go
tcn
Choice
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-114
x-xss-protection
0
/
s.0cf.io/ Frame 34B9
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D22%26uid%3D%5BRX_UUID%5D
  • https://ad.turn.com/r/cs?pid=45&rndcb=7661921972
  • https://sync.1rx.io/usersync/turn/3442610163687900668?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-b5dcbb40-44b5-48b8-a207-0db1bfb5f5cb-003?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D22%26uid%3DRX-b5dcbb40-44b5-48b8...
  • https://s.0cf.io/
38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5799
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
8352ba40ec5765b2-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 14 Dec 2023 02:08:28 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LWb3WgvO%2FYqwXKSLutnvvcCzC8DkQ6%2B1Zlo1A%2B3xHDvsbINIvUISxC0xqckGdm1RIRfc2yvpmdD7uBGLDO%2BiDXdHxyWmxYfqo20AaZOVCixyl65su%2FEXVyxN0tPRGrEue8mH3dWDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
etag
RXb5dcbb4044b548b8a2070db1bfb5f5cb003
location
https://s.0cf.io/#ps=true&dbid=435fef186a02014&id=22&uid=RX-b5dcbb40-44b5-48b8-a207-0db1bfb5f5cb-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
occ
ups.analytics.yahoo.com/ups/58448/ Frame 7FAD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58448/occ?uid=435fef186a0201477%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Thu, 14 Dec 2023 01:38:28 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.94
strict-transport-security
max-age=31536000
/
s.0cf.io/ Frame 7F3A
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D81%26uid%3D
  • https://s.0cf.io/
38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5799
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
8352ba3fdb5765b2-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 14 Dec 2023 02:08:28 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CIC%2FA%2BUv%2BiyCBFAgFq5J%2FU%2FCdZ2XvKnoyA5sSO11tJO4wBiVXEWM3anCr%2BquOdV3hby4EI8oUq%2FBjHneIgP0rVJ2iJhpSf8HDxcSHLXOFJ5cS9FBM1vBMwq89SPIW%2B4%2BkSgiyX9JEw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

cache-control
max-age=0, private, must-revalidate
content-length
0
date
Thu, 14 Dec 2023 01:38:27 GMT
location
https://s.0cf.io/#ps=true&dbid=435fef186a02014&id=81&uid=?gdpr=0&gdpr_consent=0
server
envoy
x-envoy-upstream-service-time
0
/
onetag-sys.com/usync/ Frame 35F0 		0
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
content-length
0
strict-transport-security
max-age=15552000
getsync
ads.servenobid.com/ Frame 8D0E 		9 B
290 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=0&us_privacy=0&format=json
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.137.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-137-246.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
72d427b7264997760074a94dcc1c9e54ae2c33b05276bfb3cfcd0f5d2d8bba3a

Request headers

Referer
https://s.0cf.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 14 Dec 2023 01:38:28 GMT
amp-access-control-allow-source-origin
*
content-type
text/plain;charset=ISO-8859-1
access-control-allow-origin
https://s.0cf.io
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
9
/
ssc-cms.33across.com/ps/ Frame 21B6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D1%26uid%3D33XUSERID33X
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP019 /
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 14 Dec 2023 01:38:28 GMT
server
33XP019
x-33x-status
2000208
ImgSync
image8.pubmatic.com/AdServer/ Frame B46A 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Thu, 14 Dec 2023 01:38:27 GMT
/
s.0cf.io/ Frame 45AC
Redirect Chain
  • https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D21%26uid%3D%25%25VGUID%25%25
  • https://s.0cf.io/
38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5799
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
8352ba3fdb5865b2-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 14 Dec 2023 02:08:28 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbW9CVywI5cVuqGUNiUcL9uFe%2Ba4iH0%2BNPQu3xdJoUCIvFvMNKf%2BRY1qjcqDF59PDdBGoxsqZ1p11Cu%2Fg%2BgOBMn%2FuMQFYoA%2BuQX%2FKmpkli3mFlAgBlzUjAhonjkDOf7MioFrJ5vjkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
de-DE
cw-server
bh-deployment-5c6449b65-r7wcs
expires
-1
location
https://s.0cf.io/#ps=true&dbid=435fef186a02014&id=21&uid=iUlzGz2Si0lu&ev=1&pid=561205
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
v1
match.sharethrough.com/universal/ Frame 3C5B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=Uj448boa
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.247.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-247-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 14 Dec 2023 01:38:28 GMT
/
s.0cf.io/ Frame 83DA
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D82%26uid%3D%5Bssb_s...
  • https://s.0cf.io/
38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5799
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
8352ba3fdb5665b2-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 14 Dec 2023 02:08:28 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MAF7y4ppV1I%2FWY4yxUz%2BMG52I3%2FLsL%2B4P9F%2B4Pqyo7452h7bIHdE444pasEqJTwvr1dXOVy3%2BSjFNLkirgoxG90ah48dIsWS8%2BIKWC9HvtLV3GBI3In5JCGsx80FHbTG3s6k2RnXyg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

content-length
0
date
Thu, 14 Dec 2023 01:38:28 GMT
location
https://s.0cf.io/#ps=true&dbid=435fef186a02014&id=82&uid=3624484212560970283
/
s.0cf.io/ps/ Frame 755B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=datablocks_inc&google_hm=435fef186a02014&dbid=435fef186a02014
  • https://s.0cf.io/ps/?dbid=435fef186a02014
2 B
486 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.0cf.io/ps/?dbid=435fef186a02014
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d74beec1be996322ad76813bafb92d40839895d6dd7ee808b17ca201eac98be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
8352ba3fdb5c65b2-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:29 GMT
expires
Thu, 14 Dec 2023 02:08:29 GMT
last-modified
Mon, 04 Oct 2021 18:28:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xs3tayUKcQ5UYkMN7w7Jpn2ABdQ1jIe82MjWLcPfbTSVIvh60ffNVusxE05Vp%2F7JR8KMMH3yaG8ZuBPjOzmwnrKxe3ftZQWZPjuGHWp1R0gAMhc53Ct5fzLhvKGP%2FpTvm7qswXu1vw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
315
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://s.0cf.io/ps/?dbid=435fef186a02014#ps=true&id=666&uid=CAESEGCOmfShU8MuU-TGmgD4NwE&cver=1&error=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
/
s.0cf.io/ Frame F282
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D61%26uid%3D%5BMM_UUID%5D
  • https://s.0cf.io/
38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5799
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
8352ba3fdb5a65b2-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 14 Dec 2023 02:08:28 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBV7jApbpagRF4JkK%2FGi4PibcsqqiLpFoRPVgmiss7N%2FVJqGDCAbrbhdUJ3qi9W0z8GHdLmDhWHnbnzj7Wgdy%2BruUecGnFpGnuCqpZSbNVRN5kSNCyP3kuaVZJwd4t3sASLn5zNb%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 14 Dec 2023 01:38:28 GMT
Expires
Thu, 14 Dec 2023 01:38:27 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1143 599e619 master cdg cdg-pixel-x29 config_version:"197"
location
https://s.0cf.io/#ps=true&dbid=435fef186a02014&id=61&uid=e5b6657a-5c94-4c00-84e0-27dfd1a720dc&gdpr=0&gdpr_consent=0
/
s.0cf.io/ Frame 0AA7
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D...
  • https://s.0cf.io/
38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5800
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
8352ba437ddf65b2-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:29 GMT
expires
Thu, 14 Dec 2023 02:08:29 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6X1KtbX1aUK%2BM6OC8e%2BqB6wJnvpY4txqRFHJ4%2B9zNf7H8hdXbW7idxfgIdCam0JD7QZWX%2F6ayoucOFs1v9W6KpYqy0bEyX9oDmQtXJSnJW9w66L9zG82DMTBNrG6haZD2Aras8zJA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Thu, 14 Dec 2023 01:38:29 GMT
expires
Thu, 14 Dec 2023 01:38:29 GMT
location
https://s.0cf.io/#ps=true&dbid=435fef186a02014&id=88&uid=0000EEA
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
PugMaster
image6.pubmatic.com/AdServer/ Frame 8F73 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=85793217&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:28 GMT
content-length
0
/
ssc-cms.33across.com/ps/ Frame DCEE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP010 /
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 14 Dec 2023 01:38:27 GMT
server
33XP010
x-33x-status
2000208
setuid
cookies.nextmillmedia.com/ Frame 10CC
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D%26gdp...
  • https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=&gpp_sid=%7B%7B.GPPSID%7D%7D&gpp=%7B%7B.GPP%7D%7D
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=&gpp_sid=%7B%7B.GPPSID%7D%7D&gpp=%7B%7B.GPP%7D%7D
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.133.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-133-130.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 14 Dec 2023 01:38:28 GMT
server
fasthttp

