www.abc-people.com Open in urlscan Pro
82.196.3.110 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.abc-people.com/
Submission: On February 13 via manual (February 13th 2021, 3:21:48 pm UTC) from UA

Summary HTTP 147 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 45 IPs in 7 countries across 48 domains to perform 147 HTTP transactions. The main IP is 82.196.3.110, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is www.abc-people.com.

This is the only time www.abc-people.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	82.196.3.110 82.196.3.110	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	54.228.203.167 54.228.203.167	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700:20:... 2606:4700:20::681a:eee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.143.8.28 37.143.8.28	203226 (IHCRU Int...) (IHCRU Internet-Hosting Ltd)
3	68.183.31.14 68.183.31.14	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	2606:4700:20:... 2606:4700:20::681a:17e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	66.55.83.135 66.55.83.135	32181 (ASN-GIGENET) (ASN-GIGENET)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 9	104.75.88.112 104.75.88.112	16625 (AKAMAI-AS) (AKAMAI-AS)
5	216.230.241.100 216.230.241.100	23394 (PSPINC-BDC) (PSPINC-BDC)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
5 13	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 2	2600:9000:212... 2600:9000:2127:2800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
1	2606:4700:20:... 2606:4700:20::681a:fee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 7	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
1	23.218.209.154 23.218.209.154	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3035::6815:1487	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.36.84 151.101.36.84	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::ac43:4671	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
5	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
1 2	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
2 12	2606:4700:20:... 2606:4700:20::ac43:47f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
14	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	208.100.17.190 208.100.17.190	32748 (STEADFAST) (STEADFAST)
4 16	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a0c:5c81:516... 2a0c:5c81:5160::2	55081 (24SHELLS) (24SHELLS)
2	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
2 4	72.21.206.140 72.21.206.140	16509 (AMAZON-02) (AMAZON-02)
5 5	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
4 8	54.154.164.132 54.154.164.132	16509 (AMAZON-02) (AMAZON-02)
1 1	185.183.112.148 185.183.112.148	60350 (VP) (VP)
2 3	2.20.20.212 2.20.20.212	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	54.74.23.153 54.74.23.153	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
6 6	35.157.13.124 35.157.13.124	16509 (AMAZON-02) (AMAZON-02)
2 2	18.185.0.221 18.185.0.221	16509 (AMAZON-02) (AMAZON-02)
2 4	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
3 3	185.29.135.233 185.29.135.233	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 3	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
6 6	213.19.147.151 213.19.147.151	26120 (RHYTHMONE) (RHYTHMONE)
1 1	54.82.140.85 54.82.140.85	14618 (AMAZON-AES) (AMAZON-AES)
1	63.251.232.170 63.251.232.170	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
147	45

14 82.196.3.110 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: abc-people.tk

www.abc-people.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.203.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-203-167.eu-west-1.compute.amazonaws.com

js.mamydirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:eee (United States)

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.143.8.28 (Russian Federation)

ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU)
PTR: hosted-by.ihc.ru

securemoney.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.183.31.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

served-by.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:17e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.increaserev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.55.83.135 (United States)

ASN32181 (ASN-GIGENET, US)
PTR: 135.83.55.66.hosted.by.thegcloud.com

ad.liveburst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.75.88.112 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.230.241.100 (United States)

ASN23394 (PSPINC-BDC, US)
PTR: clocklink.com

www.clocklink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2127:2800:6:44e3:f8c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:fee (United States)

ASN13335 (CLOUDFLARENET, US)

logs.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.87 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.216 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.209.154 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-154.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3035::6815:1487 (United States)

ASN13335 (CLOUDFLARENET, US)

pastemyimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.36.84 (Amsterdam, Netherlands)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4671 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.240 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::ac43:47f1 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ms.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.251.249.13 (Amsterdam, Netherlands) 4 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.100.17.190 (United States)

ASN32748 (STEADFAST, US)
PTR: ip190.208-100-17.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 23.218.208.246 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0c:5c81:5160::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.21.206.140 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.98 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.154.164.132 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-164-132.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.148 (Paris, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.20.20.212 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-20-20-212.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.74.23.153 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.157.13.124 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.0.221 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.148.27.139 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.135.233 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.0.160.129 (United States) 3 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.19.147.151 (United Kingdom) 6 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.82.140.85 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.232.170 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	casalemedia.com 4 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	18 KB
14	sonobi.com sync.go.sonobi.com	8 KB
14	adnxs.com 3 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	77 KB
14	doubleclick.net 10 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	110 KB
14	abc-people.com 1 redirects www.abc-people.com	168 KB
12	quantumdex.io useast.quantumdex.io Failed sync.quantumdex.io ms.quantumdex.io	6 KB
9	google.com cse.google.com www.google.com clients1.google.com adservice.google.com	172 KB
8	adsrvr.org 4 redirects match.adsrvr.org	3 KB
8	addthis.com 1 redirects s7.addthis.com api-public.addthis.com	193 KB
8	vlitag.com services.vlitag.com tag.vlitag.com assets.vlitag.com logs.vlitag.com	326 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	159 KB
6	bidswitch.net 6 redirects x.bidswitch.net	2 KB
6	pixfuture.com served-by.pixfuture.com cdn.pixfuture.com	433 KB
5	clocklink.com www.clocklink.com	12 KB
4	1rx.io 4 redirects sync.1rx.io	3 KB
4	contextweb.com 2 redirects bh.contextweb.com	2 KB
4	amazon-adsystem.com 2 redirects s.amazon-adsystem.com	2 KB
4	lijit.com 4 redirects ap.lijit.com	2 KB
3	rfihub.com 3 redirects p.rfihub.com	2 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	owneriq.net 2 redirects px.owneriq.net	1 KB
3	pastemyimg.com pastemyimg.com	13 KB
3	yadro.ru 2 redirects counter.yadro.ru	2 KB
3	quantserve.com 1 redirects edge.quantserve.com pixel.quantserve.com	9 KB
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com	1 KB
2	creative-serving.com 2 redirects ads.creative-serving.com	1 KB
2	onetag-sys.com onetag-sys.com	2 KB
2	adtelligent.com s.adtelligent.com	668 B
2	tynt.com ic.tynt.com
2	pinterest.com widgets.pinterest.com	423 B
2	quantcount.com 1 redirects rules.quantcount.com	776 B
2	googleapis.com imasdk.googleapis.com fonts.googleapis.com	112 KB
2	googletagservices.com www.googletagservices.com	47 KB
2	increaserev.com 1 redirects www.increaserev.com	2 KB
1	adgrx.com cm.adgrx.com	408 B
1	advangelists.com 1 redirects nep.advangelists.com	232 B
1	turn.com 1 redirects ad.turn.com	425 B
1	adroll.com 1 redirects d.adroll.com	112 B
1	adotmob.com 1 redirects sync.adotmob.com	682 B
1	gstatic.com fonts.gstatic.com	14 KB
1	google.de adservice.google.de	803 B
1	googleadservices.com partner.googleadservices.com	642 B
1	addthisedge.com v1.addthisedge.com	997 B
1	moatads.com z.moatads.com	1 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	liveburst.com ad.liveburst.com	3 KB
1	securemoney.ru securemoney.ru	102 B
1	mamydirect.com js.mamydirect.com	4 KB
147	48

	Domain	Requested by
14	sync.go.sonobi.com	sync.quantumdex.io sync.go.sonobi.com
14	www.abc-people.com	1 redirects www.abc-people.com
10	dsum-sec.casalemedia.com	2 redirects ssum-sec.casalemedia.com
10	sync.quantumdex.io	assets.vlitag.com sync.quantumdex.io ssum-sec.casalemedia.com
9	cm.g.doubleclick.net	9 redirects
8	match.adsrvr.org	4 redirects ssum-sec.casalemedia.com sync.go.sonobi.com
7	ib.adnxs.com	2 redirects assets.vlitag.com cdn.pixfuture.com
6	x.bidswitch.net	6 redirects
6	ssum-sec.casalemedia.com	2 redirects sync.quantumdex.io ssum-sec.casalemedia.com
5	acdn.adnxs.com	cdn.pixfuture.com assets.vlitag.com
5	www.google.com	cse.google.com www.google.com www.abc-people.com
5	www.clocklink.com	www.abc-people.com www.clocklink.com
5	s7.addthis.com	1 redirects www.abc-people.com s7.addthis.com
5	pagead2.googlesyndication.com	www.abc-people.com pagead2.googlesyndication.com tpc.googlesyndication.com
4	sync.1rx.io	4 redirects
4	bh.contextweb.com	2 redirects sync.go.sonobi.com
4	s.amazon-adsystem.com	2 redirects ssum-sec.casalemedia.com
4	ap.lijit.com	4 redirects
4	assets.vlitag.com	tag.vlitag.com
4	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
3	p.rfihub.com	3 redirects
3	sync.mathtag.com	3 redirects
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
3	cdn.pixfuture.com	served-by.pixfuture.com cdn.pixfuture.com
3	api-public.addthis.com	s7.addthis.com
3	pastemyimg.com	pagead2.googlesyndication.com pastemyimg.com www.abc-people.com
3	counter.yadro.ru	2 redirects www.abc-people.com
3	served-by.pixfuture.com	www.abc-people.com served-by.pixfuture.com
2	sync.targeting.unrulymedia.com	2 redirects
2	ads.creative-serving.com	2 redirects
2	onetag-sys.com	sync.quantumdex.io
2	s.adtelligent.com	sync.quantumdex.io
2	ic.tynt.com	sync.quantumdex.io
2	ms.quantumdex.io	2 redirects
2	secure.adnxs.com	1 redirects
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	pixel.quantserve.com	1 redirects www.abc-people.com
2	widgets.pinterest.com	www.abc-people.com
2	rules.quantcount.com	1 redirects www.abc-people.com
2	www.googletagservices.com	ad.liveburst.com pagead2.googlesyndication.com
2	cse.google.com	www.abc-people.com www.google.com
2	www.increaserev.com	1 redirects www.abc-people.com
2	services.vlitag.com	www.abc-people.com tag.vlitag.com
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	nep.advangelists.com	1 redirects
1	ad.turn.com	1 redirects
1	d.adroll.com	1 redirects
1	sync.adotmob.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.clocklink.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	clients1.google.com	www.abc-people.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	logs.vlitag.com	www.abc-people.com
1	cdn.jsdelivr.net	assets.vlitag.com
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	imasdk.googleapis.com	tag.vlitag.com
1	edge.quantserve.com	ad.liveburst.com
1	tag.vlitag.com	services.vlitag.com
1	ad.liveburst.com	www.abc-people.com
1	securemoney.ru	www.abc-people.com
1	js.mamydirect.com	www.abc-people.com
0	useast.quantumdex.io Failed	assets.vlitag.com
147	66

This site contains links to these domains. Also see Links.

Domain
www.moy-dom.info
liveburst.com
www.liveinternet.ru
www.addthis.com

Subject Issuer	Validity	Valid
securemoney.ru R3	`2021-01-10` - `2021-04-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-26` - `2021-06-26`	a year	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2021-04-07`	3 months	crt.sh
www.clocklink.com GeoTrust EV RSA CA 2018	`2019-03-20` - `2021-04-18`	2 years	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
counter.yadro.ru R3	`2021-01-13` - `2021-04-13`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.pixfuture.com Sectigo RSA Domain Validation Secure Server CA	`2019-12-03` - `2021-12-02`	2 years	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-29` - `2021-04-14`	5 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
s.adtelligent.com R3	`2021-02-06` - `2021-05-07`	3 months	crt.sh
onetag-sys.com R3	`2021-02-10` - `2021-05-11`	3 months	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-09` - `2021-03-23`	6 months	crt.sh

This page contains 25 frames:

Primary Page: http://www.abc-people.com/
Frame ID: FF6E95097F530C952570EA474FF209DE
Requests: 68 HTTP requests in this frame

Frame: https://www.clocklink.com/html5embed.php?clock=047&timezone=BST&color=blue&size=180&Title=&Message=&Target=&From=2019,1,1,0,0,0&Color=blue
Frame ID: A7556136D410F7D5988C66362EBB1BB7
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html
Frame ID: 0AAE9E8018C778065BF66F23F5543A49
Requests: 1 HTTP requests in this frame

Frame: https://pastemyimg.com/ads/banner/300x250.html
Frame ID: D7FB4D8EA8BC0D78ED74832942016ED5
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&gdpr=1&client=ca-pub-2802736710747288&output=html&h=200&slotname=8661484423&adk=2269185406&adf=2861400655&pi=t.ma~as.8661484423&w=1020&fwrn=4&lmt=1607032779&rafmt=11&psa=0&format=1020x200&url=http%3A%2F%2Fwww.abc-people.com%2F&flash=0&wgl=1&dt=1613229690551&bpp=2&bdt=1572&idt=-M&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1331666823205&frm=20&pv=2&ga_vid=1079426066.1613229691&ga_sid=1613229691&ga_hid=1506178631&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=908&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21068495%2C21068769%2C21068893%2C31060031%2C21068785&oid=3&pvsid=2143565219531330&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&fsb=1&xpc=3KNuQSTyUs&p=http%3A//www.abc-people.com&dtd=462
Frame ID: 067696FAC641F71BD3587139C09844CF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&gdpr=1&client=ca-pub-5413329544040947&output=html&adk=1812271804&adf=3025194257&lmt=1607032779&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.abc-people.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1613229690551&bpp=1&bdt=1572&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C1020x200&nras=1&correlator=1331666823205&frm=20&pv=1&ga_vid=1079426066.1613229691&ga_sid=1613229691&ga_hid=1506178631&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21068495%2C21068769%2C21068893%2C31060031%2C21068785&oid=3&pvsid=2143565219531330&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=506
Frame ID: 228EF39EE9A2B76C83B3A9748B9ADFFE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/djax_elastic.js
Frame ID: 8F90C3304ED72E86DD4812D7F58CB121
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 3ECD21FEB46B06C7AC2AEC4B9EBBE74F
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 7EB76A3B65EEB5B2ED3AB13D4F75EAD4
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9C0D28B1D71B82DD2FAEE34B2C054360
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: B2783ECD3DF2B2756481CC9BCCA7CAFA
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FD0DBB9FA1CBDE550DC5B61D7A561501
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B32543908E2EEF92052828C8B57C1E0A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E94C29A6181264DEC92038809BC42638
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: C23A747607F854065227A981B7ECDC4D
Requests: 5 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: D796DEEA246D530B6FA94519B7D3AA65
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Frame ID: 10450B10E68AB89D35EF3730B93B1AC7
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: D39C0BA92542D10884F32CF763DE98A3
Requests: 8 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=590678
Frame ID: 16190F5529B686B222C1CDBA6888A01E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 01250A4D973279DD1E841C94FDEA3F4E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 72D5AFEAD293260E76392142D46864E2
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: CDBBCC0195C2ADD6485A71A9AF12C01E
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Frame ID: 1382042AEF7477B9B14189E5892227C0
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 927F75E49939DA0E5A26FFAD570CB3C3
Requests: 8 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=590678
Frame ID: 92D1EAB881B9F6E25A422F004ADBD7A9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

147
Requests

78 %
HTTPS

38 %
IPv6

48
Domains

66
Subdomains

45
IPs

7
Countries

1885 kB
Transfer

4599 kB
Size

6
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.moy-dom.info/garden/calendar-moon.html
Title: Лунный календарь садовода-огородника

Search URL Search Domain Scan URL

URL: http://liveburst.com/ref/1/
Title: ?