Redirect headers

cache-control
max-age=0, private, must-revalidate
content-length
0
date
Thu, 14 Dec 2023 01:38:27 GMT
location
https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=&gpp_sid=%7B%7B.GPPSID%7D%7D&gpp=%7B%7B.GPP%7D%7D
server
envoy
x-envoy-upstream-service-time
0
setuid
pbs.nextmillmedia.com/ Frame 0FB3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dappnexus%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
  • https://cookies.nextmillmedia.com/setuid?bidder=appnexus&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=8174363493500510630
  • https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=8174363493500510630
86 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=8174363493500510630
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.117.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-117-179.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Thu, 14 Dec 2023 01:38:28 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=8174363493500510630
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame 9E96
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dgrid%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_conse...
  • https://cookies.nextmillmedia.com/setuid?bidder=grid&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=b729c95f-e0ea-43d0-87f4-4fde90f93fce
  • https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=b729c95f-e0ea-43d0-87f4-4fde90f93fce
86 B
413 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=b729c95f-e0ea-43d0-87f4-4fde90f93fce
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.117.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-117-179.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Thu, 14 Dec 2023 01:38:28 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=b729c95f-e0ea-43d0-87f4-4fde90f93fce
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame E0DB
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gppsid={{.GPPSID}}&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26g...
  • https://cookies.nextmillmedia.com/setuid?gpp=%7B%7B.GPP%7D%7D&bidder=ix&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=ZXpclNI1WoWEvN1Ct49KnQAA%265225
  • https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZXpclNI1WoWEvN1Ct49KnQAA&5225
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZXpclNI1WoWEvN1Ct49KnQAA&5225
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.117.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-117-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Thu, 14 Dec 2023 01:38:28 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZXpclNI1WoWEvN1Ct49KnQAA&5225
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame D7D5
Redirect Chain
  • https://csync.loopme.me/?pubid=11364&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%...
  • https://cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=bfaec979-4f77-4829-bdde-657d977682e8&gdpr_consent=null&gdpr=null
  • https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=bfaec979-4f77-4829-bdde-657d977682e8
86 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=bfaec979-4f77-4829-bdde-657d977682e8
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.117.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-117-179.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Thu, 14 Dec 2023 01:38:28 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=bfaec979-4f77-4829-bdde-657d977682e8
server
fasthttp
prebid
rtb.openx.net/sync/ Frame FE25 		43 B
58 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUID%7D
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 14 Dec 2023 01:38:28 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
via
1.1 google
ImgSync
image8.pubmatic.com/AdServer/ Frame F06C 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=157577&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%23PMUID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Thu, 14 Dec 2023 01:38:27 GMT
usync.html
eus.rubiconproject.com/ Frame 1AAB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17888&endpoint=us-east&nmuid=
  • https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Dec 2023 01:38:28 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 14 Dec 2023 01:38:28 GMT
location
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
server
AkamaiGHost
pixel
ap.lijit.com/ Frame 05BA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dsovrn%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Thu, 14 Dec 2023 01:38:28 GMT
X-Sovrn-Pod
ad_ap4ams1
getuid
eb2.3lift.com/ Frame 4468 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Thu, 14 Dec 2023 01:38:28 GMT
pbsync
ads.yieldmo.com/ Frame 03B6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dyieldmo%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.154.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-154-78.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 14 Dec 2023 01:38:28 GMT
usersync
usersync.gumgum.com/ Frame 2550
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=8174363493500510630
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=8174363493500510630
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:28 GMT
an-x-request-uuid
126be2e5-ffb7-4d21-b2bf-7bda817f7445
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=8174363493500510630
x-proxy-origin
45.141.152.73; 45.141.152.73; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 2550
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_97ad36fa-e09b-4e40-9db0-485499020ba1&gdpr=0&gdpr_consent=0&us_privacy=
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=b729c95f-e0ea-43d0-87f4-4fde90f93fce&gdpr=0&gdpr_consent=0&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=0&user_group=0&user_id=&ssp=gumgum2&bsw_param=b729c95f-e0ea-43d0-87f4-4fde90f93fce
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=0&user_group=0&user_id=&ssp=gumgum2&bsw_param=b729c95f-e0ea-43d0-87f4-4fde90f93fce
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
H2
Server
3.122.48.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-48-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=0&user_group=0&user_id=&ssp=gumgum2&bsw_param=b729c95f-e0ea-43d0-87f4-4fde90f93fce
date
Thu, 14 Dec 2023 01:38:28 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 2550
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=0&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=88680b6f-5b9b-44cc-81dc-69623d2418b5&gdpr=0&gdpr_consent=0
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=88680b6f-5b9b-44cc-81dc-69623d2418b5&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 14 Dec 2023 01:38:28 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=88680b6f-5b9b-44cc-81dc-69623d2418b5&gdpr=0&gdpr_consent=0
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 2550
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0
  • https://usersync.gumgum.com/usersync?b=sta&i=0-54cb0e83-20ac-590a-548e-44c5abe7216b$ip$45.141.152.73
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-54cb0e83-20ac-590a-548e-44c5abe7216b$ip$45.141.152.73
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-54cb0e83-20ac-590a-548e-44c5abe7216b$ip$45.141.152.73
Date
Thu, 14 Dec 2023 01:38:28 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 2550 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:7018:7dc3:a4e8:e820 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersync
usersync.gumgum.com/ Frame 2550
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersyn...
  • https://usersync.gumgum.com/usersync?b=vnt&i=605d0555-3e92-4b13-9284-42ef19ab71b2
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=605d0555-3e92-4b13-9284-42ef19ab71b2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=605d0555-3e92-4b13-9284-42ef19ab71b2
Date
Thu, 14 Dec 2023 01:38:28 GMT
Connection
keep-alive
X-CI-RTID
048daa1b-db27-4170-8096-2d9e0499b9ee
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 2550 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:28 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 2550
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_97ad36fa-e09b-4e40-9db0-485499020ba1&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
102
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 2550
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=lFmJ4efAMLpC&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=lFmJ4efAMLpC&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=lFmJ4efAMLpC&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5c6449b65-r7wcs
expires
-1
usersync
usersync.gumgum.com/ Frame 2550
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0
  • https://usersync.gumgum.com/usersync?b=sad&i=3624484212560970283
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=3624484212560970283
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=3624484212560970283
date
Thu, 14 Dec 2023 01:38:28 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame B097
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0
  • https://rtb.gumgum.com/usersync?b=adf&i=5610494100543643409&gdpr=0&gdpr_consent=0
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=5610494100543643409&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.240.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-240-80.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=5610494100543643409&gdpr=0&gdpr_consent=0
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 5E38 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85N2FkMzZmYS1lMDliLTRlNDAtOWRiMC00ODU0OTkwMjBiYTE=&gdpr=0&gdpr_consent=0&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5A9B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=46423
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 14 Dec 2023 14:32:11 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 0369 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Thu, 14 Dec 2023 01:38:28 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 8794
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZXpclcCo8XoAAPDAyS0AAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZXpclcCo8XoAAPDAyS0AAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 14 Dec 2023 01:38:29 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 14 Dec 2023 01:38:29 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZXpclcCo8XoAAPDAyS0AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
80
X-SO-Cluster-ID
0
X-SO-HostName
m-ad169.dc4p.scaleout.jp
X-SO-IP
45.141.152.73
X-SO-Key
ZXpclcCo8XoAAPDAyS0AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZXpclcCo8XoAAPDAyS0AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad169"}
X-SO-LB-Hostname
m-tgng22.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad169
usersync
usersync.gumgum.com/ Frame 733B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=MnHKa4YKBiEV-eg2_qC9ltwXs7k1aWnZNxAQgGs3iPE&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=MnHKa4YKBiEV-eg2_qC9ltwXs7k1aWnZNxAQgGs3iPE&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 14 Dec 2023 01:38:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 14 Dec 2023 01:38:28 GMT Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=MnHKa4YKBiEV-eg2_qC9ltwXs7k1aWnZNxAQgGs3iPE&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 2D6D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Dec 2023 01:38:28 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 14 Dec 2023 01:38:28 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
/
s.0cf.io/ Frame B87D 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.0cf.io/
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5799
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
8352ba3ffb7565b2-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 14 Dec 2023 02:08:28 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRxnaPMnJbrTc3gz7EocPp2UiE0RZfCT%2B0JHwG5ezBkWV0T%2B1%2FaKXBeLbrVHuaULRhJCfp0lmGJXt0wa9tqAla8f8lNwM635si62mayhJ%2BDujl5TF8mXmfDOlT8KZhMGJyh%2Be7%2F3pg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame FF7C 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
68cee8fcee6a3fc55af62b62fe99b9a37ea420036e0b7498a7e8b5650fcba4f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 01:38:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Dec 2023 14:29:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46253
Connection
keep-alive
Content-Length
13232
Expires
Thu, 14 Dec 2023 14:29:21 GMT
usync.js
eus.rubiconproject.com/ Frame 1AAB 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
68cee8fcee6a3fc55af62b62fe99b9a37ea420036e0b7498a7e8b5650fcba4f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 01:38:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Dec 2023 14:29:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46253
Connection
keep-alive
Content-Length
13232
Expires
Thu, 14 Dec 2023 14:29:21 GMT
getuidj
ib.adnxs.com/ Frame 7F3A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ib.adnxs.com/getuidj
  • https://ib.adnxs.com/getuidj
29 B
700 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0a1441f574fecc7072db6a99dfe016500c014f228af1335bc7616eca86f15223
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.0cf.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:28 GMT
an-x-request-uuid
3dfdf12f-cd24-4c6e-b3ec-839b76d98ecb
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://s.0cf.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.73; 45.141.152.73; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
29
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:28 GMT
an-x-request-uuid
2c703898-1673-44e1-804f-9109f3b72b34
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://s.0cf.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ib.adnxs.com/getuidj
x-proxy-origin
45.141.152.73; 45.141.152.73; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
eb2.3lift.com/ Frame 8766 		0
0
getuids
prebid-server.rubiconproject.com/ Frame 7F3A 		44 B
348 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/getuids
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b7e13a2884ddad18fd6a29c401b86c380a4a044908218c3e9a54005c6f654cdb

Request headers

Referer
https://s.0cf.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json;charset=utf-8
access-control-allow-origin
https://s.0cf.io
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
70
Expires
0
rid
match.adsrvr.org/track/ Frame 7F3A 		63 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
2d9d1f635958175fe0bc11b7b7695152533696f3cd7fc5d55e65299fcea5f851

Request headers

Referer
https://s.0cf.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 14 Dec 2023 01:38:28 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://s.0cf.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 13 Jan 2024 01:38:28 GMT
connectmyusers.php
cdn.connectad.io/ Frame 6B98 		1 KB
867 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2168
alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
8352ba404b389bca-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 14 Dec 2023 01:38:28 GMT
last-modified
Thu, 14 Dec 2023 01:02:20 GMT
server
cloudflare
vary
Accept-Encoding
current
prebid-match.dotomi.com/match/bounce/ Frame 4CC4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D10%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private, max-age=0, no-store
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
0
pragma
no-cache
server
nginx
prbds2s
rtb.gumgum.com/usync/ Frame EB17 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.240.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-240-80.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ed1bf070e67c6efe7f9fe07c33688c79e3098d61e1242f0239362f2eca52e260

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 14 Dec 2023 01:38:28 GMT
etag
W/"0ef6ee046df7806c5ba4c74ce33a7c2b3"
server
nginx
timing-allow-origin
*
usermatchredir
ssum.casalemedia.com/ Frame 56C0 		0
0
prebid
rtb.openx.net/sync/ Frame E89C 		43 B
58 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D19%26uid%3D%24%7BUID%7D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 14 Dec 2023 01:38:28 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
via
1.1 google
pixel
ap.lijit.com/ Frame 6F60 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D25%26uid%3D%24UID
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Thu, 14 Dec 2023 01:38:28 GMT
X-Sovrn-Pod
ad_ap4ams1
us.gif
sync.go.sonobi.com/ Frame 6209 		49 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D26%26uid%3D%5BUID%5D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, private
content-length
49
content-type
image/gif
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma
no-cache
server
sonobi-go
tcn
Choice
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-114
x-xss-protection
0
RX-b5dcbb40-44b5-48b8-a207-0db1bfb5f5cb-003
sync.targeting.unrulymedia.com/csync/ Frame 4398
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D22%26uid%3D%5BRX_UUID%5D
  • https://ad.turn.com/r/cs?pid=45&rndcb=7143711031
  • https://sync.1rx.io/usersync/turn/2433803847156909564?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-b5dcbb40-44b5-48b8-a207-0db1bfb5f5cb-003?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D22%26uid%3DRX-b5dcbb40-44b5-48b8...
0
0
occ
ups.analytics.yahoo.com/ups/58448/ Frame 0302 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58448/occ?uid=435fef186a0201477%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Thu, 14 Dec 2023 01:38:28 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.94
strict-transport-security
max-age=31536000
0
prebid.a-mo.net/cchain/ Frame 520C 		0
0
/
onetag-sys.com/usync/ Frame D5BA 		0
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
content-length
0
strict-transport-security
max-age=15552000
getsync
ads.servenobid.com/ Frame 7F3A 		9 B
290 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=0&us_privacy=0&format=json
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.137.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-137-246.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
72d427b7264997760074a94dcc1c9e54ae2c33b05276bfb3cfcd0f5d2d8bba3a