Search URL Search Domain Scan URL

URL: http://liveburst.com/advertise/1946/
Title: | Advertise Here

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://www.abc-people.com/rkt.php?yab=true&key=ff54285f3a61668 HTTP 302
http://www.abc-people.com/phenomenons/spiritism/v-5.htm

Request Chain 11

http://www.increaserev.com/ads/taga/300x250.js HTTP 301
https://www.increaserev.com/ads/taga/300x250.js

Request Chain 16

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 34

http://rules.quantcount.com/rules-p-QAjpCznqPvtcy.js HTTP 301
https://rules.quantcount.com/rules-p-QAjpCznqPvtcy.js

Request Chain 46

http://counter.yadro.ru/hit?t45.1;r;s1600*1200*24;uhttp%3A//www.abc-people.com/;i%u0416%u0436%u0411%u0438%u043E%u0433%u0440%u0430%u0444%u0438%u0438%2C%20%u0433%u0430%u043B%u0435%u0440%u0435%u0438%2C%20%u0442%u0432%u043E%u0440%u0447%u0435%u0441%u0442%u0432%u043E%2C%20%u043A%u0430%u0440%u0442%u0438%u043D%u044B%2C%20%u0441%u043E%u0447%u0438%u043D%u0435%u043D%u0438%u044F%2C%20%u0438%u0437%u043E%u0431%u0440%u0435%u0442%u0435%u043D%u0438%u044F%2C%20%u043A%u0430%u043B%u0435%u043D%u0434%u0430%u0440%u0438.%20%u042D%u043D%u0446%u0438;0.6940846108730794 HTTP 302
https://counter.yadro.ru/hit?t45.1;r;s1600*1200*24;uhttp%3A//www.abc-people.com/;i%u0416%u0436%u0411%u0438%u043E%u0433%u0440%u0430%u0444%u0438%u0438%2C%20%u0433%u0430%u043B%u0435%u0440%u0435%u0438%2C%20%u0442%u0432%u043E%u0440%u0447%u0435%u0441%u0442%u0432%u043E%2C%20%u043A%u0430%u0440%u0442%u0438%u043D%u044B%2C%20%u0441%u043E%u0447%u0438%u043D%u0435%u043D%u0438%u044F%2C%20%u0438%u0437%u043E%u0431%u0440%u0435%u0442%u0435%u043D%u0438%u044F%2C%20%u043A%u0430%u043B%u0435%u043D%u0434%u0430%u0440%u0438.%20%u042D%u043D%u0446%u0438;0.6940846108730794 HTTP 302
https://counter.yadro.ru/hit?q;t45.1;r;s1600*1200*24;uhttp%3A//www.abc-people.com/;i%u0416%u0436%u0411%u0438%u043E%u0433%u0440%u0430%u0444%u0438%u0438%2C%20%u0433%u0430%u043B%u0435%u0440%u0435%u0438%2C%20%u0442%u0432%u043E%u0440%u0447%u0435%u0441%u0442%u0432%u043E%2C%20%u043A%u0430%u0440%u0442%u0438%u043D%u044B%2C%20%u0441%u043E%u0447%u0438%u043D%u0435%u043D%u0438%u044F%2C%20%u0438%u0437%u043E%u0431%u0440%u0435%u0442%u0435%u043D%u0438%u044F%2C%20%u043A%u0430%u043B%u0435%u043D%u0434%u0430%u0440%u0438.%20%u042D%u043D%u0446%u0438;0.6940846108730794

Request Chain 57

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&gdpr=1&client=ca-pub-5413329544040947&output=html&h=250&slotname=TagA_300x250&adk=3229506570&adf=2028714983&pi=t.ma~as.TagA_300x250&w=300&fwrn=4&fwrnh=100&lmt=1607032779&rafmt=12&psa=0&format=300x250&url=http%3A%2F%2Fwww.abc-people.com%2F&flash=0&fwr=0&fwrattr=true&rh=250&rw=300&sfro=1&wgl=1&dt=1613229690551&bpp=11&bdt=1572&idt=-M&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1331666823205&frm=20&pv=2&ga_vid=1079426066.1613229691&ga_sid=1613229691&ga_hid=1506178631&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=368&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21068495%2C21068769%2C21068893%2C31060031%2C21068785&oid=3&pvsid=2143565219531330&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=qZWvw81eVH&p=http%3A//www.abc-people.com&dtd=454 HTTP 302
https://pastemyimg.com/ads/banner/300x250.html

Request Chain 67

http://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.abc-people.com%2F&callback=window._ate.cbs.rcb_6xdi0 HTTP 307
https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.abc-people.com%2F&callback=window._ate.cbs.rcb_6xdi0

Request Chain 70

http://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.abc-people.com%2F&callback=window._ate.cbs.rcb_2ijm0 HTTP 307
https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.abc-people.com%2F&callback=window._ate.cbs.rcb_2ijm0

Request Chain 78

http://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif HTTP 301
https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Request Chain 90

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load HTTP 307
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Request Chain 97

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=c97e6cf5e82803c526b699ee

Request Chain 98

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5182802465514345908

Request Chain 100

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=628a9747-0ca5-46c7-9cd5-05f472c4c177

Request Chain 102

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

Request Chain 106

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=e9669a40436c4cb7a097b4d5

Request Chain 107

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5182802465514345908

Request Chain 109

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=a8582bc3-dae2-4772-a88e-96cc539a4138

Request Chain 112

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

Request Chain 115

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCfufzMZ4NcJSnwO6KeY8wAABKMAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCfufzMZ4NcJSnwO6KeY8wAABKMAAAAB&dcc=t

Request Chain 116

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YCfufzMZ4NcJSnwO6KeY8wAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJjzfaIj_eh1GZlSOt7FzK8&google_cver=1

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YCfufzMZ4NcJSnwO6KeY8wAABKMAAAAB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEE0T37fJ7WEY6B2Yrjq4pzs&google_cver=1

Request Chain 119

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=05e02203024a72e9d87c4f55&expiration=[EXPIRATION]

Request Chain 120

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6665160951812737977&uid=Q6665160951812737977&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 121

https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

Request Chain 122

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8825653202333740850

Request Chain 124

https://x.bidswitch.net/sync?ssp=sonobi HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=e42dd74b-01ed-42f9-be63-a8395e9623e1 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=e42dd74b-01ed-42f9-be63-a8395e9623e1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=1df49638-e2fe-48ca-98ca-b56d32eb899a&ssp=sonobi&expires=30&user_group=5&bsw_param=e42dd74b-01ed-42f9-be63-a8395e9623e1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e42dd74b-01ed-42f9-be63-a8395e9623e1

Request Chain 126

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=unknown&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=eVMyMFN4ODdQYVRrUWpQeFNfcVJqdw&gdpr=&gdpr_consent= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEE6Kw3x5PQmefAxMClASieI&google_cver=1

Request Chain 127

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=50ea6027-ee7f-4200-bdbd-2d946551f791

Request Chain 128

https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=875739024133653828

Request Chain 129

https://sync.1rx.io/usersync2/sonobi&gdpr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3480721026 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3480721026 HTTP 302
https://sync.1rx.io/usersync/tradedesk/4cc7914b-5d97-4702-8151-040bd0c18775 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-4806f953-7f2f-4638-9d50-c89254823354-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-4806f953-7f2f-4638-9d50-c89254823354-003 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-4806f953-7f2f-4638-9d50-c89254823354-003

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=dW5rbm93bg== HTTP 302
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIWcXIuuHFGsZE-eZRtkr0c&google_cver=1

Request Chain 131

https://x.bidswitch.net/sync?ssp=sonobi HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=e42dd74b-01ed-42f9-be63-a8395e9623e1&google_hm=ZTQyZGQ3NGItMDFlZC00MmY5LWJlNjMtYTgzOTVlOTYyM2Ux HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESELpT6AQ9hysGbGbUkpRlZLE&google_cver=1&ssp=sonobi&bsw_param=e42dd74b-01ed-42f9-be63-a8395e9623e1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e42dd74b-01ed-42f9-be63-a8395e9623e1

Request Chain 133

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=unknown&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=aGU3Nk9URjN4WjhMaHNJQ3ZtZmVEUQ&gdpr=&gdpr_consent= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEE6Kw3x5PQmefAxMClASieI&google_cver=1

Request Chain 134

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=fe9e6027-ee7f-4200-a320-14ecbed73e1c

Request Chain 135

https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871878967421041938

Request Chain 136

https://sync.1rx.io/usersync2/sonobi&gdpr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=614638986 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=614638986 HTTP 302
https://sync.1rx.io/usersync/tradedesk/94de1f55-2986-477d-9f49-102334b36909 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-4806f953-7f2f-4638-9d50-c89254823354-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-4806f953-7f2f-4638-9d50-c89254823354-003 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-4806f953-7f2f-4638-9d50-c89254823354-003

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=dW5rbm93bg== HTTP 302
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEECSNhWi4cqaGijX4jVYlEI&google_cver=1

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YCfuf-puYtxsPV1nkWqtigAABJoAAAIB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEE6uYNZQ3sTPYAWUbV0kvf0&google_cver=1

Request Chain 140

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YCfuf.puYtxsPV1nkWqtigAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED1QQnfVhHmwLEpsBbTFdqI&google_cver=1&google_hm=2

Request Chain 141

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCfuf-puYtxsPV1nkWqtigAABJoAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCfuf-puYtxsPV1nkWqtigAABJoAAAIB&dcc=t

Request Chain 142

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471592494417968

Request Chain 143

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a51f6027-ee7f-4e00-ba5f-6d676a2907de

Request Chain 144

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-dc26f660-e17c-4cec-8e4c-26d13e9281b0

147 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.abc-people.com/ 60 KB
9 KB 63ms
44ms Document
text/html 82.196.3.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.abc-people.com/
Protocol: HTTP/1.1
Server: 82.196.3.110 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: abc-people.tk
Software: nginx/1.2.1 /
Resource Hash: f109de836caa3df45d42b650e24044cdf864c8e4133e20d7f19d6ac0fd819ecb

Request headers

Host: www.abc-people.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx/1.2.1
Date: Sat, 13 Feb 2021 14:45:59 GMT
Content-Type: text/html
Last-Modified: Thu, 03 Dec 2020 21:59:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

GET
H/1.1 200
OK / Show response
js.mamydirect.com/js/ 12 KB
4 KB 83ms
61ms Script
application/x-javascript 54.228.203.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://js.mamydirect.com/js/?h=4ewm74Z6
Requested by: Host: www.abc-people.com
URL: http://www.abc-people.com/
Protocol: HTTP/1.1
Server: 54.228.203.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-203-167.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: fc7dee0d1c507a90415debd13d75125b79226287e6ab53ca13f470d1a6339036

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 15:21:29 GMT
Content-Encoding: gzip
Server: Apache
Connection: keep-alive
Content-Length: 3713
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=UTF-8

GET
H/1.1

200
OK

v-5.htm Show response
www.abc-people.com/phenomenons/spiritism/
Redirect Chain

http://www.abc-people.com/rkt.php?yab=true&key=ff54285f3a61668
http://www.abc-people.com/phenomenons/spiritism/v-5.htm

258 KB
55 KB

27ms
27ms

Script
text/html

82.196.3.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.abc-people.com/phenomenons/spiritism/v-5.htm
Requested by: Host: www.abc-people.com
URL: http://www.abc-people.com/
Protocol: HTTP/1.1
Server: 82.196.3.110 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: abc-people.tk
Software: nginx/1.2.1 /
Resource Hash: 406c4fb405b354201cab277fe38d0cf56f28ae88cb2fd5df31c24a5987780699

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 14:45:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Feb 2021 04:08:30 GMT
Server: nginx/1.2.1
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html

Redirect headers

Location: http://www.abc-people.com/phenomenons/spiritism/v-5.htm
Date: Sat, 13 Feb 2021 14:45:59 GMT
Server: nginx/1.2.1
Connection: keep-alive
Content-Length: 160
Content-Type: text/html

GET
H/1.1 200
OK / Show response
services.vlitag.com/adv1/ 381 B
1 KB 123ms
117ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://services.vlitag.com/adv1/?q=2e6c010f8f1c19150827701493ff78a0

Requested by

Host: www.abc-people.com
URL: http://www.abc-people.com/

Protocol

HTTP/1.1

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03fb02a2b25cf9158a5667a613031880ab6186e70ac6d5923f4669837b7a249c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 15:21:29 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"max_age":604800,"report_to":"cf-nel"}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 083d94a3dd0000323cb2072000000001
Pragma: no-cache
Last-Modified: Sat, 13 Feb 2021 10:21:29 GMT
Server: cloudflare
X-Sv: 1.210
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hv7YGv22%2BF3bHQlVtffseqBsP4pbA9FPItgigQrH2m1b9JKOzTA4B3RQedq6qI4550FR%2BRUBuAvhiDakPKc3ug4pBZJw%2BN6ET2C68Tdf%2BokdJW7dutktUsxAaL9%2FIHYq"}]}
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
CF-RAY: 620f8a196a4e323c-FRA
Expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 667028.js Show response
securemoney.ru/ 0
102 B 1208ms
75ms Script
text/html 37.143.8.28
IHCRU Internet-Ho...