Request headers

Referer
https://s.0cf.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 14 Dec 2023 01:38:28 GMT
amp-access-control-allow-source-origin
*
content-type
text/plain;charset=ISO-8859-1
access-control-allow-origin
https://s.0cf.io
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
9
/
ssc-cms.33across.com/ps/ Frame 6A98 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D1%26uid%3D33XUSERID33X
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP011 /
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 14 Dec 2023 01:38:28 GMT
server
33XP011
x-33x-status
2000208
ImgSync
image8.pubmatic.com/AdServer/ Frame 3E1A 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Thu, 14 Dec 2023 01:38:27 GMT
rtset
bh.contextweb.com/ Frame CCAD 		0
0
v1
match.sharethrough.com/universal/ Frame EAD5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=Uj448boa
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.247.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-247-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 14 Dec 2023 01:38:28 GMT
sync
ssbsync-global.smartadserver.com/api/ Frame 4E59 		0
0
/
s.0cf.io/ps/ Frame 800E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=datablocks_inc&google_hm=435fef186a02014&dbid=435fef186a02014
  • https://s.0cf.io/ps/?dbid=435fef186a02014
2 B
494 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.0cf.io/ps/?dbid=435fef186a02014
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d74beec1be996322ad76813bafb92d40839895d6dd7ee808b17ca201eac98be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
8352ba407bcf65b2-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:29 GMT
expires
Thu, 14 Dec 2023 02:08:29 GMT
last-modified
Mon, 04 Oct 2021 18:28:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOw4clMrnOk9Q9w9PA47%2FAtFRh5%2F%2B3GIT9tCuZjU8aD3QiNHjdsZM055o7gcjpOvI7%2FN%2Bq2reeUKAl%2FKKKpmrVMWAPb00QlfTXPvjhWYyVmWXk%2FNN0IiMlDT2zkBDp9nT79hYghNQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
315
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://s.0cf.io/ps/?dbid=435fef186a02014#ps=true&id=666&uid=CAESEGCOmfShU8MuU-TGmgD4NwE&cver=1&error=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
img
sync.mathtag.com/sync/ Frame B6BD 		0
0
cksync.php
hbx.media.net/ Frame D604 		0
0
usync.js
eus.rubiconproject.com/ Frame 2D6D 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
68cee8fcee6a3fc55af62b62fe99b9a37ea420036e0b7498a7e8b5650fcba4f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 01:38:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Dec 2023 14:29:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46253
Connection
keep-alive
Content-Length
13232
Expires
Thu, 14 Dec 2023 14:29:21 GMT
usersync
usersync.gumgum.com/ Frame EB17
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=8174363493500510630
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=8174363493500510630
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 01:38:28 GMT
an-x-request-uuid
19ce7e83-5280-4ac0-b014-a9235378466e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=8174363493500510630
x-proxy-origin
45.141.152.73; 45.141.152.73; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame EB17
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_97ad36fa-e09b-4e40-9db0-485499020ba1&gdpr=0&gdpr_consent=0&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=b729c95f-e0ea-43d0-87f4-4fde90f93fce
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=b729c95f-e0ea-43d0-87f4-4fde90f93fce
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=ed0fadbd-55e0-42d9-a8c6-8c09733b3966&user_group=1&ssp=gumgum2&bsw_param=b729c95f-e0ea-43d0-87f4-4fde90f93fce
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=ed0fadbd-55e0-42d9-a8c6-8c09733b3966&user_group=1&ssp=gumgum2&bsw_param=b729c95f-e0ea-43d0-87f4-4fde90f93fce
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
H2
Server
3.122.48.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-48-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
//x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=ed0fadbd-55e0-42d9-a8c6-8c09733b3966&user_group=1&ssp=gumgum2&bsw_param=b729c95f-e0ea-43d0-87f4-4fde90f93fce
date
Thu, 14 Dec 2023 01:38:29 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame EB17
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=0&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=88680b6f-5b9b-44cc-81dc-69623d2418b5&gdpr=0&gdpr_consent=0
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=88680b6f-5b9b-44cc-81dc-69623d2418b5&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 14 Dec 2023 01:38:28 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=88680b6f-5b9b-44cc-81dc-69623d2418b5&gdpr=0&gdpr_consent=0
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame EB17
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0
  • https://usersync.gumgum.com/usersync?b=sta&i=0-54cb0e83-20ac-590a-548e-44c5abe7216b$ip$45.141.152.73
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-54cb0e83-20ac-590a-548e-44c5abe7216b$ip$45.141.152.73
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-54cb0e83-20ac-590a-548e-44c5abe7216b$ip$45.141.152.73
Date
Thu, 14 Dec 2023 01:38:28 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame EB17 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:7018:7dc3:a4e8:e820 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersync
usersync.gumgum.com/ Frame EB17
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersyn...
  • https://usersync.gumgum.com/usersync?b=vnt&i=6c3a2e6c-cc1e-4ab5-b82b-ea13740e1cc9
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=6c3a2e6c-cc1e-4ab5-b82b-ea13740e1cc9
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=6c3a2e6c-cc1e-4ab5-b82b-ea13740e1cc9
Date
Thu, 14 Dec 2023 01:38:28 GMT
Connection
keep-alive
X-CI-RTID
04df559d-3bbb-44d5-92e7-0a337c2960fa
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame EB17 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:38:28 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame EB17
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_97ad36fa-e09b-4e40-9db0-485499020ba1&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
102
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame EB17
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=ynUskHocFGaR&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=ynUskHocFGaR&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=ynUskHocFGaR&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5c6449b65-r7wcs
expires
-1
usersync
usersync.gumgum.com/ Frame EB17
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0
  • https://usersync.gumgum.com/usersync?b=sad&i=3624484212560970283
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=3624484212560970283
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 14 Dec 2023 01:38:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=3624484212560970283
date
Thu, 14 Dec 2023 01:38:28 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 461E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0
  • https://rtb.gumgum.com/usersync?b=adf&i=5610494100543643409&gdpr=0&gdpr_consent=0
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=5610494100543643409&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.240.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-240-80.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=5610494100543643409&gdpr=0&gdpr_consent=0
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 2B1E 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85N2FkMzZmYS1lMDliLTRlNDAtOWRiMC00ODU0OTkwMjBiYTE=&gdpr=0&gdpr_consent=0&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 318B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=46423
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 14 Dec 2023 14:32:11 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 2635 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Thu, 14 Dec 2023 01:38:28 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 99E8
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZXpclcCo8YMAANVdOhgAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZXpclcCo8YMAANVdOhgAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 14 Dec 2023 01:38:29 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 14 Dec 2023 01:38:29 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZXpclcCo8YMAANVdOhgAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad430.dc4p.scaleout.jp
X-SO-IP
45.141.152.73
X-SO-Key
ZXpclcCo8YMAANVdOhgAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZXpclcCo8YMAANVdOhgAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad430"}
X-SO-LB-Hostname
m-tgng31.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad430
usersync
usersync.gumgum.com/ Frame C97F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=MnHKa4YKBiEV-eg2_qC9ltwXs7k1aWnZNxAQgGs3iPE&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=MnHKa4YKBiEV-eg2_qC9ltwXs7k1aWnZNxAQgGs3iPE&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 14 Dec 2023 01:38:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 14 Dec 2023 01:38:28 GMT Thu, 14 Dec 2023 01:38:28 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=MnHKa4YKBiEV-eg2_qC9ltwXs7k1aWnZNxAQgGs3iPE&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 18E8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Dec 2023 01:38:28 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 14 Dec 2023 01:38:28 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 18E8 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
68cee8fcee6a3fc55af62b62fe99b9a37ea420036e0b7498a7e8b5650fcba4f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 01:38:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Dec 2023 14:29:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46253
Connection
keep-alive
Content-Length
13232
Expires
Thu, 14 Dec 2023 14:29:21 GMT
usync.js
eus.rubiconproject.com/ Frame 1913 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
68cee8fcee6a3fc55af62b62fe99b9a37ea420036e0b7498a7e8b5650fcba4f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 01:38:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Dec 2023 14:29:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46253
Connection
keep-alive
Content-Length
13232
Expires
Thu, 14 Dec 2023 14:29:21 GMT
khaos.json
token.rubiconproject.com/ Frame FF7C 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
khaos.json
token.rubiconproject.com/ Frame 1AAB 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
khaos.json
token.rubiconproject.com/ Frame 2D6D 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
khaos.json
token.rubiconproject.com/ Frame 18E8 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
khaos.json
token.rubiconproject.com/ Frame 1913 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
/
dblksync.dblks.net/dblksync/ Frame F2C0 		20 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dblksync.dblks.net/dblksync/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=312894516-60358448-19313-0&id=435fef186a02014&uid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949a30ed07d2975ead2a00344b822b0c43bab1939fbb37102d3b0811364b2326

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
6899
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8352ba4b9dac360c-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:30 GMT
last-modified
Tue, 14 Nov 2023 18:39:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NN1RoRmeDXm2qnFDvltdEQpp7jhngbboHnt08f3IkGO0Vzu%2BG6VznXoY3D5O2rUvcnOC6iAI52obgMIpAGr70F76zThJlhD1iZ5%2FubQLACTcFiZbxAeDVu%2Fksx%2FyDwkY6ORB9IbR106cjPxwrdq2N68%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
dblksync.dblks.net/dblksync/ Frame DC58 		20 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dblksync.dblks.net/dblksync/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949a30ed07d2975ead2a00344b822b0c43bab1939fbb37102d3b0811364b2326

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
6899
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8352ba4c2e0a360c-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:30 GMT
last-modified
Tue, 14 Nov 2023 18:39:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8jlULWsCCMuMmLkjfijuSGdEIqxf3dn%2BJ97eRNVNrsc%2Bx6xWRC5VleJ7n56LH8sl7tOmle7XkYK486hjWpTfEt%2F3zDGmVa2MOkSrGoNFBCunvAKAe6BbU51yQKYsJ%2FwMjoMWM5liYY8hNjEzXsFFCI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
dblksync.dblks.net/dblksync/ Frame 49F5 		20 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dblksync.dblks.net/dblksync/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949a30ed07d2975ead2a00344b822b0c43bab1939fbb37102d3b0811364b2326

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
1169
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8352ba4cdd8622b0-CDG
content-encoding
br
content-type
text/html
date
Thu, 14 Dec 2023 01:38:30 GMT
last-modified
Tue, 14 Nov 2023 18:39:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4JTnYqTcqPp%2ByjtNqey282TJcgrE3K9jqHoASJ70QW%2BCx%2BiFvPKWB9ayf4ahT%2FC6BURoMz2OzaJybQqCBRbYcN7tpfYY3aNwyl23RmKJTBoVok5sAB1UuAurX1GtMJl2px5c6rrusj%2B5t5O8YQnLU4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.avct.cloud
URL
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D76%26uid%3D%24UID
Domain
ssum.casalemedia.com
URL
https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D74%26uid%3D
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-b5dcbb40-44b5-48b8-a207-0db1bfb5f5cb-003?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D22%26uid%3DRX-b5dcbb40-44b5-48b8-a207-0db1bfb5f5cb-003
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D81%26uid%3D
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D21%26uid%3D%25%25VGUID%25%25
Domain
ssbsync-global.smartadserver.com
URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D82%26uid%3D%5Bssb_sync_pid%5D
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D61%26uid%3D%5BMM_UUID%5D
Domain
hbx.media.net
URL
https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D435fef186a02014%26id%3D88%26uid%3D%3Cvsid%3E

Verdicts & Comments Add Verdict or Comment

239 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| documentPictureInPicture function| getUrlParameter function| chooseSplitTests function| loadScript object| properSpecialOps string| utm_source undefined| fbCode object| __NUXT__ function| tryLoadAssertive function| tryLoadProper object| splitTests object| webpackJsonp object| __core-js_shared__ object| core object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| dataLayer function| gtag object| assertiveQueue object| $nuxt object| scr number| now object| node object| AdGarden object| v_0x5e13 function| v_0x3fb3 object| __vdzworkers__ object| _vdzwgt_ object| ayManagerEnv object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| vdzCmp object| vdzTcf function| a0W function| a0q function| a0d object| googletag object| adsbygoogle object| pbjs object| pbjsl string| aYZcOSkshq object| apstag object| GooglebQhCsO object| ggeac object| google_js_reporting_queue object| _aps boolean| apstagLOADED object| pbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet function| UAParser object| apscustom object| D9v object| D9r object| _qevents object| confiant object| assertive object| lotame_sync_16576 undefined| google_measure_js_timing function| _0x4eb683 function| _typeof function| _createForOfIteratorHelper function| _0x2f05 function| _unsupportedIterableToArray function| _arrayLikeToArray function| IntentIqObject function| _0x33cc function| PartnersWinEvent object| iiq_object_array object| intentIq_974061330 boolean| _assertiveInitialized object| ntv object| _taboola object| OBREvents function| quantserve function| __qc object| ezt object| _qoptions object| PublisherCommonId function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| sas object| apntag object| _ADAGIO object| ID5 object| __id5_instances string| send object| d9PendingXDR object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NWMyNTNhZjg1YmVhNTQ0ZGxvYWRlcl9qcw== string| NWMyNTNhZjg1YmVhNTQ0ZGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| nmmRefreshCounts

63 Cookies

Domain/Path Name / Value
pbs.nextmillmedia.com/openrtb2 Name: nmm-ss-cps-usr
Value: 1
pbs.nextmillmedia.com/openrtb2 Name: nmm-ss-cps-usr-exp
Value: "2023-12-15 01:38:26"
.heroinvesting.com/ Name: _ga_PNTYD12RWN
Value: GS1.1.1702517905.1.0.1702517905.0.0.0
.heroinvesting.com/ Name: _ga
Value: GA1.1.12581626.1702517906
.heroinvesting.com/ Name: _gcl_au
Value: 1.1.505266229.1702517906
.kueezrtb.com/ Name: kuid
Value: 16db141d0deccc07
.flashtalking.com/ Name: _D9J
Value: 253f2d5d22294d46a4f91cfa7e61acf6
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.prebid.a-mo.net/ Name: __amc
Value: 1_1702517906_1702517906
.gumgum.com/ Name: cs
Value: true
.rubiconproject.com/ Name: khaos
Value: LQ4J7C1L-1N-JUBL
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EgG06JIWX/QxGWQ0NNjmqbPd94gXYLevqKvjlL31WaJoVNqBvpB5fc/KJFUjzJ2WXfOnA52p/RS1kgcdj94p/MzRmpg/kbyNawijy0RC4Zd8SKPLRELhl3xpmvllXEtYN4=
.go.sonobi.com/ Name: __uis
Value: aaba8022-8671-456c-9a96-9efe93bf25eb
.go.sonobi.com/ Name: _usd_heroinvesting.com
Value: 03621528-342a-49aa-9fde-02619d82aa92
.go.sonobi.com/ Name: __uin_an
Value: 1399638053100327799
.go.sonobi.com/ Name: __uin_bw
Value: fc1df3ee-e457-4293-9261-6c1995a388f6
.go.sonobi.com/ Name: __uin_rh
Value: 4lmhCDXJcU-Zt4mSNNd6r2kfOUCMs2TTSzlddsf5gdg
.go.sonobi.com/ Name: __uin_td
Value: c0f96db3-be60-4ddf-a122-1953ec3f631d
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB8G
Value: s85114|ZXpcl
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: be079fd61cb1e85b
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0srAwtTQ1NrYwsxTiM9QtjwjSLS8rM7MMzogHAJampdclAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0srAwtTQ1NrYwsxTiM9QtjwjSLS8rM7MMzogHAJampdclAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1slymtobmBkamhuaWBhaG4KAOhcNHkQAAAA
.0cf.io/ Name: _dbid
Value: 435fef186a02014
.3lift.com/ Name: tluid
Value: 4539146590055929270413
.casalemedia.com/ Name: CMID
Value: ZXpclNI1WoWEvN1Ct49KnQAA
.casalemedia.com/ Name: CMPS
Value: 5225
.casalemedia.com/ Name: CMPRO
Value: 5225
.gumgum.com/ Name: vst
Value: e_97ad36fa-e09b-4e40-9db0-485499020ba1
.bidswitch.net/ Name: tuuid
Value: b729c95f-e0ea-43d0-87f4-4fde90f93fce
.bidswitch.net/ Name: c
Value: 1702517908
.bidswitch.net/ Name: tuuid_lu
Value: 1702517908
.adnxs.com/ Name: uuid2
Value: 8174363493500510630
.mathtag.com/ Name: uuid
Value: e5b6657a-5c94-4c00-84e0-27dfd1a720dc
.doubleclick.net/ Name: IDE
Value: AHWqTUmgoVOyOhczNjT4dZYKZIQQvVAANu_-jHLjRV5PNj4PKiLTcBqRvnMuL9qnQNc
.openx.net/ Name: i
Value: acf99046-da09-436d-bc71-b16791532a0e|1702517908
.creativecdn.com/ Name: u
Value: r2OtOop2ogK7KEGc9lRC
.creativecdn.com/ Name: g
Value: r2OtOop2ogK7KEGc9lRC_1702517908389
.creativecdn.com/ Name: ts
Value: 1702517908
.smartadserver.com/ Name: pid
Value: 3624484212560970283
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_788f43c1-e261-4fda-9f29-1657bbc7a615
.ads.pubmatic.com/ Name: KCCH
Value: YES
.adform.net/ Name: C
Value: 1
.csync.loopme.me/ Name: viewer_token
Value: bfaec979-4f77-4829-bdde-657d977682e8
.adform.net/ Name: uid
Value: 5610494100543643409
.turn.com/ Name: uid
Value: 2433803847156909564
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b5dcbb40-44b5-48b8-a207-0db1bfb5f5cb-003%22%7D
cookies.nextmillmedia.com/ Name: syncedBidders
Value: {"loopme":1}
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b5dcbb40-44b5-48b8-a207-0db1bfb5f5cb-003%22%7D
pbs.nextmillmedia.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJsb29wbWUiOnsidWlkIjoiYmZhZWM5NzktNGY3Ny00ODI5LWJkZGUtNjU3ZDk3NzY4MmU4IiwiZXhwaXJlcyI6IjIwMjMtMTItMjhUMDE6Mzg6MjguNjU4ODUzMDQ5WiJ9fX0=
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-54cb0e83-20ac-590a-548e-44c5abe7216b.%2FSvY4q8feJPfVF06byAhHq2TV4apA4xJw50oA98dChg
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-54cb0e83-20ac-590a-548e-44c5abe7216b.%2FSvY4q8feJPfVF06byAhHq2TV4apA4xJw50oA98dChg
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AVMsOgyCsWQpUjkTFq-chay2NmEk.7En7dnNIjZrnNsMBzHhwWiIlTCsJbhgJUf7%2BMPwFn8A
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AVMsOgyCsWQpUjkTFq-chay2NmEk.7En7dnNIjZrnNsMBzHhwWiIlTCsJbhgJUf7%2BMPwFn8A
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIKI2ZiLnEicP7zgVCpCFBk31l6UUG2_yjbJLzfnMbNZ5EHwYBCCUuemrBjABOgQ8w7t9QgR_ejU1.R0IxNOsIr7wEpe44duNewXPOZ35KCFPtFqhfAz1Fdbo
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIKI2ZiLnEicP7zgVCpCFBk31l6UUG2_yjbJLzfnMbNZ5EHwYBCCUuemrBjABOgQ8w7t9QgR_ejU1.R0IxNOsIr7wEpe44duNewXPOZ35KCFPtFqhfAz1Fdbo
.ipredictive.com/ Name: cu
Value: 6c3a2e6c-cc1e-4ab5-b82b-ea13740e1cc9|1702517908808
pool.admedo.com/ Name: tuuid
Value: ed0fadbd-55e0-42d9-a8c6-8c09733b3966
pool.admedo.com/ Name: c
Value: 1702517908
pool.admedo.com/ Name: tuuid_lu
Value: 1702517909
.dblks.net/ Name: dblksync
Value: {%220%22:%228174363493500510630%22%2C%2270%22:%22LQ4J7C1L-1N-JUBL%22%2C%221000%22:%22435fef186a02014%22}
.dblks.net/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI4MTc0MzYzNDkzNTAwNTEwNjMwIiwiZXhwaXJlcyI6IjIwMzAtMDktMTlUMTU6MTc6MzQuMjI5OTE4MDgtMDQ6MDAifX19