General

Check archive.org

Show headers Download Go to

Full URL

https://securemoney.ru/667028.js

Requested by

Host: www.abc-people.com
URL: http://www.abc-people.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

37.143.8.28 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: nginx
date: Sat, 13 Feb 2021 15:21:30 GMT
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK titul-gl.jpg
www.abc-people.com/ 6 KB
7 KB 25ms
24ms Image
image/jpeg 82.196.3.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.abc-people.com/titul-gl.jpg
Requested by: Host: www.abc-people.com
URL: http://www.abc-people.com/
Protocol: HTTP/1.1
Server: 82.196.3.110 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: abc-people.tk
Software: nginx/1.2.1 /
Resource Hash: d61c1a07086ae236fc63af84ba34c8b68f271a6a333a0d38f57079ececb2181e

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 14:46:00 GMT
Last-Modified: Mon, 25 Jun 2018 08:55:55 GMT
Server: nginx/1.2.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6579
Content-Type: image/jpeg

GET
H/1.1 200
OK usa_british_flag.jpg
www.abc-people.com/ 2 KB
2 KB 25ms
25ms Image
image/jpeg 82.196.3.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.abc-people.com/usa_british_flag.jpg
Requested by: Host: www.abc-people.com
URL: http://www.abc-people.com/
Protocol: HTTP/1.1
Server: 82.196.3.110 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: abc-people.tk
Software: nginx/1.2.1 /
Resource Hash: 7a53c23ad2ca3cbe4b8c7fc5f79faeb815780dc21232854a6c8265efdbb05127

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 14:46:00 GMT
Last-Modified: Mon, 25 Jun 2018 08:55:54 GMT
Server: nginx/1.2.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2162
Content-Type: image/jpeg

GET
H/1.1 200
OK arr-oks-rb2.gif
www.abc-people.com/ 80 B
294 B 30ms
29ms Image
image/gif 82.196.3.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.abc-people.com/arr-oks-rb2.gif
Requested by: Host: www.abc-people.com
URL: http://www.abc-people.com/
Protocol: HTTP/1.1
Server: 82.196.3.110 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: abc-people.tk
Software: nginx/1.2.1 /
Resource Hash: d76ee8c8bbdfa8648d77d97039a0456d21c02f9de84d51357da75c894c7f377b

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 14:46:00 GMT
Last-Modified: Mon, 25 Jun 2018 08:56:17 GMT
Server: nginx/1.2.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 80
Content-Type: image/gif

GET
H/1.1 200
OK arr-oks-r.gif
www.abc-people.com/ 69 B
283 B 24ms
24ms Image
image/gif 82.196.3.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.abc-people.com/arr-oks-r.gif
Requested by: Host: www.abc-people.com
URL: http://www.abc-people.com/
Protocol: HTTP/1.1
Server: 82.196.3.110 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: abc-people.tk
Software: nginx/1.2.1 /
Resource Hash: d4cd747ce987d317ce2b6762c740719096e3de398c10efa9526f177a9176d49a

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 14:46:00 GMT
Last-Modified: Mon, 25 Jun 2018 08:56:18 GMT
Server: nginx/1.2.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 69
Content-Type: image/gif

GET
H/1.1 200
OK headerbid.php Show response
served-by.pixfuture.com/www/delivery/ 5 KB
2 KB 210ms
204ms Script
text/html 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://served-by.pixfuture.com/www/delivery/headerbid.php?dat=137x320x50x31x34756
Requested by: Host: www.abc-people.com
URL: http://www.abc-people.com/
Protocol: HTTP/1.1
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 0a3648666dacf7c5578ab4757029be9012e3c782fdc262c7d1cf4637d7aa5b83

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:29 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 200
OK arr-oks-rb1.gif
www.abc-people.com/ 109 B
324 B 25ms
24ms Image
image/gif 82.196.3.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.abc-people.com/arr-oks-rb1.gif
Requested by: Host: www.abc-people.com
URL: http://www.abc-people.com/
Protocol: HTTP/1.1
Server: 82.196.3.110 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: abc-people.tk
Software: nginx/1.2.1 /
Resource Hash: a77b7b5cd027c5f8fdea045560cf85c5bfafe61391cd141f0deb86288644ab41

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 14:46:00 GMT
Last-Modified: Mon, 25 Jun 2018 08:56:18 GMT
Server: nginx/1.2.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 109
Content-Type: image/gif

GET
H/1.1 200
OK search-oks.gif
www.abc-people.com/ 2 KB
2 KB 24ms
24ms Image
image/gif 82.196.3.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.abc-people.com/search-oks.gif
Requested by: Host: www.abc-people.com
URL: http://www.abc-people.com/
Protocol: HTTP/1.1
Server: 82.196.3.110 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: abc-people.tk
Software: nginx/1.2.1 /
Resource Hash: 18baa66510b767aa153055b63c38fd838097271b1d6ff9b0557839cb194a6002

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 14:46:00 GMT
Last-Modified: Mon, 25 Jun 2018 08:56:10 GMT
Server: nginx/1.2.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1595
Content-Type: image/gif

GET
H2

200

300x250.js Show response
www.increaserev.com/ads/taga/
Redirect Chain

http://www.increaserev.com/ads/taga/300x250.js
https://www.increaserev.com/ads/taga/300x250.js

1 KB
998 B

38ms
22ms

Script
application/javascript

2606:4700:20::681a:17e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.increaserev.com/ads/taga/300x250.js
Requested by: Host: www.abc-people.com
URL: http://www.abc-people.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:17e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32c2567207134b4b98a5e3a4b1dd0c869e87b9180c9e5606498e5e456c4de0d2

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Jun 2020 07:50:57 GMT
server: cloudflare
age: 2954
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dLBenXvB8JB1u%2FwbMOu8XjDmE18Q7OV%2BdDFUjRtW%2BpemqYHqi8XBiw0R14U%2BNggE3yu6SKmLCA0azuttp1ifH1ewXykW710aQ7sOY8XKCLu0l%2FHJH14u%2FYhKoxN9Hoa6"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=86400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 620f8a167ef605e9-FRA
cf-request-id: 083d94a209000005e97e823000000001

Redirect headers

Date: Sat, 13 Feb 2021 15:21:29 GMT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RT8oNpB2PUTNjgxxheFSqP1RP%2Ba37gkjE8gc74i6joNEN4c3ZrfwfU1MTnPFUfxcnxVpUIzgtItGOdFiIlhMHhbBsWIRWI4nR8aTRKo5llC3kLVXCPBv6RJZs21caxrl"}]}
Location: https://www.increaserev.com/ads/taga/300x250.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 620f8a162c57323c-FRA
cf-request-id: 083d94a1d90000323c5d9c0000000001
Expires: Sat, 13 Feb 2021 16:21:29 GMT

GET
H/1.1 200
OK 320x50.js Show response
ad.liveburst.com/tags/9034/1946/js/ 7 KB
3 KB 298ms
289ms Script
application/javascript 66.55.83.135
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ad.liveburst.com/tags/9034/1946/js/320x50.js
Requested by: Host: www.abc-people.com
URL: http://www.abc-people.com/
Protocol: HTTP/1.1
Server: 66.55.83.135 , United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: 135.83.55.66.hosted.by.thegcloud.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: eca0106b71eeff5109594741b31a4c5e14306e016bf027206f4a068aeb04b862

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 15:37:43 GMT
Content-Encoding: gzip
Last-Modified: Sat, 02 Jan 2021 01:19:35 GMT
Server: nginx/1.4.6 (Ubuntu)
Age: 0
ETag: "1a0053-1b6b-5b7e0a6660758-gzip"
X-Cacheable: YES
Vary: Accept-Encoding,User-Agent
X-Cache: MISS
Content-Type: application/javascript
Via: 1.1 varnish
X-Varnish: 884165828
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2213

GET
H/1.1 200
OK favicon.ico.gif
www.abc-people.com/ 690 B
905 B 24ms
24ms Image
image/gif 82.196.3.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.abc-people.com/favicon.ico.gif
Requested by: Host: www.abc-people.com
URL: http://www.abc-people.com/
Protocol: HTTP/1.1
Server: 82.196.3.110 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: abc-people.tk
Software: nginx/1.2.1 /
Resource Hash: 06d28e4119cb4b5fd3d3611ad17465fb955cfdf95233e762b54bce39e1cb5ed4

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 14:46:00 GMT
Last-Modified: Mon, 25 Jun 2018 08:56:13 GMT
Server: nginx/1.2.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 690
Content-Type: image/gif

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 44ms
38ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.abc-people.com
URL: http://www.abc-people.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b2a184ba2cf788cea7c9b86ad7e2ac6851abf21618de6e7309973854bd27cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sat, 13 Feb 2021 15:21:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 695485552098464747
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 48452
X-XSS-Protection: 0
Expires: Sat, 13 Feb 2021 15:21:30 GMT

GET
H/1.1 200
OK titul.jpg
www.abc-people.com/ 4 KB
5 KB 25ms
25ms Image
image/jpeg 82.196.3.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.abc-people.com/titul.jpg
Requested by: Host: www.abc-people.com
URL: http://www.abc-people.com/
Protocol: HTTP/1.1
Server: 82.196.3.110 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: abc-people.tk
Software: nginx/1.2.1 /
Resource Hash: 7f0662b582c6b18767ead9ab5bbd64aa4157c37dd15e450e9cd92a1e537c81dd

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 14:46:00 GMT
Last-Modified: Mon, 25 Jun 2018 08:55:55 GMT
Server: nginx/1.2.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4489
Content-Type: image/jpeg

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

353 KB
114 KB

63ms
23ms

Script
application/javascript

104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.abc-people.com
URL: http://www.abc-people.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

a607b964ac5717fa3841253368a8202f1fe5b451cba8468c76c2d43a8b50788f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sat, 13 Feb 2021 15:21:29 GMT
x-host: s7.addthis.com
content-length: 116325

Redirect headers

Date: Sat, 13 Feb 2021 15:21:29 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H/1.1 200
OK / Show response
tag.vlitag.com/v3/1612888847/ 424 KB
110 KB 30ms
18ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://tag.vlitag.com/v3/1612888847/?q=2e6c010f8f1c19150827701493ff78a0&n=

Requested by

Host: services.vlitag.com
URL: http://services.vlitag.com/adv1/?q=2e6c010f8f1c19150827701493ff78a0

Protocol

HTTP/1.1

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5914b7e39801efe56b01a0281c9d4958cea9f221473b41037e8e26abb056c14

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 15:21:30 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 340837
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Cf-Bgj: minify
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2yf1qmC%2F0G6DMal6E3Jx8%2Fa1mU1DOfc%2FLPqTtuY%2FxDoJ5fUw5E3JaoyEx%2FwvZ%2F29VJTqiAf%2FGn1HUefoX1Dw0HoWV6kTSuthIND6rkOoFVeMcp9LVRYbvJVQ7A%3D%3D"}],"max_age":604800}
Content-Type: application/javascript; charset=utf-8
X-Sv: 157.114
Cache-Control: public, max-age=31536000, immutable
cf-request-id: 083d94a56000001f39a12df000000001
CF-RAY: 620f8a1bcff81f39-FRA

GET
H/1.1 200
OK abcnn.jpg
www.abc-people.com/ 65 KB
65 KB 32ms
25ms Image
image/jpeg 82.196.3.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.abc-people.com/abcnn.jpg
Requested by: Host: www.abc-people.com
URL: http://www.abc-people.com/
Protocol: HTTP/1.1
Server: 82.196.3.110 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: abc-people.tk
Software: nginx/1.2.1 /
Resource Hash: 2a284fa845f162ec13dc7f23de658ac23118c7e1b7bf9cc160631b6650449cae

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 14:46:00 GMT
Last-Modified: Mon, 25 Jun 2018 08:56:00 GMT
Server: nginx/1.2.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66370
Content-Type: image/jpeg

GET
H/1.1 200
OK abc.gif
www.abc-people.com/ 16 KB
16 KB 49ms
43ms Image
image/gif 82.196.3.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.abc-people.com/abc.gif
Requested by: Host: www.abc-people.com
URL: http://www.abc-people.com/
Protocol: HTTP/1.1
Server: 82.196.3.110 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: abc-people.tk
Software: nginx/1.2.1 /
Resource Hash: 6572ed6ff74715ed06ea651e8cfff5a76325e58bee7312b97682ea8cbec844e9

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 14:46:00 GMT
Last-Modified: Mon, 25 Jun 2018 08:56:23 GMT
Server: nginx/1.2.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16199
Content-Type: image/gif

GET
H/1.1 200
OK html5embed.php Show response
www.clocklink.com/ Frame A755 1012 B
1 KB 829ms
269ms Document
text/html 216.230.241.100
PSPINC-BDC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clocklink.com/html5embed.php?clock=047&timezone=BST&color=blue&size=180&Title=&Message=&Target=&From=2019,1,1,0,0,0&Color=blue

Requested by

Host: www.abc-people.com
URL: http://www.abc-people.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.230.241.100 , United States, ASN23394 (PSPINC-BDC, US),

Reverse DNS

clocklink.com

Software

Apache/2.2.15 (CentOS) / PHP/5.3.3

Resource Hash

6bdc90670a1aaf518e9c91164d7123dcab0710f145386518e39796b4b1493aa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Host: www.clocklink.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.abc-people.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.abc-people.com/

Response headers

Date: Sat, 13 Feb 2021 15:21:30 GMT
Server: Apache/2.2.15 (CentOS)
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Powered-By: PHP/5.3.3
Content-Length: 1012
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 92ms
58ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-2802736710747288:9961743911

Requested by

Host: www.abc-people.com
URL: http://www.abc-people.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

4683103ce213507d7da32014baf9dc2644771188ac4a87aaccccaa173559989c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:30 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3477
x-xss-protection: 0
expires: Sat, 13 Feb 2021 15:21:30 GMT

GET
H/1.1 200
OK blue1.gif
www.abc-people.com/back/ 4 KB
5 KB 24ms
24ms Image
image/gif 82.196.3.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.abc-people.com/back/blue1.gif
Requested by: Host: www.abc-people.com
URL: http://www.abc-people.com/
Protocol: HTTP/1.1
Server: 82.196.3.110 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: abc-people.tk
Software: nginx/1.2.1 /
Resource Hash: 5934da5459fe133a893c1a5143fa52effe0605da516399659f3528e643f5b439

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 14:46:00 GMT
Last-Modified: Mon, 25 Jun 2018 09:10:14 GMT
Server: nginx/1.2.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4529
Content-Type: image/gif

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/ 227 KB
86 KB 77ms
59ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ab0341f68cc06548e5b65a9660bf17584dd7a03bc68edf26a41a560789d1a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87060
x-xss-protection: 0
server: cafe
etag: 14406113461772004968
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Feb 2021 15:21:30 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/ Frame 0AAE 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210211/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.abc-people.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.abc-people.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 13 Feb 2021 05:49:25 GMT
expires: Sat, 27 Feb 2021 05:49:25 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 34325
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 56 KB
19 KB 20ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ad.liveburst.com
URL: http://ad.liveburst.com/tags/9034/1946/js/320x50.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1892e9eee5c0b0cc01799ca7b3e16ebe91fabd6a4a876463aed1b9d65266150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 13 Feb 2021 15:21:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "782 / 996 of 1000 / last-modified: 1613171553"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 19504
X-XSS-Protection: 0
Expires: Sat, 13 Feb 2021 15:21:30 GMT

GET
H/1.1 200
OK quant.js Show response
edge.quantserve.com/ 23 KB
9 KB 14ms
6ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.quantserve.com/quant.js
Requested by: Host: ad.liveburst.com
URL: http://ad.liveburst.com/tags/9034/1946/js/320x50.js
Protocol: HTTP/1.1
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 15:21:30 GMT
Content-Encoding: gzip
Etag: "8q1rat7Mm9i+FVcOidF8/g=="
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: private, max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Sat, 20 Feb 2021 15:21:30 GMT

GET
H/1.1 200
OK page_status Show response
services.vlitag.com/ 19 B
914 B 126ms
121ms XHR
application/json 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://services.vlitag.com/page_status?url=http%3A%2F%2Fwww.abc-people.com%2F

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v3/1612888847/?q=2e6c010f8f1c19150827701493ff78a0&n=

Protocol

HTTP/1.1

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41ef556b0a4f4bdd486a106c3c90f6b5b89889c3f5040af4028e81c9837994ec

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 15:21:30 GMT
CF-Cache-Status: DYNAMIC
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
X-Sv: 1.210
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BbLKbBeP4tmbNsDkoyBGFUcF8%2FFfWEl7QzcF3fF%2BHyHHmi%2FcV4EL9Vj3m2u%2BWo51h2hFsKxLE1qhzLWYphoG31BthBnBOhVjvCEG59yyaT2ZzTT3N8mRE%2B8FCP0N8%2FG4"}],"max_age":604800,"group":"cf-nel"}
Content-Type: application/json
Access-Control-Allow-Origin: http://www.abc-people.com
X-XSS-Protection: 1; mode=block
Connection: keep-alive
CF-RAY: 620f8a1c5b442b95-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 19
cf-request-id: 083d94a5b900002b9592a4a000000001

GET
H2 200 cmp-v2.0.1.js Show response
assets.vlitag.com/plugins/cmptcf2/ 267 KB
68 KB 46ms
26ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v3/1612888847/?q=2e6c010f8f1c19150827701493ff78a0&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1340472
cf-polished: origSize=489839
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 083d94a5d600002b7daf0bb000000001
x-robots-tag: noindex, nofollow
last-modified: Tue, 29 Dec 2020 02:18:12 GMT
server: cloudflare
etag: W/"5fea91e4-7796f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f6clBxD%2B1HHoyUjiunyzdK8NUn4oEguiTaUJKn6rTFN3y%2BvnhAnB2JJCnws3npWtbCyG17HfAp6y1Aj65bANb7kYgZx7ka6cVOjtpSJs5lyXW%2FVEWykevEDcdQhh0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 620f8a1c886f2b7d-FRA
expires: Fri, 29 Jan 2021 03:30:18 GMT

GET
H/1.1 200
OK prebid-v4.24.0.js Show response
assets.vlitag.com/prebid/default/ 382 KB
120 KB 37ms
26ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/prebid/default/prebid-v4.24.0.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v3/1612888847/?q=2e6c010f8f1c19150827701493ff78a0&n=

Protocol

HTTP/1.1

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b73510a4c5a2e8835501c88f6748ade1de22fcf3fa2d15518c13be4443f9c19f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 15:21:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 342493
Cf-Polished: origSize=390907
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 09 Feb 2021 16:13:11 GMT
Server: cloudflare
ETag: W/"6022b497-5f6fb"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oVhHEXiWxjotaOTiyS%2B4bNw3RHo4hkrWb2W%2FUdf0H6wZ%2F0xOgwP8hyo4U2z68LfSntVaf6G1ynuu7n4EM%2BS48iFjcB%2BTOwVABpkDEMC3jGIqXhQuJ3rytTHUbUdF5Q%3D%3D"}],"max_age":604800}
Content-Type: application/javascript
Expires: Tue, 09 Feb 2021 16:43:17 GMT
Cache-Control: max-age=16070400
cf-request-id: 083d94a5ce0000dfcf22978000000001
CF-RAY: 620f8a1c795edfcf-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK viPlayer_v42.min.js Show response
assets.vlitag.com/plugins/vlPlayer/ 13 KB
6 KB 28ms
17ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/plugins/vlPlayer/viPlayer_v42.min.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v3/1612888847/?q=2e6c010f8f1c19150827701493ff78a0&n=

Protocol

HTTP/1.1

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbeb241324f4c3e889518c86ec74c1f6f634fff0c6f23f8c5af28273b8f31112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 15:21:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2456193
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 083d94a5ce000064d30ca96000000001
Last-Modified: Thu, 26 Nov 2020 03:46:23 GMT
Server: cloudflare
ETag: W/"5fbf250f-33d4"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VwNAnIn9rwn3G6o4k3a0ETqhG%2Fq%2BS7Bb%2FM%2F6ATTUt%2FEpLCzmwNPFj8CTjYiE8fBMK%2BeQjJZxLC5KOhKSzbR%2FUhmRw%2F2UZgF1XrlmpLG7boD17M%2BAhC9zResPJQ%2Bc1w%3D%3D"}],"group":"cf-nel"}
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=16070400
CF-RAY: 620f8a1c78fa64d3-FRA
Expires: Sat, 16 Jan 2021 05:34:57 GMT

GET
H/1.1 200
OK ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 322 KB
111 KB 20ms
14ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v3/1612888847/?q=2e6c010f8f1c19150827701493ff78a0&n=

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fec14b132aa8f5c290a39129469655fb29aeed7faf69a4d628c34cc667812988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 15:21:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Length: 113725
X-XSS-Protection: 0
Expires: Sat, 13 Feb 2021 15:21:30 GMT

GET
H/1.1 200
OK sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
19 KB 24ms
13ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v3/1612888847/?q=2e6c010f8f1c19150827701493ff78a0&n=

Protocol

HTTP/1.1

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 15:21:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 2456193
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 083d94a5d000004a68598b6000000001
Last-Modified: Fri, 01 Nov 2019 05:04:50 GMT
Server: cloudflare
ETag: W/"5dbbbcf2-9806"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t3Hv6gPuR%2BDao2xkg1I7C8RU2fwqmsGxj3aZRD4hH2mu%2BBESAeu6tno2n1fky3ghMnt2xfHN9dh1iYLUkkg6xvPxh6e%2Bffb2azUitGxZ9Ohs3pu%2B7aQtLiHyHFj%2FCQ%3D%3D"}],"max_age":604800}
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=16070400
CF-RAY: 620f8a1c7c6b4a68-FRA
Expires: Sat, 16 Jan 2021 05:34:57 GMT

GET
H2 200 pubads_impl_2021020901.js Show response
securepubads.g.doubleclick.net/gpt/ 288 KB
101 KB 51ms
24ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

d2b13ee812188a64ef574ee912eaea945b1ae2a5a54b413e2fdfda94a7a58d09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 13 Feb 2021 15:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:41:39 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103372
x-xss-protection: 0
expires: Sat, 13 Feb 2021 15:21:30 GMT

GET
H2

200

rules-p-QAjpCznqPvtcy.js Show response
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-QAjpCznqPvtcy.js
https://rules.quantcount.com/rules-p-QAjpCznqPvtcy.js

3 B
349 B

33ms
10ms

Script
application/x-javascript

2600:9000:2127:2800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-QAjpCznqPvtcy.js
Requested by: Host: www.abc-people.com
URL: http://www.abc-people.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 01:26:38 GMT
via: 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 20:33:07 GMT
server: AmazonS3
age: 50093
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: d2Z7__vTrPCQuIoWR3OcHaWGI-lWbW1pfz3gBtdANiNoF6xl6titmg==

Redirect headers

Date: Sat, 13 Feb 2021 15:21:30 GMT
Via: 1.1 f18b0bd4a5b62e5fb49428cc4789689f.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: PRG50-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-QAjpCznqPvtcy.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: sQ4XcqwfCQuVAnmKxt-Qwe7ZOA2aUhkV39oEy9hB9ZfVkQtnLhLenQ==

GET
H2 200 cse_element__ru.js Show response
www.google.com/cse/static/element/323d4b81541ddb5b/ 278 KB
91 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__ru.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-2802736710747288:9961743911

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c346dc719d9cc186e3ff6e1c91a10191755100e0d65387984b43fdf56fa00de0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 22:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
age: 407096
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92832
x-xss-protection: 0
expires: Tue, 08 Feb 2022 22:16:34 GMT

GET
H2 200 default+ru.css
www.google.com/cse/static/element/323d4b81541ddb5b/ 41 KB
9 KB 10ms
9ms Stylesheet
text/css 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/default+ru.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-2802736710747288:9961743911

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 05:54:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
age: 206815
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9032
x-xss-protection: 0
expires: Fri, 11 Feb 2022 05:54:35 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 10ms
9ms Stylesheet
text/css 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-2802736710747288:9961743911

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:16:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
age: 286
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
expires: Sat, 13 Feb 2021 16:06:44 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 1 KB
1 KB 22ms
6ms XHR
application/json 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210213

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.24.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e29e72a5cce3a8222fbf8aba93c55fd594b1a9bc0f4624abd8b63ead241bf80a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 15724
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 757
etag: W/"541-uf2AvK6vK9sF4ulM2ilACjkUACQ"
x-served-by: cache-fra19151-FRA
date: Sat, 13 Feb 2021 15:21:30 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK /
logs.vlitag.com/sub/ 0
819 B 127ms
116ms Image
image/jpeg 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://logs.vlitag.com/sub/?d=abc-people.com&h=www.abc-people.com
Requested by: Host: www.abc-people.com
URL: http://www.abc-people.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 15:21:30 GMT
CF-Cache-Status: DYNAMIC
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LlmkrKk5V49WONM0u28ZFxbAxdgYA8GJsVnf6jE%2FgQOVuO7bhQVWgwMAx8i3W2t%2BBCce6GImBOf498OEUNCP7uqfO3VmUf82Bst1v%2Bu9F7XMF4OoJAYqVIVOHTM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 620f8a1d08dc175e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0
cf-request-id: 083d94a62a0000175ee532e000000001

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
838 B 56ms
20ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.24.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

233677257ab4fe54e8fb3910d29afcaa8b7ed1eb7a9a85a87108fda28a743400

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:30 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.52:80
AN-X-Request-Uuid: 7d8545a2-2ba6-46fc-903f-4ff218db6776
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.abc-people.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
839 B 60ms
24ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.24.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

fbd54881788ecce618c9647220accb97727dde43262d50e530619dcb2b5273e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:30 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.233:80
AN-X-Request-Uuid: 08aa9a40-c540-469d-80b6-a531976bf7a4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.abc-people.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST quantumdex
useast.quantumdex.io/auction/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
839 B 55ms
22ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.24.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

35cf92c7268169e4675f6e2b25c0b9179e496e16e38b8d1f7d4ce5eecd616369

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:30 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.49:80
AN-X-Request-Uuid: d900293e-841d-4603-b258-9f4dc3d657e4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.abc-people.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST quantumdex
useast.quantumdex.io/auction/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
839 B 71ms
40ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.24.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

41c88a7367d92e05341a9789fccb99bf7168b08a9757fdfec8413d3aed86b10a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:30 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.51:80
AN-X-Request-Uuid: 3315fe69-e413-4aa3-a7bd-f1fc7cc631fc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.abc-people.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t45.1;r;s1600*1200*24;uhttp%3A//www.abc-people.com/;i%u0416%u0436%u0411%u0438%u043E%u0433%u0440%u0430%u0444%u0438%u0438%2C%20%u0433%u0430%u043B%u0435%u0440%u0435%u0438%2...
https://counter.yadro.ru/hit?t45.1;r;s1600*1200*24;uhttp%3A//www.abc-people.com/;i%u0416%u0436%u0411%u0438%u043E%u0433%u0440%u0430%u0444%u0438%u0438%2C%20%u0433%u0430%u043B%u0435%u0440%u0435%u0438%...
https://counter.yadro.ru/hit?q;t45.1;r;s1600*1200*24;uhttp%3A//www.abc-people.com/;i%u0416%u0436%u0411%u0438%u043E%u0433%u0440%u0430%u0444%u0438%u0438%2C%20%u0433%u0430%u043B%u0435%u0440%u0435%u043...

112 B
566 B

56ms
56ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t45.1;r;s1600*1200*24;uhttp%3A//www.abc-people.com/;i%u0416%u0436%u0411%u0438%u043E%u0433%u0440%u0430%u0444%u0438%u0438%2C%20%u0433%u0430%u043B%u0435%u0440%u0435%u0438%2C%20%u0442%u0432%u043E%u0440%u0447%u0435%u0441%u0442%u0432%u043E%2C%20%u043A%u0430%u0440%u0442%u0438%u043D%u044B%2C%20%u0441%u043E%u0447%u0438%u043D%u0435%u043D%u0438%u044F%2C%20%u0438%u0437%u043E%u0431%u0440%u0435%u0442%u0435%u043D%u0438%u044F%2C%20%u043A%u0430%u043B%u0435%u043D%u0434%u0430%u0440%u0438.%20%u042D%u043D%u0446%u0438;0.6940846108730794

Requested by

Host: www.abc-people.com
URL: http://www.abc-people.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host216.rax.ru

Software

nginx/1.17.9 /

Resource Hash

bb51b9caddb8a0e55d70c819b8a8903fbf2f94b7ad453653ec6aa0e823524276

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:30 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 112
Expires: Thu, 13 Feb 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:30 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t45.1;r;s1600*1200*24;uhttp%3A//www.abc-people.com/;i%u0416%u0436%u0411%u0438%u043E%u0433%u0440%u0430%u0444%u0438%u0438%2C%20%u0433%u0430%u043B%u0435%u0440%u0435%u0438%2C%20%u0442%u0432%u043E%u0440%u0447%u0435%u0441%u0442%u0432%u043E%2C%20%u043A%u0430%u0440%u0442%u0438%u043D%u044B%2C%20%u0441%u043E%u0447%u0438%u043D%u0435%u043D%u0438%u044F%2C%20%u0438%u0437%u043E%u0431%u0440%u0435%u0442%u0435%u043D%u0438%u044F%2C%20%u043A%u0430%u043B%u0435%u043D%u0434%u0430%u0440%u0438.%20%u042D%u043D%u0446%u0438;0.6940846108730794
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Thu, 13 Feb 2020 21:00:00 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 22ms
8ms Script
application/x-javascript 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:30 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: B402EDC6F7271ED7
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=47409
accept-ranges: bytes
content-length: 948
x-amz-id-2: 3ZiQcYtRTuh4WJ4BUq+mWoVqgQk4EdHwIkUrSZre2GxPFo/4IUZsv5aBqLknQUvSl0wjR3iM+HQ=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5a68b551e8a16108/ 3 KB
997 B 47ms
45ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5a68b551e8a16108/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1b290ff52300188cecc4d2c25fc1a2dcc6d4a75130ca305c1feae9271d278fe2

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:30 GMT
content-encoding: gzip
etag: -831812743--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=8, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 822

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 180 KB
63 KB 21ms
16ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__ru.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c8d241d88a9ef9eaa2cbaa920b83d6b3fd9f00951fcd43b5ae12efe37c428da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 15:21:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "3619726063876730069"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
X-XSS-Protection: 0
Expires: Sat, 13 Feb 2021 15:21:30 GMT