27 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
javascript warning URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://vrl9rgsahh7mx6ndn.ay.delivery/forest/vRL9rGsaHH7Mx6NDN/js/bid/forest.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://vrl9rgsahh7mx6ndn.ay.delivery/floorPrice/vRL9rGsaHH7Mx6NDN/js/floorPrice/linreg.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://heroinvesting.com').
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://heroinvesting.com').
network error URL: https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://heroinvesting.com').
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://heroinvesting.com').
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://heroinvesting.com').
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://heroinvesting.com').
network error URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://heroinvesting.com').
network error URL: https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://heroinvesting.com').
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://heroinvesting.com').
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://heroinvesting.com').
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://heroinvesting.com').
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://heroinvesting.com').
network error URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://heroinvesting.com').
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://heroinvesting.com').
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://heroinvesting.com').
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://heroinvesting.com').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
aax.amazon-adsystem.com
ad.turn.com
adgarden.market
ads.avct.cloud
ads.pubmatic.com
ads.servenobid.com
ads.yieldmo.com
ap.lijit.com
apex.go.sonobi.com
api.assertcom.de
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bid.contextweb.com
brightcombid.marphezis.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
cdn.confiant-integrations.net
cdn.connectad.io
cdn.heroinvesting.com
cdn.id5-sync.com
cm.g.doubleclick.net
colossusssp.com
config.aps.amazon-adsystem.com
contextual.media.net
cookies.nextmillmedia.com
cpm.qortex.ai
creativecdn.com
csync.loopme.me
d9.flashtalking.com
dblksync.dblks.net
eb2.3lift.com
eus.rubiconproject.com
exchange.kueezrtb.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g2.gumgum.com
googleads.g.doubleclick.net
grid.bidswitch.net
gtrack.kueezrtb.com
gum.criteo.com
hb.minutemedia-prebid.com
hb.yellowblue.io
hbx.media.net
heroinvesting.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image6.pubmatic.com
image8.pubmatic.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
mp.4dex.io
onetag-sys.com
p.rfihub.com
pbs.nextmillmedia.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.cootlogix.com
prebid.dblks.net
prebid.media.net
prg.smartadserver.com
region1.google-analytics.com
report2.hb.brainlyads.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.0cf.io
s.seedtag.com
scontent.xx.fbcdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssum.casalemedia.com
static.kueezrtb.com
static.vidazoo.com
static.xx.fbcdn.net
sync-eu.connectad.io
sync.1rx.io
sync.colossusssp.com
sync.cootlogix.com
sync.go.sonobi.com
sync.ipredictive.com
sync.kueezrtb.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
targeting.unrulymedia.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
track.kueezrtb.com
u.ipw.metadsp.co.uk
u.kueezrtb.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
vrl9rgsahh7mx6ndn.ay.delivery
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
ads.avct.cloud
bh.contextweb.com
eb2.3lift.com
hbx.media.net
prebid.a-mo.net
ssbsync-global.smartadserver.com
ssum.casalemedia.com
sync.mathtag.com
sync.targeting.unrulymedia.com
104.18.36.155
104.64.126.246
108.138.36.117
108.138.36.46
108.138.37.209
124.146.153.169
13.248.245.213
141.95.33.120
143.198.173.135
145.40.97.66
157.245.86.108
172.217.16.194
172.240.155.100
172.64.149.180
172.64.151.101
178.128.135.204
18.173.191.32
18.198.247.190
184.30.16.195
184.30.211.26
185.184.8.90
185.29.134.248
185.64.190.78
185.86.139.58
193.0.160.131
198.47.127.18
199.212.255.178
2.18.160.23
2.19.216.27
2.19.217.101
2.19.217.60
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
207.148.17.110
208.93.169.131
209.192.253.60
216.52.2.86
23.22.117.179
2600:9000:20c3:9e00:6:44e3:f8c0:93a1
2600:9000:223f:e00:3:6d3c:dac0:93a1
2600:9000:2251:5800:6:1c12:bd80:93a1
2600:9000:2251:9e00:6:1c12:bd80:93a1
2602:803:c003:200::43
2606:4700:10::6816:3556
2606:4700:10::ac43:15e8
2606:4700:10::ac43:8ae
2606:4700:20::681a:9a9
2606:4700:3036::ac43:9447
2606:4700:4400::ac40:90a6
2606:4700:4400::ac40:994e
2606:4700::6812:651
2606:4700:e2::ac40:8a0c
2606:4700:e6::ac40:c60b
2607:f350:3:2569:0:10:0:c
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:803::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:829::2002
2a00:1450:4001:831::200a
2a02:2638:3::c
2a02:fa8:8806:12::1400
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:d29:3601:7018:7dc3:a4e8:e820
2a06:98c1:3121::3
3.122.48.206
3.126.222.73
3.248.28.20
3.33.220.150
3.69.209.105
3.75.62.37
34.120.63.153
34.149.20.76
34.149.50.64
34.247.205.196
34.248.85.3
34.249.137.246
34.255.154.78
35.186.253.211
35.210.239.72
35.210.53.219
35.214.243.89
35.244.159.8
35.244.193.51
37.157.3.20
37.252.171.149
44.195.133.130
46.228.174.115
46.228.174.117
50.31.142.191
51.89.9.252
52.213.252.243