GET
H3-Q050 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 27ms
13ms Image
image/png 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/default+ru.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/cse/static/element/323d4b81541ddb5b/default+ru.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 05:56:30 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 379500
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
expires: Wed, 09 Feb 2022 05:56:30 GMT

GET
H3-Q050 200 branding.png
www.google.com/cse/static/images/1x/ru/ 1 KB
1 KB 29ms
17ms Image
image/png 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/ru/branding.png

Requested by

Host: www.abc-people.com
URL: http://www.abc-people.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cdb4dd08ba584cdf21b63932a8834d79969701403ef62afb63f0c6f436e6c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:58 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 194492
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1377
x-xss-protection: 0
expires: Fri, 11 Feb 2022 09:19:58 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
83 B 12ms
6ms Image
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Requested by: Host: www.abc-people.com
URL: http://www.abc-people.com/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 15:21:30 GMT
Content-Length: 0

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 35ms
35ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sat, 13 Feb 2021 15:21:30 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
642 B 64ms
41ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.abc-people.com&callback=_gfp_s_&client=ca-pub-5413329544040947

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

198b9f3cc2c9fc5a1d3ec247a16f003e9a8701b10b7cf92d2783097163bcf53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 49ms
27ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.abc-people.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Feb 2021 15:21:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 50ms
28ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.abc-people.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Feb 2021 15:21:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2

200

300x250.html Show response
pastemyimg.com/ads/banner/ Frame D7FB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&gdpr=1&client=ca-pub-5413329544040947&output=html&h=250&slotname=TagA_300x250&adk=3229506570&adf=2028714983&pi=t.ma~as.TagA_300x2...
https://pastemyimg.com/ads/banner/300x250.html

265 B
786 B

37ms
14ms

Document
text/html

2606:4700:3035::6815:1487
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pastemyimg.com/ads/banner/300x250.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:1487 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17653ab482d588c7a04f36956f67f82c92341e3ae3b0939b3d4d348d5e82c9cb

Request headers

:method: GET
:authority: pastemyimg.com
:scheme: https
:path: /ads/banner/300x250.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.abc-people.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.abc-people.com/

Response headers

date: Sat, 13 Feb 2021 15:21:31 GMT
content-type: text/html
set-cookie: __cfduid=d85bc287ed21d3238a0da00484e15f13f1613229691; expires=Mon, 15-Mar-21 15:21:31 GMT; path=/; domain=.pastemyimg.com; HttpOnly; SameSite=Lax; Secure
last-modified: Fri, 18 Dec 2020 03:51:54 GMT
vary: Accept-Encoding,User-Agent
access-control-allow-origin: *
cache-control: max-age=16070400
cf-cache-status: HIT
age: 614
cf-request-id: 083d94a9e600004aa36e910000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PyD6lVHdZcEVdm3YuqKK4fxgBimqPy77fK%2BAqsPja0FbxnTd%2BA%2BwC7cejmjTMcrptxuFQjeI1Up9xOdOAOK1NCnJRiDePuYGZR%2F%2B7NL6Rs8Yl%2BN8SZoEytA2Pw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 620f8a230bf44aa3-FRA
content-encoding: br

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://pastemyimg.com/ads/banner/300x250.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 13 Feb 2021 15:21:31 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 13-Feb-2021 15:36:31 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960672666234"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28344
x-xss-protection: 0
expires: Sat, 13 Feb 2021 15:21:31 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0676 405 B
235 B 320ms
312ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&gdpr=1&client=ca-pub-2802736710747288&output=html&h=200&slotname=8661484423&adk=2269185406&adf=2861400655&pi=t.ma~as.8661484423&w=1020&fwrn=4&lmt=1607032779&rafmt=11&psa=0&format=1020x200&url=http%3A%2F%2Fwww.abc-people.com%2F&flash=0&wgl=1&dt=1613229690551&bpp=2&bdt=1572&idt=-M&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1331666823205&frm=20&pv=2&ga_vid=1079426066.1613229691&ga_sid=1613229691&ga_hid=1506178631&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=908&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21068495%2C21068769%2C21068893%2C31060031%2C21068785&oid=3&pvsid=2143565219531330&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&fsb=1&xpc=3KNuQSTyUs&p=http%3A//www.abc-people.com&dtd=462

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6cec58ba72d3a8918616deb3c175f313bdd931f143c0909fc2285ab476e8c990

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&gdpr=1&client=ca-pub-2802736710747288&output=html&h=200&slotname=8661484423&adk=2269185406&adf=2861400655&pi=t.ma~as.8661484423&w=1020&fwrn=4&lmt=1607032779&rafmt=11&psa=0&format=1020x200&url=http%3A%2F%2Fwww.abc-people.com%2F&flash=0&wgl=1&dt=1613229690551&bpp=2&bdt=1572&idt=-M&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1331666823205&frm=20&pv=2&ga_vid=1079426066.1613229691&ga_sid=1613229691&ga_hid=1506178631&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=908&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21068495%2C21068769%2C21068893%2C31060031%2C21068785&oid=3&pvsid=2143565219531330&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&fsb=1&xpc=3KNuQSTyUs&p=http%3A//www.abc-people.com&dtd=462
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.abc-people.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.abc-people.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 13 Feb 2021 15:21:31 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 13-Feb-2021 15:36:31 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sat, 13 Feb 2021 15:21:31 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 228E 0
795 B 40ms
40ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&gdpr=1&client=ca-pub-5413329544040947&output=html&adk=1812271804&adf=3025194257&lmt=1607032779&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.abc-people.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1613229690551&bpp=1&bdt=1572&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C1020x200&nras=1&correlator=1331666823205&frm=20&pv=1&ga_vid=1079426066.1613229691&ga_sid=1613229691&ga_hid=1506178631&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21068495%2C21068769%2C21068893%2C31060031%2C21068785&oid=3&pvsid=2143565219531330&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=506

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&gdpr=1&client=ca-pub-5413329544040947&output=html&adk=1812271804&adf=3025194257&lmt=1607032779&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.abc-people.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1613229690551&bpp=1&bdt=1572&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C1020x200&nras=1&correlator=1331666823205&frm=20&pv=1&ga_vid=1079426066.1613229691&ga_sid=1613229691&ga_hid=1506178631&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21068495%2C21068769%2C21068893%2C31060031%2C21068785&oid=3&pvsid=2143565219531330&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=506
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.abc-people.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.abc-people.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 13 Feb 2021 15:21:31 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 13-Feb-2021 15:36:31 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sat, 13 Feb 2021 15:21:31 GMT
cache-control: private

GET
H/1.1 200
OK anim-library.js Show response
www.clocklink.com/js/ Frame A755 2 KB
2 KB 599ms
148ms Script
text/javascript 216.230.241.100
PSPINC-BDC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clocklink.com/js/anim-library.js

Requested by

Host: www.clocklink.com
URL: https://www.clocklink.com/html5embed.php?clock=047&timezone=BST&color=blue&size=180&Title=&Message=&Target=&From=2019,1,1,0,0,0&Color=blue

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.230.241.100 , United States, ASN23394 (PSPINC-BDC, US),

Reverse DNS

clocklink.com

Software

Apache/2.2.15 (CentOS) /

Resource Hash

5818443b387973b6dd1f3185fbfce5515ca6f753e2e8b4c96fee56e7d5ac8898

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://www.clocklink.com/html5embed.php?clock=047&timezone=BST&color=blue&size=180&Title=&Message=&Target=&From=2019,1,1,0,0,0&Color=blue
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 15:21:31 GMT
Last-Modified: Wed, 15 Oct 2014 18:05:08 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "3604f7-781-50579f8e18cd1"
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 1921

GET
H/1.1 200
OK html5clocks.js Show response
www.clocklink.com/js/ Frame A755 2 KB
2 KB 620ms
153ms Script
text/javascript 216.230.241.100
PSPINC-BDC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clocklink.com/js/html5clocks.js

Requested by

Host: www.clocklink.com
URL: https://www.clocklink.com/html5embed.php?clock=047&timezone=BST&color=blue&size=180&Title=&Message=&Target=&From=2019,1,1,0,0,0&Color=blue

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.230.241.100 , United States, ASN23394 (PSPINC-BDC, US),

Reverse DNS

clocklink.com

Software

Apache/2.2.15 (CentOS) /

Resource Hash

404629f50819dec102fbb32402f72064fdc3c8de160a35d2285d765494a47f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://www.clocklink.com/html5embed.php?clock=047&timezone=BST&color=blue&size=180&Title=&Message=&Target=&From=2019,1,1,0,0,0&Color=blue
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 15:21:31 GMT
Last-Modified: Fri, 01 Apr 2016 01:24:33 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "360b34-827-52f623dc267b9"
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 2087

GET
H/1.1 200
OK html5-047.js Show response
www.clocklink.com/clocks/HTML5/ Frame A755 2 KB
3 KB 620ms
153ms Script
text/javascript 216.230.241.100
PSPINC-BDC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clocklink.com/clocks/HTML5/html5-047.js?3872

Requested by

Host: www.clocklink.com
URL: https://www.clocklink.com/html5embed.php?clock=047&timezone=BST&color=blue&size=180&Title=&Message=&Target=&From=2019,1,1,0,0,0&Color=blue

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.230.241.100 , United States, ASN23394 (PSPINC-BDC, US),

Reverse DNS

clocklink.com

Software

Apache/2.2.15 (CentOS) /

Resource Hash

841cb5b0e5b4827fc446c3d291a73ffe9afdd355ffe7485c9dee417f2f61f754

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://www.clocklink.com/html5embed.php?clock=047&timezone=BST&color=blue&size=180&Title=&Message=&Target=&From=2019,1,1,0,0,0&Color=blue
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 15:21:31 GMT
Last-Modified: Wed, 20 Jun 2018 18:16:30 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "3601d1-909-56f16cc3c806e"
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 2313

GET
H2 200 pmi300x250.js Show response
pastemyimg.com/ads/banner/direct/ Frame D7FB 18 KB
5 KB 15ms
15ms Script
application/javascript 2606:4700:3035::6815:1487
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pastemyimg.com/ads/banner/direct/pmi300x250.js
Requested by: Host: pastemyimg.com
URL: https://pastemyimg.com/ads/banner/300x250.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:1487 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df023067faaf4354636a8ec8710384a319b121581a69963a5c0c0ff38e72cbbc

Request headers

Referer: https://pastemyimg.com/ads/banner/300x250.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 25 Sep 2020 15:27:08 GMT
server: cloudflare
age: 5927
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FAamoX7Z5G3Yc1%2ByP38WKb1yj7ZVRkTZwRjm%2BIMkIZW85GNIDhXXplN1YByqUBy0A%2B1DgfkPdLXZEgqxnpRZgNG90wVpcyEcRDsF7HkBYOrMo0dwq50WTlIBsA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16070400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 620f8a232c554aa3-FRA
cf-request-id: 083d94a9fd00004aa36232a000000001

GET
H2 200 logo.png
pastemyimg.com/ads/banner/ Frame D7FB 8 KB
8 KB 16ms
16ms Image
image/png 2606:4700:3035::6815:1487
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pastemyimg.com/ads/banner/logo.png
Requested by: Host: www.abc-people.com
URL: http://www.abc-people.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:1487 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c500deb21501fe2e46ba5eaf674707e5b6d5067daa6702a8cc9bdb387e0f68b5

Request headers

Referer: https://pastemyimg.com/ads/banner/300x250.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:31 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4669
content-length: 7962
cf-request-id: 083d94aa0f00004aa33ba50000000001
last-modified: Sat, 16 May 2020 08:38:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aytJIKHOTld23RpbKZj1wWQBYJor%2B0ZkR%2BMfrFnHER1w0ke6xW91h%2BZRAV%2F%2Fmx5X7wKE1NwqQWtUkZ1%2FCW7XIh04hUGfrxhezUG3A2Oi9RQRhbAFNW0XZ8CeGg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 620f8a234caf4aa3-FRA

GET
H2 200 14.2dfb61b890959f78272d.js Show response
s7.addthis.com/static/ 397 B
544 B 79ms
78ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/14.2dfb61b890959f78272d.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6070049215ef9b98d1b389d67963816172ff29513d34335c5061cd9619a3ea17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-18d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sat, 13 Feb 2021 15:21:31 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 304

GET
H2

200

count.json Show response
widgets.pinterest.com/v1/urls/
Redirect Chain

http://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.abc-people.com%2F&callback=window._ate.cbs.rcb_6xdi0
https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.abc-people.com%2F&callback=window._ate.cbs.rcb_6xdi0

73 B
122 B

138ms
108ms

Script
application/javascript

151.101.36.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.abc-people.com%2F&callback=window._ate.cbs.rcb_6xdi0

Requested by

Host: www.abc-people.com
URL: http://www.abc-people.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

efff6d3d67e90f4ae0273b4dd71e7bb1bddb0d016d42fc9becc5d41300811d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 1665979701835095
expires: Sat, 13 Feb 2021 15:36:31 GMT

Redirect headers

Location: https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.abc-people.com%2F&callback=window._ate.cbs.rcb_6xdi0
Non-Authoritative-Reason: HSTS

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 36 B
287 B 344ms
337ms Script
application/json 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.abc-people.com%2F&callback=_ate.cbs.rcb_blfr0

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

5fa17436f0622d15ee206337accdae6e7d373ce32855c0c795a338aa0691073f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.abc-people.com/
last-modified: Sat, 13 Feb 2021 15:21:31 GMT
server: nginx/1.15.8
date: Sat, 13 Feb 2021 15:21:31 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 56

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
260 B 257ms
250ms XHR
application/json 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.abc-people.com%2F

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.abc-people.com/
last-modified: Sat, 13 Feb 2021 15:00:00 GMT
server: nginx/1.15.8
date: Sat, 13 Feb 2021 15:21:31 GMT
content-type: application/json
access-control-allow-origin: http://www.abc-people.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2

200

count.json Show response
widgets.pinterest.com/v1/urls/
Redirect Chain

http://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.abc-people.com%2F&callback=window._ate.cbs.rcb_2ijm0
https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.abc-people.com%2F&callback=window._ate.cbs.rcb_2ijm0

74 B
301 B

133ms
103ms

Script
application/javascript

151.101.36.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.abc-people.com%2F&callback=window._ate.cbs.rcb_2ijm0

Requested by

Host: www.abc-people.com
URL: http://www.abc-people.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9917cba65e1d0bf423e1ad79c352dd3ab4f31a24dbb62deff80a346849266015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 1374280232148649
expires: Sat, 13 Feb 2021 15:36:31 GMT

Redirect headers

Location: https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.abc-people.com%2F&callback=window._ate.cbs.rcb_2ijm0
Non-Authoritative-Reason: HSTS

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 36 B
287 B 253ms
247ms Script
application/json 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.abc-people.com%2F&callback=_ate.cbs.rcb_dw510

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

2eec7fee3404cb4d2940d8df0d69271cf4c1463f67c2e24d68fd7c2228442d0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.abc-people.com/
last-modified: Sat, 13 Feb 2021 15:21:31 GMT
server: nginx/1.15.8
date: Sat, 13 Feb 2021 15:21:31 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 56

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 151.67aec2e0546e639563bb.js Show response
s7.addthis.com/static/ 2 KB
1 KB 82ms
82ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/151.67aec2e0546e639563bb.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-68f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sat, 13 Feb 2021 15:21:31 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 815

GET
H2 200 css
fonts.googleapis.com/ Frame A755 2 KB
611 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Host: www.clocklink.com
URL: https://www.clocklink.com/clocks/HTML5/html5-047.js?3872

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54c03dc49439b0e09a0b1fc5e448b065c832aa14e3971426c6c8b0ddd76193ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.clocklink.com/html5embed.php?clock=047&timezone=BST&color=blue&size=180&Title=&Message=&Target=&From=2019,1,1,0,0,0&Color=blue
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 13 Feb 2021 14:48:33 GMT
server: ESF
date: Sat, 13 Feb 2021 15:21:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Feb 2021 15:21:31 GMT

GET
H/1.1 200
OK 380_80.png
www.clocklink.com/img/link/ Frame A755 3 KB
3 KB 437ms
146ms Image
image/png 216.230.241.100
PSPINC-BDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.clocklink.com/img/link/380_80.png

Requested by

Host: www.clocklink.com
URL: https://www.clocklink.com/html5embed.php?clock=047&timezone=BST&color=blue&size=180&Title=&Message=&Target=&From=2019,1,1,0,0,0&Color=blue

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.230.241.100 , United States, ASN23394 (PSPINC-BDC, US),

Reverse DNS

clocklink.com

Software

Apache/2.2.15 (CentOS) /

Resource Hash

02908d62a079497f0252e7cca78cb91c7951f9b0e450995ba1c8d353cb105e0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://www.clocklink.com/html5embed.php?clock=047&timezone=BST&color=blue&size=180&Title=&Message=&Target=&From=2019,1,1,0,0,0&Color=blue
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 15:21:32 GMT
Last-Modified: Thu, 17 Sep 2020 20:26:07 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "360d52-ca4-5af8831a7ec81"
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 3236

GET
H2 200 djax_elastic.js Show response
cdn.pixfuture.com/ Frame 8F90 37 KB
38 KB 139ms
114ms Script
application/javascript 2606:4700:20::ac43:4671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/djax_elastic.js
Requested by: Host: served-by.pixfuture.com
URL: http://served-by.pixfuture.com/www/delivery/headerbid.php?dat=137x320x50x31x34756
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ea9c7c24cf587fcab1896a4fd89f8aa972e1264aa19fedc0c86fcc568568eca

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:32 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 12 Feb 2021 17:40:15 GMT
server: cloudflare
etag: "6026bd7f-9574"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"max_age":604800,"report_to":"cf-nel"}
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gMuIH2XQNDeVRuUE47IIX0vqZ6HQBQDs6oQK4XQw4Eg6%2FpwTH2qd4q9ScOjBzATOYFz2UOSqihtgHti9JY6V1PhNMMo9fJOHMH2yZAKNj8043vkUcw5SG%2BYKD5p79w%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 620f8a281a3d96d4-FRA
content-length: 38260
cf-request-id: 083d94ad12000096d4ee3d7000000001
expires: Mon, 15 Feb 2021 15:21:32 GMT

GET
H2 200 auc.js Show response
cdn.pixfuture.com/ Frame 8F90 298 KB
300 KB 135ms
110ms Script
application/javascript 2606:4700:20::ac43:4671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/auc.js
Requested by: Host: served-by.pixfuture.com
URL: http://served-by.pixfuture.com/www/delivery/headerbid.php?dat=137x320x50x31x34756
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ef666022c3b2e7ce78c9a82d0629305bf3812f8d787cb957f218159637ee7d4

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:32 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 19 Aug 2020 13:43:38 GMT
server: cloudflare
etag: "5f3d2c8a-4a928"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"max_age":604800,"report_to":"cf-nel"}
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ug0%2BCnZ9zYBIpRUVtYnE6v2w4szE8g1r1gK9gjldwbJtBUt7zclZEPfCOWBjiHlIN0x5IcoTPQpiIxDDn2xXKJMABEhO%2BbzeZ7gsm1TgvSVoAzXl7QCXmbwuNdZe%2BA%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 620f8a281a3f96d4-FRA
content-length: 305448
cf-request-id: 083d94ad13000096d4b136c000000001
expires: Mon, 15 Feb 2021 15:21:32 GMT

GET
H2

200

p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 8F90
Redirect Chain

http://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif
https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

35 B
372 B

24ms
9ms

Image
image/gif

2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: www.abc-people.com
URL: http://www.abc-people.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Feb 2021 15:21:32 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Location: https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif
Date: Sat, 13 Feb 2021 15:21:32 GMT
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 0
Expires: Sun, 14 Feb 2021 15:21:32 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 62ms
48ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210211&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24e960d3a1b73128513ce865cc8d80541b364981cd56dd07db1bd9928b89ae67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Feb 2021 15:21:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6382
x-xss-protection: 0

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame A755 13 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.clocklink.com
Referer: https://fonts.googleapis.com/css?family=Montserrat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 17:21:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 424810
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Tue, 08 Feb 2022 17:21:22 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sat, 13 Feb 2021 15:21:32 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 3ECD 12 KB
5 KB 27ms
13ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.abc-people.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.abc-people.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sat, 13 Feb 2021 15:03:17 GMT
expires: Sun, 13 Feb 2022 15:03:17 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1095
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 jquery3_5_1.min.js Show response
cdn.pixfuture.com/ Frame 8F90 87 KB
88 KB 100ms
100ms Script
application/javascript 2606:4700:20::ac43:4671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/jquery3_5_1.min.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax_elastic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:32 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 26 Aug 2020 15:41:27 GMT
server: cloudflare
etag: "5f4682a7-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"max_age":604800,"report_to":"cf-nel"}
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ULcezVIbCoHcKT1EjcL7Yg8ASJtVTpSh7dPxUlKoWJZLMSxLNxde0jPrq5UkkY%2FnS601mFFw7NIHRN7o5epul9qEjYBMoKjjfPP%2F6CX1wSjW6fOUBNeBynBBmw8nkw%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 620f8a28da7696d4-FRA
content-length: 89476
cf-request-id: 083d94ad8a000096d4af8bd000000001
expires: Mon, 15 Feb 2021 15:21:32 GMT

GET
H3-Q050 200 KMBS0uYb27SoXpRfeqhVXCVI9MZcOZ5lTWsq5C5IQSA.js Show response
pagead2.googlesyndication.com/bg/ Frame 3ECD 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KMBS0uYb27SoXpRfeqhVXCVI9MZcOZ5lTWsq5C5IQSA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c052d2e61bdbb4a85e945f7aa8555c2548f4c65c399e654d6b2ae42e484120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 03:36:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 215122
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6236
x-xss-protection: 0
expires: Fri, 11 Feb 2022 03:36:10 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
198 B 40ms
39ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210211&jk=2143565219531330&bg=!V1SlVBfNAAXRs2QT0TsAKQB2-DxaP7CnwI8SZMwDWLHnMxinSYwKqowTKNAjxZvtjfbZleIhHmLxAgAAAEZSAAAAD2gBBwoAS3-IQrKg_s-s0WZVvVJJc4LaB3FvVzex9WkJjFtaqKm2wp87FzaXn50wFdtR0GJHrNPH8JOx-SYTMTYigw41uBqCGqXb41RH4a3NtpkB4Dz8QQ4Sozfr1iKhIya41DWh36sK53HpwrA4M7kUIvuaoMRTVZ7kkGqaLiKcwzTQy54Y5JAu7riVnHBQDO-KzHisYYgnrNbcheU_jUL_T3lF4qBBoO3KtqdqbB2X3CxTCH2ep9M2AbHrDEQZu6ILms7cY2bmh4n4nwZVVo88csASLR1gDXtvZ5czdPqKPjH-spRrDDV-H41r3NaDwWCAe2RahRFpBbGdg737nGd5tQMxzXYmsc5hIyEHG0RkrieLKnvusA1KrGLmvDyP1G6JnJZef7E0nudQEVNMCXuF9VEphawjKE4pm5QMZaViBCitNxa3gqPFAn-WTcfvtZtWb5BEeD8xjl0x6T1R_NNP57HX2IRWW45PccG1JKwVnqF61gCzzjnJEcKtD5LJBU2qq8JxUfVc_W3bEMqMZdKqJkkP3DWhzmzUBoUDPhMEjXTu0CeKmYA7Cat4VZJ65bQtQ4slr9H90zpxd5Qsr5I-DBM7CxvjlqgLyGddxV_ZJBULkcgCETrT_Fwe8Vk5dA41stzp2rtNyJC8QH4ZfCVxLammqukjINzPjR0UR0aR-cYtVxwgUUkRWAWupAzLfybML9wZLUOdzmB8DWc3AuBmd3B8vdaml5GnffEmF2b4GMbJEQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Feb 2021 15:21:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8F90 144 B
839 B 25ms
25ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

805a64cae010fcbad79541f5312569dad56ba8aa2405f9b9d869a8732d26805e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:32 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.144:80
AN-X-Request-Uuid: f38292d0-0017-4553-89b4-e8b447f630bd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.abc-people.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK demo_track.js Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 8F90 5 KB
5 KB 298ms
101ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js?v413
Requested by: Host: www.abc-people.com
URL: http://www.abc-people.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7f37093d285548a3ffadf31d52554118e59bdfa3350f70083d981a4196732318

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 15:21:32 GMT
Last-Modified: Fri, 12 Feb 2021 21:39:36 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6026f598-1264"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 4708
Expires: Mon, 15 Feb 2021 15:21:32 GMT

POST
H/1.1 200
OK demo_track.php Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 8F90 36 B
652 B 201ms
195ms XHR
text/html 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.php
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js?v413
Protocol: HTTP/1.1
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e70696531ebef4e25c157f95ad6730a529ac4df922aa285b3d6e9236007e8820

Request headers

Referer: http://www.abc-people.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:33 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Mon, 15 Feb 2021 15:21:33 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame 7EB7 995 B
1 KB 55ms
17ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.abc-people.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.abc-people.com/

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 13 Feb 2021 15:21:33 GMT
Age: 24487031
X-Served-By: cache-lga21949-LGA, cache-fra19122-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 652004, 141182
X-Timer: S1613229694.625873,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame 7EB7
Redirect Chain

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

0
817 B

21ms
20ms

Script
text/html

185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:33 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.102:80
AN-X-Request-Uuid: ec885573-2783-4b60-81f2-7a6c395accef
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:33 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.234:80
AN-X-Request-Uuid: de357d2f-1d92-48be-889f-5def37298d08
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9C0D 52 KB
17 KB 15ms
15ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.24.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.abc-people.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=5182802465514345908
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.abc-people.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Fri, 05 Feb 2021 21:11:46 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 13 Feb 2021 15:21:35 GMT
Age: 34293
X-Served-By: cache-lga21935-LGA, cache-fra19122-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 79504, 209701
X-Timer: S1613229695.448455,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame B278 2 KB
858 B 141ms
135ms Document
text/html 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.24.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0a242927d21fe8b4f228e5f13765395529dc3f475b738934f394515a54ae130

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.abc-people.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.abc-people.com/

Response headers

date: Sat, 13 Feb 2021 15:21:35 GMT
content-type: text/html
set-cookie: __cfduid=d56c364092dd7a958bc0b72cc98043dc51613229695; expires=Mon, 15-Mar-21 15:21:35 GMT; path=/; domain=.quantumdex.io; HttpOnly; SameSite=Lax uid=37303034-f4f2-42af-8746-a2b198c536cf; expires=Fri, 05 Mar 2021 15:21:35 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 083d94b9de0000d6f13e961000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QeMeqrbjvTuGU04uj95QgmfoXrh%2FVZYGWmx%2F5q12bSHHsmeTKAKyQ4qc1OOAgK6tdLEJ%2FZclk1kR4YVFMOl3JofV6EPU5td4xytZxhNUze7A5SaT8NtTkAWEhgLLtPg%3D"}]}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 620f8a3c9ec6d6f1-FRA
content-encoding: br

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame FD0D 52 KB
17 KB 37ms
22ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.24.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.abc-people.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=5182802465514345908
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.abc-people.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Fri, 05 Feb 2021 21:11:46 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 13 Feb 2021 15:21:35 GMT
Age: 34293
X-Served-By: cache-lga21935-LGA, cache-fra19122-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 79504, 209702
X-Timer: S1613229695.472856,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B325 52 KB
17 KB 44ms
16ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.24.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.abc-people.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=5182802465514345908
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.abc-people.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Fri, 05 Feb 2021 21:11:46 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 13 Feb 2021 15:21:35 GMT
Age: 34293
X-Served-By: cache-lga21935-LGA, cache-fra19181-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 79504, 209478
X-Timer: S1613229695.481243,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame E94C 52 KB
17 KB 42ms
14ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.24.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.abc-people.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=5182802465514345908
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.abc-people.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Fri, 05 Feb 2021 21:11:46 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 13 Feb 2021 15:21:35 GMT
Age: 34293
X-Served-By: cache-lga21935-LGA, cache-fra19173-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 79504, 209771
X-Timer: S1613229695.479622,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame C23A 2 KB
1 KB 130ms
128ms Document
text/html 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.24.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e91aab64b4bce5372db7436b28d895a2ad782d82dd231f93aeb0c0ca272f3b4d

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.abc-people.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.abc-people.com/

Response headers

date: Sat, 13 Feb 2021 15:21:35 GMT
content-type: text/html
set-cookie: __cfduid=d56c364092dd7a958bc0b72cc98043dc51613229695; expires=Mon, 15-Mar-21 15:21:35 GMT; path=/; domain=.quantumdex.io; HttpOnly; SameSite=Lax uid=983cee57-695e-49a3-b5a9-200023932188; expires=Fri, 05 Mar 2021 15:21:35 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 083d94b9de0000d6f1078e8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oOXoLWysm%2FcwJymYTQokkF0HB6216qMIoPS6wpj3MICq3f%2Fb2I%2B9eaiKYPj806suvpjiFUtm8VYKeGl889o1efYqqiVSC465E26MKSBpjO3v3vZHTn%2FgbK4nF0VQ0ik%3D"}]}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 620f8a3c9ec8d6f1-FRA
content-encoding: br

GET
H2

200

setuid
sync.quantumdex.io/ Frame C23A
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=c97e6cf5e82803c526b699ee