52.48.240.80
52.58.170.244
52.86.247.227
54.166.150.36
54.171.197.233
54.84.92.154
67.202.105.24
69.166.1.32
69.173.144.137
69.173.144.139
77.245.57.72
8.18.47.7
81.17.55.171
94.130.203.123
009a6be7dbc551e6f53c525875fed89d7da48c41e5f1a123c38d91e4e4a9b846
01e9f55f0e69b2e9c0fb373c6e96fafb3e4c83dcdc71fdaff229612c381ec68c
02b6a4cea9e3cb9cae8bc6e8823137f630bc4bba3034e991aad496a143f9607e
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07122ce61daf21bf874662912424803780ab5653d793ccdcb943ac502016b320
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0a1441f574fecc7072db6a99dfe016500c014f228af1335bc7616eca86f15223
0a7ee71c2346a4eb86ecb4ec21dbf46b623fa65c4cde95b0e8a3e201e155fb10
0a8962b0bb1b97d791d1c4f031adbda78917d572becb7e382ee73841adae192f
0adf3c9350c649d2b7218be2bf95e0d362cfd57f73ddf4373f252fcebe4cb0a5
0b1f978922b7cefed8ac48debfbf7443b859425a36a3df23ed8b7620fd9963fa
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0dbe11130009b028ada6960f7e69e3d1c24cdd4a4294af0a9778339f1be6ae
0c945aa0bb5ba5a939754f316628f652efd88279fdba1fda70102f12984e7c9f
0d14962f14c491324c8c92c5733b2937ef365dc76f583e9306aee24afd3cdcb8
0de5d56039ab501a4791d2db4f049e3ff363f97b64e9f4d7e5d4eb92ec058588
0e0cfbf250eb7c8c24b89079c123d38d6b30724a230c2a8f24d975a86e62fde7
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0e9bc90553426ee05176b51669d1158118047057a21b7210e2b3949867552607
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fbee40d848d6df79b375ca87bdb53f4e97bfb3c6dc2a1d03cb8fd74a395eca4
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
10e85cad8aa79f58268db0ff78f64523fd0bdf5a4e2d8286a49f115f8a86a4cf
10eeaeb69b1492d330ee1c84a643247c3911e0863c9875df5c9e88f8a3a12d21
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
15de52b25d63b3e1297b6a3b6f39d5113cc43bb2c83032edbb78e4bf963e81f6
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
21598c86f88f5ded6552fd74b2f623a98df70ed6635baf1035f6e9e9b2e73df9
21ab500bcb9567d957868c369e32d24e3de5c9d0077037a528b0e43ade895d59
2506212509b1d340b5330bbc500c0226469fd51e2c9fd182facff7b6ae64da24
25581311dd8d50e3059dab384f4c34c4ab6c3cf50ad6f56af4a85e07321c169c
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
2863b52bbc74d053b6415278249cb4258747dd6f355f6ba30739b1f84e76861a
288d1aff6b40d91889a5f0efc906a5316d3f732641f32462f2ec4dd854f55981
2b809092933155217e4c079a6ee4f9f222dc7bda019697017a481d825e5c93fc
2c350eb652edc57b4c0c35709ad32046d7940f195ddfa2038a343f8889b3c791
2d9d1f635958175fe0bc11b7b7695152533696f3cd7fc5d55e65299fcea5f851
2e487fb39e7490a9f4a64909ff2874fe4bcea0a157f9b3746b3fe896c67069fc
2ee5b4a88b61a823f3d2a8d95f77460081b9c656e513c346e163f721d936cc5f
2ef080288269a8a8ce80d194eb5c127d75b354ca578ee5864a98168ea8cb0090
2f81a0db72dd60cad903ccf6f4cb0eb23de179c450040731b5a5e90fca85840a
30bbd756bf57f0ab238ae540e25864babf2bc5cae06da6d297ef07e769468c35
36610f138aeb9e753446a1b66543a01475b655c4d5263dee82ebff410964ebf0
3827a6dd36894e2178e76226f61a99f2099896b5d088e2a8db6c405402b4bcbd
3a33349da0a3f6b12ec87ff79fa8b2e505e76e4aff12e9af66090e89638970db
3a7982b8d656ef9ef62a5a8fee8bf2c4aed8e0ffcec8b0a8d43155ffe12b2d5b
3b2c6965aa7376479feba76fe01d46108d6199372d9e36b2e194fff0192ea0c0
3b59be6e38f5b2c2751c62b2b78e261075b0e19d7a192e7058e1b5c1e4b4cd33
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
3bee7ba056f5c932c33bc388aa4e7f9275e1b07d11cd6aae039dd274d2c99594
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42bf6e31193cd649102b8659c55eec10c7e6a89082e6be1dbd8f9903613e5646
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47e0c902d11889abf7a636c8e981d7653995c8b30c22f7d01233275e199c3c81
482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a123bff683144a7ecc232725e55af4c182a03dfa634d5d39f0da05c09d8f633
4a17bf30016786630e6f00ef0689bbaff043fe680fbc0991dfb57aa5cff60ed7
4b70b5ab26a51f7829a43fa74bbb2abc2fab541d5842d7c481274f9aaa239a53
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5f1b14f824baaaad1b124e0612095b690172c222fdc6ded6426f0dc8aac91a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51c349494e8d137a4d9dc882ae293647d5f8bf60b11e5b3014d116a95405399a
535291b89d01e51c8366ca2268b580c203f70e106d5e0dddaaa2fc7d5b2235b1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56939e06ab2cb38895d26a98e53f13e4fa8507be612ac0d2537b7f1c68988087
5bda6629647f72090e2e060d37a82b896e5db4c4f292a27c711713bb4af566ad
5d90313e752d9a70502b59e6a405b2dd9bfe407becd61f1cc44e2a4c988478aa
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67d925b372e6d3c1f16737bc4c3be142c656d3584b16a3db4225ea7206276d26
68cee8fcee6a3fc55af62b62fe99b9a37ea420036e0b7498a7e8b5650fcba4f0
69c45b9cb0396b768d7bf68dbe59a89f7d5905bd6bf47656d7c7ce590707c2e3
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f59dbed256a49b03bcc01c5f11c989bb62af94e19c52c42986fd957e77a19b5
72d427b7264997760074a94dcc1c9e54ae2c33b05276bfb3cfcd0f5d2d8bba3a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
7734ffd5f6910db74d114ad0d7d14022a9529e2d46d40e214894d0dfbc703698
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
78b9d336523480e2595a92c19909379c57fd888fd0febfb8b3d225586ddae779
7a89914ab9b628434f26a5bacd9cabe379846450d4544513c70f2440eb15ee63
7b46c964eee482ba234ba35d88c8272c386719dac81448c7032373dfe6a7c5af
7d5071f3bc15cef5f545a6613f5b241bfd37e60296275735b737312a3b93cd57
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84939ff5fe379c22d98eedb6f371080e36ef6d9f2848e44ae0e257e9e63945a8
8712124400acb4adbdf68dfe256b6c07b1f0a20c43a28d58783001891e9be999
88f455dec0dc17f9cf1ebe9eea22d58287a0015b865d66dc56edeb8f3bd670cb