43 B
439 B

145ms
142ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=c97e6cf5e82803c526b699ee
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/usersync/quantumdex
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:35 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BX5VhtQB3mnA7P79jzEHq5YtETBw15euUtFoB2T%2FPNeDI30forxTAjIESiWu54edBZB5%2BNcaCZDCIYzdsL%2FBvBqAeuOtp%2Bs%2B7kvJopw1NOJLeiNm%2F8yx%2FAPxyf%2Bbekw%3D"}]}
content-type: image/gif
cf-ray: 620f8a3e19c3d6f1-FRA
content-length: 43
cf-request-id: 083d94bad00000d6f111bc2000000001

Redirect headers

Date: Sat, 13 Feb 2021 15:21:35 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=c97e6cf5e82803c526b699ee
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame C23A
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5182802465514345908

43 B
340 B

128ms
128ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5182802465514345908
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/usersync/quantumdex
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:35 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=STSTdbH8UOJoc1AUQW7Sa2aezteM%2FSMXVZ2minw7z3i6W3V%2BIwa%2BaYjQ7jBIXrfWbrxG4Nh6q721dR08m0Fr3FcH8WynqGr%2F97WSHRZjOkQo%2FWbIYBVLXDLTAtmSvX4%3D"}]}
content-type: image/gif
cf-ray: 620f8a3db8fbd6f1-FRA
content-length: 43
cf-request-id: 083d94ba910000d6f1ebbde000000001

Redirect headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:35 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.51:80
AN-X-Request-Uuid: 6d1b7ae9-10a4-4b2f-ba97-7c08eaff7de3
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5182802465514345908
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame C23A 0
478 B 67ms
14ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/usersync/quantumdex
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:35 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame C23A
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=628a9747-0ca5-46c7-9cd5-05f472c4c177

43 B
328 B

126ms
126ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=628a9747-0ca5-46c7-9cd5-05f472c4c177
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/usersync/quantumdex
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:35 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ubqn%2F8Qh5FmoAuFcXdkEBaYlUslomqDMrarz9WOzvUctFwzDXtSgET2eHdd%2BSq1jlMs3Rz3WU5%2FtuFyZDElYuNAQDw6OF2v2zms7K6lt%2BR0M1Izn%2FITl0bG1bS2uXrM%3D"}]}
content-type: image/gif
cf-ray: 620f8a3e4a0fd6f1-FRA
content-length: 43
cf-request-id: 083d94baea0000d6f1c2b51000000001

Redirect headers

date: Sat, 13 Feb 2021 15:21:35 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DMWoV5nNJ5FS3T4lg%2BkbcEXaLUXlxtGvWzrO0egguHtGt7aiNImqtI7vJFm2MAiJ0vQzeNoQYMP7fWEuv9289ExZQdbvZ9Ll1t5QFBtpPRxumD3VYkLHe%2BlSX9gY"}]}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=628a9747-0ca5-46c7-9cd5-05f472c4c177
cf-ray: 620f8a3d887ad6f1-FRA
content-length: 0
cf-request-id: 083d94ba740000d6f14e110000000001

GET
H2 204 d
ic.tynt.com/r/ Frame D796 0
0 330ms
110ms Document
text/plain 208.100.17.190
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.190 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip190.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

:method: GET
:authority: ic.tynt.com
:scheme: https
:path: /r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/usersync/quantumdex
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sync.quantumdex.io/usersync/quantumdex

Response headers

server: nginx/1.16.1
date: Sat, 13 Feb 2021 15:21:35 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 1045
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

2 KB
3 KB

19ms
19ms

Document
text/html

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 64c9b5cdb0439b28548227469f0a722a13c9507b6b1da224fd2e18c7212ec2b0

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/usersync/quantumdex
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YCfufzMZ4NcJSnwO6KeY8wAA; CMPS=5182
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sync.quantumdex.io/usersync/quantumdex

Response headers

Server: Apache
Content-Type: text/html
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1740
Expires: Sat, 13 Feb 2021 15:21:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:35 GMT
Connection: keep-alive
Set-Cookie: CMID=YCfufzMZ4NcJSnwO6KeY8wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 13 Feb 2022 15:21:35 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 14 May 2021 15:21:35 GMT CMPRO=1187;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 14 May 2021 15:21:35 GMT CMRUM3=e66027ee7f27600&2d6027ee7f05a0&696027ee7f05a0&1f6027ee7f05a00&f16027ee7f05a00&0d6027ee7f05a0&046027ee7f05a0&276027ee7f0b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 13 Feb 2022 15:21:35 GMT CMST=YCfuf2An7n8A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 14 Feb 2021 15:21:35 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sat, 13 Feb 2021 15:21:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:35 GMT
Connection: keep-alive
Set-Cookie: CMID=YCfufzMZ4NcJSnwO6KeY8wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 13 Feb 2022 15:21:35 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 14 May 2021 15:21:35 GMT

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame D39C 819 B
974 B 55ms
13ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

3a520d2e5f25c7690b0fb6f223a068da888a1a4cd41d81c4baccea44764c5c09

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/usersync/quantumdex
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sync.quantumdex.io/usersync/quantumdex

Response headers

Date: Sat, 13 Feb 2021 15:21:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YCfug; path=/; domain=.go.sonobi.com

GET
H/1.1 400
Bad Request sync.html Show response
s.adtelligent.com/ Frame 1619 63 B
334 B 94ms
38ms Document
text/plain 2a0c:5c81:5160::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=590678
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5160::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/usersync/quantumdex
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sync.quantumdex.io/usersync/quantumdex

Response headers

Server: VertaMedia 1.0
Date: Sat, 13 Feb 2021 15:21:34 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 63
Access-Control-Allow-Origin: https://sync.quantumdex.io
Access-Control-Allow-Credentials: true
Connection: Keep-Alive

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 0125 2 KB
818 B 27ms
9ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/usersync/quantumdex
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sync.quantumdex.io/usersync/quantumdex

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2

200

setuid
sync.quantumdex.io/ Frame B278
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=e9669a40436c4cb7a097b4d5

43 B
326 B

131ms
127ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=e9669a40436c4cb7a097b4d5
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/usersync/quantumdex
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:35 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qXVGZtVL2o7GxaYVB7HfO5YDbLx02zFqEOaMLrYrbtK5Yit0CxckfYeZXlUO2zjcfxrHOL%2FDZi1dOTQAvgzys%2FF4x0ZLD2l0%2B32DexGdjxoZiMsQjEQNIl2bvTvaaLw%3D"}]}
content-type: image/gif
cf-ray: 620f8a3e19c2d6f1-FRA
content-length: 43
cf-request-id: 083d94bad00000d6f123b23000000001

Redirect headers

Date: Sat, 13 Feb 2021 15:21:35 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=e9669a40436c4cb7a097b4d5
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame B278
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5182802465514345908

43 B
492 B

129ms
126ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5182802465514345908
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/usersync/quantumdex
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:35 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xLXlaClBzw6TL6MEM3SrsdwOAnHhkGUX6zZU%2BHFrTeptACQY%2BsORVxd%2BBVKXFfTXzmSBESiH%2F4fFtzh7mwiZryyl%2ByngcAmCF1%2BtQ9ZZBxg0cRU66cTCUrbnzJKrcKk%3D"}]}
content-type: image/gif
cf-ray: 620f8a3e19c0d6f1-FRA
content-length: 43
cf-request-id: 083d94bad00000d6f153b84000000001

Redirect headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:35 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.85:80
AN-X-Request-Uuid: fb311631-bb23-48e9-b458-ad130dd84209
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5182802465514345908
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame B278 0
478 B 60ms
14ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/usersync/quantumdex
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:35 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame B278
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=a8582bc3-dae2-4772-a88e-96cc539a4138

43 B
326 B

126ms
126ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=a8582bc3-dae2-4772-a88e-96cc539a4138
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/usersync/quantumdex
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:35 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2zq7kgyAVxbaUYOQN9yH6LtE6FmV%2FwlgmIXQDrixhx94zEJwauoS744r%2FPBPtjUr54sVSmTU7L6yCTIoPU73suWNOkFjzSngQ4Gaqyh1oeUsaDBjj60NZqpr%2FPoRky0%3D"}]}
content-type: image/gif
cf-ray: 620f8a3e5a29d6f1-FRA
content-length: 43
cf-request-id: 083d94baf40000d6f1d7230000000001

Redirect headers

date: Sat, 13 Feb 2021 15:21:35 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lcgs3TBL2YbAlsmzP5JrRkoWBCPcEScZfUGwgZGaCCXQw2EoMeE1XZnPRbGvUQnS%2BvG7kQpsIehRhu1ynUUN6vflo1HbVJz%2BSuTCrkPgxjbOC03CpUajrxc4JmaZ"}]}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=a8582bc3-dae2-4772-a88e-96cc539a4138
cf-ray: 620f8a3d887ed6f1-FRA
content-length: 0
cf-request-id: 083d94ba710000d6f14b86b000000001

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 72D5 2 KB
818 B 25ms
9ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/usersync/quantumdex
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sync.quantumdex.io/usersync/quantumdex

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2 204 d
ic.tynt.com/r/ Frame CDBB 0
0 321ms
111ms Document
text/plain 208.100.17.190
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.190 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip190.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

:method: GET
:authority: ic.tynt.com
:scheme: https
:path: /r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/usersync/quantumdex
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sync.quantumdex.io/usersync/quantumdex

Response headers

server: nginx/1.16.1
date: Sat, 13 Feb 2021 15:21:35 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 1382
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

2 KB
3 KB

20ms
19ms

Document
text/html

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d1892e454db07f5094b205110d28b37cb95f3621d21e301ea04a33a0c4407289

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/usersync/quantumdex
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=5182; CMID=YCfuf.puYtxsPV1nkWqtigAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sync.quantumdex.io/usersync/quantumdex

Response headers

Server: Apache
Content-Type: text/html
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1759
Expires: Sat, 13 Feb 2021 15:21:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:35 GMT
Connection: keep-alive
Set-Cookie: CMID=YCfuf.puYtxsPV1nkWqtigAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 13 Feb 2022 15:21:35 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 14 May 2021 15:21:35 GMT CMPRO=1178;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 14 May 2021 15:21:35 GMT CMST=YCfuf2An7n8A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 14 Feb 2021 15:21:35 GMT CMRUM3=2d6027ee7f05a0&e66027ee7f27600&296027ee7f05a00&396027ee7f05a00&f16027ee7f05a00&036027ee7f05a0&c36027ee7f05a00&276027ee7f0b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 13 Feb 2022 15:21:35 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sat, 13 Feb 2021 15:21:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:35 GMT
Connection: keep-alive
Set-Cookie: CMID=YCfuf.puYtxsPV1nkWqtigAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 13 Feb 2022 15:21:35 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 14 May 2021 15:21:35 GMT

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame 927F 819 B
974 B 49ms
14ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

3a520d2e5f25c7690b0fb6f223a068da888a1a4cd41d81c4baccea44764c5c09

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/usersync/quantumdex
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sync.quantumdex.io/usersync/quantumdex

Response headers

Date: Sat, 13 Feb 2021 15:21:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YCfug; path=/; domain=.go.sonobi.com

GET
H/1.1 400
Bad Request sync.html Show response
s.adtelligent.com/ Frame 92D1 63 B
334 B 88ms
39ms Document
text/plain 2a0c:5c81:5160::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=590678
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5160::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/usersync/quantumdex
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sync.quantumdex.io/usersync/quantumdex

Response headers

Server: VertaMedia 1.0
Date: Sat, 13 Feb 2021 15:21:34 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 63
Access-Control-Allow-Origin: https://sync.quantumdex.io
Access-Control-Allow-Credentials: true
Connection: Keep-Alive

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 1045
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCfufzMZ4NcJSnwO6KeY8wAABKMAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCfufzMZ4NcJSnwO6KeY8wAABKMAAAAB&dcc=t

43 B
433 B

207ms
102ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCfufzMZ4NcJSnwO6KeY8wAABKMAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:36 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:35 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCfufzMZ4NcJSnwO6KeY8wAABKMAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1045
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YCfufzMZ4NcJSnwO6KeY8wAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJjzfaIj_eh1GZlSOt7FzK8&google_cver=1

43 B
1004 B

17ms
13ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJjzfaIj_eh1GZlSOt7FzK8&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:35 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 13 Feb 2021 15:21:35 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Feb 2021 15:21:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJjzfaIj_eh1GZlSOt7FzK8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 1045 70 B
264 B 94ms
30ms Image
image/gif 54.154.164.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1&cm_dsp_id=70&cm_user_id=YCfufzMZ4NcJSnwO6KeY8wAA&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.164.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-164-132.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Feb 2021 15:21:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 1045
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YCfufzMZ4NcJSnwO6KeY8wAABKMAAAAB
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEE0T37fJ7WEY6B2Yrjq4pzs&google_cver=1

43 B
315 B

27ms
26ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEE0T37fJ7WEY6B2Yrjq4pzs&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:35 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 13 Feb 2021 15:21:35 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Feb 2021 15:21:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEE0T37fJ7WEY6B2Yrjq4pzs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1045
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=05e02203024a72e9d87c4f55&expiration=[EXPIRATION]

43 B
999 B

14ms
13ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=05e02203024a72e9d87c4f55&expiration=[EXPIRATION]
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:35 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 13 Feb 2021 15:21:35 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=05e02203024a72e9d87c4f55&expiration=[EXPIRATION]
Date: Sat, 13 Feb 2021 15:21:35 GMT
Access-Control-Allow-Credentials: true
X-Powered-By: Express
Content-Length: 0
Vary: Origin

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 1045
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6665160951812737977&uid=Q6665160951812737977&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

7ms
6ms

Image
image/gif

2.20.20.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.20.212 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-20-20-212.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 15:21:36 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Sat, 13 Feb 2021 15:21:36 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1045
Redirect Chain

https://d.adroll.com/cm/index/ssp?gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

43 B
993 B

16ms
15ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:35 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 13 Feb 2021 15:21:35 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date: Sat, 13 Feb 2021 15:21:35 GMT
server: nginx/1.18.0
content-length: 76

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1045
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8825653202333740850

43 B
994 B

16ms
12ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8825653202333740850
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:35 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 13 Feb 2021 15:21:35 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8825653202333740850
pragma: no-cache
date: Sat, 13 Feb 2021 15:21:35 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 setuid
sync.quantumdex.io/ Frame 1045 43 B
436 B 134ms
132ms Image
image/gif 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YCfufzMZ4NcJSnwO6KeY8wAABKMAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:35 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XF7oQSg8LYh0jOgkE6owzLaw%2BzU8i5ioCRv%2FLAmGcZN%2FVjQpyDiGQDfn%2FrsF1nqABRi6Dkm8HiyfYfXf72GRwdzX8e3glbBMxze%2Fwytnk4jQfTjX7nKnKAHzojCx5gY%3D"}]}
content-type: image/gif
cf-ray: 620f8a3dd93fd6f1-FRA
content-length: 43
cf-request-id: 083d94baa40000d6f111bbf000000001