8a57de42d0833a00a1e8dd86578bc5aa67cb08b7d713e91194fa24ff73dfc67e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d74beec1be996322ad76813bafb92d40839895d6dd7ee808b17ca201eac98be
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fdd3ef0e419019b4ed7077983c7c32074e85493e323033dbadc3dbfddbbcc60
949a30ed07d2975ead2a00344b822b0c43bab1939fbb37102d3b0811364b2326
95c1d3081fab890c2eb613eb4cc48915dd51324249a4b63596dddb11870098a6
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
970bfb4004579c73787d2f2744ce0c8c66d202ffbfd553ce318f458fdcfec5c0
9abdc15a542e768089fb710b4a62a7afe41b6a7b025429c8fc5fc0f8d5010d57
9ad3f7ed94da9ed82d9d55c157f591b8b2d18d277be0a37811714065d9f988c6
9c27e2d1bfac22ddba7f4222553c93d7667c7a694f5bfc53333d7446ddfcd6a6
9ddf06ff4aef8ed10ffc56e31c2e1bdd78a28481a39971a8e11d25cc64cb2b84
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a0046a671aa51cf5e7e32ff8472fb5cedb4ca0b30e1fd5cbbead849cfa241db2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1082fad1c573f075461d23efa791f3f1a0f52d4e8d21c4fa9f99527660052a1
a1aa01f31d4087317f5d4e5ef4ea70a73e38124a45f1553dbe8968ea16068b84
a250a617fd2dd89d950be12d819f28672cca4b7fdcc4160c647fb447c7d4e6af
a2b5f1a74ee0bc02cdf170381f49339efdd6373f6ae5b786921c877653127ba3
a419430671c692bb6feaa153dd70c8cb45d7330af771945627517c69f9178e1d
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a9b5d62445d48f75234b683670ffd3f95f5c7240decae3146a38f0d19abd76dc
a9c37dd205548772c03f6e0d878006fd608c3aebe96eb9ea9ec6363450a1b873
af377810107047cffd1cbb097f000d85002b82817de4f80fcfe5189de0311809
afcad60b0734d52542c2dafbb14debcd1f8d4e9c09833af39b07be5081c8a0d2
b00e095c26a1cf90a20a5f74241458ed7f467d10fe92713efaac6b9e558f5d56
b183decea5d7862cd0a2249dd1cfbfff7b9361506d61c12100b527260508bd3b
b262f4fb303ea90bf8b5fbe0e71792e74ee1a98c9d0a406d5eab0cfa2cd99286
b5e700284424ca0cbe29494aeba247313172c1aea0ebbdf5c2790851ec89010b
b66ff480a50248d84dbee2cd4e63d47b6e809b7a6d8b8bd425b879ef17af4fe2
b76b148cb1d15053d22acf8f650f95c8c9fa1e24c87e70e09657fbf1ae9048ac
b7e13a2884ddad18fd6a29c401b86c380a4a044908218c3e9a54005c6f654cdb
bb0786d9d88c18915a5d7e93480c428e02389ced39ae34793d6cea768f05380a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
bf4aee80fda9289a2513b0a11860587a459ffff6f514377f4144f3b49d131923
c1ef75864a2c2d2ec331f7ce7a5b0005d4f505d603f55fd154316c3a32828621
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3a7d1b2bb387c1f03e7809c00b4594b3f80dc72cc1b664dac82d8d168d9b0f0
c59c29f4f48ecb4bb4bb5ac8544ac47ab9fb06c3ae03f0a5af4b94e50886e4b9
c952f0a89724b34925fb80c26f687cb9c34335e67b55f60ba1b5d0e1c6abcaf9
cb7ea6a539cc6f9a651bde3ca31fefdda677f55ce3a63f82c4b8c3b20e47a77e
cbb470390431a28455afefcded54718a12e0c0acfe31b79e1562f31d94d3cf1f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf23d067f410466c9572ac7c2741239aa5a9c88d1f83a8c05451b177af70a96
cd132dc9cbf1505dc2496fc0a6401fe0b71731536bce145f02911957c1a82747
cd52d9c45a585c7ed813b9ddafdf51d15bef0ee23f12b30350ed61f3b9bacc5b
cda916e31b503b3bd54dc7efc94c844cd3f272847ffdb0bc75d9bc41c7f76ee2
cf16cbb8f22081db4534c964ca53060477b6b59b4d4f25323b1a101ec11cf297
cf203740dc9baffee1d429b0b0f17846eebbcc3437e01026b4617159a5419204
cfc413e9f5965041886ce6cb1abfb6e59c0d6830be8359ce1b6f372f3675099f
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d267587081a80162795b163508030672a025f9b005e16f4a6da90f0013f915b6
d3634a965859828e5adbc3b822c573a18060433683710ad83780eeaf75470670
d57a4fc2310235023d50417a3fb3cf6087155272ea7e7fb36d4804d6bc05dc56
d5915b502e41b30c5615303301c70515cc3a303e7fbc62dbcc1ca078935491d2
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
dc3b896b624e3166ce5175285bfa09e99afc2888caabb96b5f0473f0ca3bb036
dcb0e94d9309114999e91c29c6261aa10511135be61a235bceeaec91a4381ec4
ddc3c129677114da7c0f261ded73146caef312f0c819bc69d7336c9ab24edc66
dedf366251268708e5b04677d175714ed61cd669e16383f4857f2df80647b466
e0625a022bd3b199157833e0338f4eae7eb814ad18da77a4f315851c3e0d2e57
e34c718c58bac46f45e18c7de762f490bf297d010f2b640190346be4651996d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e602d10aeab60c205781599d1dd4e46d615c1938e62f66d5752fb08ad800fa2d
e605414c5d690913c053ec344fd3fd58b19ecd5f111fb05e4e912bc52a77fa66
e6f8e46cf4b8432344e468dc3c4c5ed281e0d58e5125ff9e127ea78f597bc20d
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e92128cb55f443e32d428309f895593cd75dad8303d4e9c9162bfd94aa670011
e9e2185f6126274091e9bc9f2f5093ff6a7a50843a8f95ec1e7a2a51c87725bb
ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485
ed1bf070e67c6efe7f9fe07c33688c79e3098d61e1242f0239362f2eca52e260
edc3addac64118a9081562b7e30b00acb671432d94d39bc4442e54d78d49c209
edeaf3dab33e3317eaf0d3898a230af52f438f8d95fb9a0078f4e4696c8eca34
ee67a5dfcc355e47ce8620f4cd98e99bbc408a7d88530d1f40f5ad4653e0d12f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a272140f39235a8c48f5065d49e3f9a9cef387f8a3a76ef56ea4cd43783376
f2136cad836f6718b547510ddc64eb39360e8ab7ba83b09aace7444b4be3820a
f276072e7a6c8d236837b6bb94ed110bb58715939479dde97a86aae4589cba78
f4e357ce8bcfae0dfa36a5705311291180ea2bc11f8e5b182685383e088b16d3
f922c265455a8ba73559c668901e9eef567a2aef4b3b494f97f775913db38b49
f97b357206c08f2a73432addcaf75b90afb626778d60519bc830d33ca28b626c
f9b01a3da483e7102d50a7a205a0f52f0966cdbbf098aa9d997d2a549fe3fdf6
fcf2d590317ceca4857d61b3de3861dc72cd6b3632daa57ad50fe047bec60614
fe012bb6f0d0ca33816d510728233a15aab78b90eaed314ff1e205960153ac9a
fe4f4f270df95e1b05dc0f682ec6f10ec55644cd1d6cfe07ade1807347020057
ff451152a1b8870a4eea684a88cebe0e7c2da192ef293cf24ca8f7df671fc60c