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame D39C
Redirect Chain

https://x.bidswitch.net/sync?ssp=sonobi
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=e42dd74b-01ed-42f9-be63-a8395e9623e1
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=e42dd74b-01ed-42f9-be63-a8395e9623e1
https://x.bidswitch.net/sync?dsp_id=4&user_id=1df49638-e2fe-48ca-98ca-b56d32eb899a&ssp=sonobi&expires=30&user_group=5&bsw_param=e42dd74b-01ed-42f9-be63-a8395e9623e1
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e42dd74b-01ed-42f9-be63-a8395e9623e1

49 B
509 B

14ms
14ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e42dd74b-01ed-42f9-be63-a8395e9623e1

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:36 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e42dd74b-01ed-42f9-be63-a8395e9623e1
date: Sat, 13 Feb 2021 15:21:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D39C 70 B
264 B 91ms
30ms Image
image/gif 54.154.164.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4d443a3ea2&gdpr=1&gdpr_consent=
Requested by: Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.164.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-164-132.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Feb 2021 15:21:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtset
bh.contextweb.com/bh/ Frame D39C
Redirect Chain

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=unknown&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=eVMyMFN4ODdQYVRrUWpQeFNfcVJqdw&gdpr=&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEE6Kw3x5PQmefAxMClASieI&google_cver=1

49 B
333 B

97ms
97ms

Image
image/gif

198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEE6Kw3x5PQmefAxMClASieI&google_cver=1

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-75d6d6d469-n6crl
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 13 Feb 2021 15:21:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEE6Kw3x5PQmefAxMClASieI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame D39C
Redirect Chain

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=50ea6027-ee7f-4200-bdbd-2d946551f791

49 B
509 B

14ms
13ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=50ea6027-ee7f-4200-bdbd-2d946551f791

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:35 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 13 Feb 2021 15:22:08 GMT
Server: MT3 3518 2f03077 master cdg-pixel-x7
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=50ea6027-ee7f-4200-bdbd-2d946551f791
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 13 Feb 2021 15:22:07 GMT

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame D39C
Redirect Chain

https://p.rfihub.com/cm?pub=35683&in=1
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=875739024133653828

49 B
513 B

14ms
14ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=zt&nuid=875739024133653828

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:36 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://sync.go.sonobi.com/us.gif?nw=zt&nuid=875739024133653828
Server: Jetty(9.0.6.v20130930)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame D39C
Redirect Chain

https://sync.1rx.io/usersync2/sonobi&gdpr=1&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3480721026
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3480721026
https://sync.1rx.io/usersync/tradedesk/4cc7914b-5d97-4702-8151-040bd0c18775
https://sync.targeting.unrulymedia.com/csync/RX-4806f953-7f2f-4638-9d50-c89254823354-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-4806f953-7f2f-4638-9d50-c89...
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-4806f953-7f2f-4638-9d50-c89254823354-003

49 B
513 B

15ms
15ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-4806f953-7f2f-4638-9d50-c89254823354-003

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:36 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 13 Feb 2021 15:21:36 GMT
Server: Tengine
ETag: RX4806f9537f2f46389d50c89254823354003
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-4806f953-7f2f-4638-9d50-c89254823354-003
Connection: keep-alive
Content-Type: text/html

GET
H/1.1

200
OK

usg.gif
sync.go.sonobi.com/ Frame D39C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=dW5rbm93bg==
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIWcXIuuHFGsZE-eZRtkr0c&google_cver=1

49 B
509 B

14ms
13ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIWcXIuuHFGsZE-eZRtkr0c&google_cver=1

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:35 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Feb 2021 15:21:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIWcXIuuHFGsZE-eZRtkr0c&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame 927F
Redirect Chain

https://x.bidswitch.net/sync?ssp=sonobi
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=e42dd74b-01ed-42f9-be63-a8395e9623e1&google_hm=ZTQyZGQ3NGItMDFlZC00MmY5LWJlNjMtYTgzOTVlOTYyM2Ux
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESELpT6AQ9hysGbGbUkpRlZLE&google_cver=1&ssp=sonobi&bsw_param=e42dd74b-01ed-42f9-be63-a8395e9623e1
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e42dd74b-01ed-42f9-be63-a8395e9623e1

49 B
509 B

14ms
14ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e42dd74b-01ed-42f9-be63-a8395e9623e1

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:35 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e42dd74b-01ed-42f9-be63-a8395e9623e1
date: Sat, 13 Feb 2021 15:21:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 927F 70 B
265 B 86ms
30ms Image
image/gif 54.154.164.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4d443a3ea2&gdpr=1&gdpr_consent=
Requested by: Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.164.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-164-132.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Feb 2021 15:21:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtset
bh.contextweb.com/bh/ Frame 927F
Redirect Chain

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=unknown&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=aGU3Nk9URjN4WjhMaHNJQ3ZtZmVEUQ&gdpr=&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEE6Kw3x5PQmefAxMClASieI&google_cver=1

49 B
333 B

98ms
98ms

Image
image/gif

198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEE6Kw3x5PQmefAxMClASieI&google_cver=1

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-75d6d6d469-n6crl
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 13 Feb 2021 15:21:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEE6Kw3x5PQmefAxMClASieI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame 927F
Redirect Chain

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=fe9e6027-ee7f-4200-a320-14ecbed73e1c

49 B
513 B

14ms
14ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=fe9e6027-ee7f-4200-a320-14ecbed73e1c

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:35 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 13 Feb 2021 15:22:08 GMT
Server: MT3 3518 2f03077 master cdg-pixel-x10
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=fe9e6027-ee7f-4200-a320-14ecbed73e1c
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 13 Feb 2021 15:22:07 GMT

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame 927F
Redirect Chain

https://p.rfihub.com/cm?pub=35683&in=1
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871878967421041938

49 B
513 B

14ms
14ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871878967421041938

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:36 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871878967421041938
Server: Jetty(9.0.6.v20130930)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame 927F
Redirect Chain

https://sync.1rx.io/usersync2/sonobi&gdpr=1&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=614638986
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=614638986
https://sync.1rx.io/usersync/tradedesk/94de1f55-2986-477d-9f49-102334b36909
https://sync.targeting.unrulymedia.com/csync/RX-4806f953-7f2f-4638-9d50-c89254823354-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-4806f953-7f2f-4638-9d50-c89...
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-4806f953-7f2f-4638-9d50-c89254823354-003

49 B
513 B

14ms
14ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-4806f953-7f2f-4638-9d50-c89254823354-003

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:36 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 13 Feb 2021 15:21:36 GMT
Server: Tengine
ETag: RX4806f9537f2f46389d50c89254823354003
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-4806f953-7f2f-4638-9d50-c89254823354-003
Connection: keep-alive
Content-Type: text/html

GET
H/1.1

200
OK

usg.gif
sync.go.sonobi.com/ Frame 927F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=dW5rbm93bg==
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEECSNhWi4cqaGijX4jVYlEI&google_cver=1

49 B
513 B

15ms
14ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usg.gif?google_gid=CAESEECSNhWi4cqaGijX4jVYlEI&google_cver=1

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:35 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Feb 2021 15:21:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.go.sonobi.com/usg.gif?google_gid=CAESEECSNhWi4cqaGijX4jVYlEI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 1382
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YCfuf-puYtxsPV1nkWqtigAABJoAAAIB
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEE6uYNZQ3sTPYAWUbV0kvf0&google_cver=1

43 B
315 B

11ms
10ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEE6uYNZQ3sTPYAWUbV0kvf0&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:35 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 13 Feb 2021 15:21:35 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Feb 2021 15:21:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEE6uYNZQ3sTPYAWUbV0kvf0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 1382 70 B
264 B 55ms
31ms Image
image/gif 54.154.164.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_dsp_id=39&gdpr=1&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=YCfuf.puYtxsPV1nkWqtigAA
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.164.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-164-132.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Feb 2021 15:21:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1382
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YCfuf.puYtxsPV1nkWqtigAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED1QQnfVhHmwLEpsBbTFdqI&google_cver=1&google_hm=2

43 B
1002 B

13ms
13ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED1QQnfVhHmwLEpsBbTFdqI&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:35 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 13 Feb 2021 15:21:35 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Feb 2021 15:21:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED1QQnfVhHmwLEpsBbTFdqI&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 1382
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCfuf-puYtxsPV1nkWqtigAABJoAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCfuf-puYtxsPV1nkWqtigAABJoAAAIB&dcc=t

43 B
433 B

155ms
107ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCfuf-puYtxsPV1nkWqtigAABJoAAAIB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:36 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:36 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCfuf-puYtxsPV1nkWqtigAABJoAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1382
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471592494417968

43 B
1 KB

15ms
14ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471592494417968
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:36 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 13 Feb 2021 15:21:36 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471592494417968
Server: Jetty(9.0.6.v20130930)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1382
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a51f6027-ee7f-4e00-ba5f-6d676a2907de

43 B
1 KB

13ms
13ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a51f6027-ee7f-4e00-ba5f-6d676a2907de
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:35 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 13 Feb 2021 15:21:35 GMT

Redirect headers

Date: Sat, 13 Feb 2021 15:22:08 GMT
Server: MT3 3518 2f03077 master cdg-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a51f6027-ee7f-4e00-ba5f-6d676a2907de
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 13 Feb 2021 15:22:07 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1382
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-dc26f660-e17c-4cec-8e4c-26d13e9281b0

43 B
1 KB

14ms
14ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-dc26f660-e17c-4cec-8e4c-26d13e9281b0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:36 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 13 Feb 2021 15:21:36 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-dc26f660-e17c-4cec-8e4c-26d13e9281b0
date: Sat, 13 Feb 2021 15:21:36 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 1382 43 B
408 B 1072ms
14ms Image
image/gif 63.251.232.170
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Feb 2021 15:21:36 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-2
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame 1382 43 B
324 B 133ms
129ms Image
image/gif 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YCfuf-puYtxsPV1nkWqtigAABJoAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 15:21:35 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C6s2fn60n9NqeGiEbFj%2FDAXJy25VvpTSzFIO692hotpQd1UMg%2Bh8zyYaku2ayezjRZI6QtNe%2Fic2UD3ndEBY0K2nK0q5QR5TNRv8nFtGtZpEAgNNysrU2h2peE673XU%3D"}]}
content-type: image/gif
cf-ray: 620f8a3e19c1d6f1-FRA
content-length: 43
cf-request-id: 083d94bad00000d6f128232000000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: useast.quantumdex.io
URL: https://useast.quantumdex.io/auction/quantumdex

Domain: useast.quantumdex.io
URL: https://useast.quantumdex.io/auction/quantumdex

Verdicts & Comments Add Verdict or Comment

243 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 16:07:10	Name: test_cookie Value: CheckForPermission
.abc-people.com/	1970-01-20 01:28:45	Name: __gads Value: ID=4b4d1251601a15ac-222c33de73ba00ce:T=1613229691:RT=1613229691:S=ALNI_MaTU3RVzNv0P3Lf-2GGy2AkrosWWg
www.abc-people.com/	1970-01-19 16:07:11	Name: __atuvs Value: 6027ee7aed77be1d000
www.abc-people.com/	1970-01-20 00:52:45	Name: _pubcid Value: debd95d3-7414-4fe9-a738-e6f4362a731d
www.abc-people.com/	1970-01-20 01:33:04	Name: __atuvc Value: 1%7C6
www.abc-people.com/	1970-01-19 16:07:16	Name: __vliIPL Value: {"value":["2a01:4f8:121:131a::2"],"expiredAt":1613236890292}

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: http://assets.vlitag.com/prebid/default/prebid-v4.24.0.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	error	URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js(Line 439) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js(Line 6) Message: GPT synchronous rendering is no longer supported, ads will be requested and rendered asynchronously. See https://support.google.com/admanager/answer/9212594 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.liveburst.com
ad.turn.com
ads.creative-serving.com
adservice.google.com
adservice.google.de
ap.lijit.com
api-public.addthis.com
assets.vlitag.com
bh.contextweb.com
cdn.jsdelivr.net
cdn.pixfuture.com
clients1.google.com
cm.adgrx.com
cm.g.doubleclick.net
counter.yadro.ru
cse.google.com
d.adroll.com
dsum-sec.casalemedia.com
edge.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
ic.tynt.com
imasdk.googleapis.com
js.mamydirect.com
logs.vlitag.com
match.adsrvr.org
ms.quantumdex.io
nep.advangelists.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pastemyimg.com
pixel.quantserve.com
px.owneriq.net
rules.quantcount.com
s.adtelligent.com
s.amazon-adsystem.com
s7.addthis.com
secure.adnxs.com
securemoney.ru
securepubads.g.doubleclick.net
served-by.pixfuture.com
services.vlitag.com
ssum-sec.casalemedia.com
sync.1rx.io
sync.adotmob.com
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.targeting.unrulymedia.com
tag.vlitag.com
tpc.googlesyndication.com
useast.quantumdex.io
v1.addthisedge.com
widgets.pinterest.com
www.abc-people.com
www.clocklink.com
www.google.com
www.googletagservices.com
www.increaserev.com
x.bidswitch.net
z.moatads.com
useast.quantumdex.io
104.75.88.112
142.250.185.130
142.250.186.66
142.250.186.98
151.101.13.108
151.101.36.84
178.162.133.149
18.185.0.221
185.183.112.148
185.29.135.233
185.33.220.240
185.33.221.87
193.0.160.129
198.148.27.139
2.20.20.212
2001:678:cb4:bbbb::11
208.100.17.190
213.19.147.151
216.230.241.100
23.218.208.246
23.218.209.154
2600:9000:2127:2800:6:44e3:f8c0:93a1
2606:4700:20::681a:17e
2606:4700:20::681a:eee
2606:4700:20::681a:fee
2606:4700:20::ac43:4671
2606:4700:20::ac43:47f1
2606:4700:3035::6815:1487
2620:116:800d:21:51e4:db4b:4436:b305
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::200a
2a00:1450:4001:82b::2004
2a04:4e42:3::621
2a0c:5c81:5160::2
35.157.13.124
37.143.8.28
51.89.9.253
54.154.164.132
54.228.203.167
54.74.23.153
54.82.140.85
63.251.232.170
66.55.83.135
68.183.31.14
72.21.206.140
72.251.249.13
82.196.3.110
88.212.201.216
02908d62a079497f0252e7cca78cb91c7951f9b0e450995ba1c8d353cb105e0c
03fb02a2b25cf9158a5667a613031880ab6186e70ac6d5923f4669837b7a249c
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06d28e4119cb4b5fd3d3611ad17465fb955cfdf95233e762b54bce39e1cb5ed4
0a3648666dacf7c5578ab4757029be9012e3c782fdc262c7d1cf4637d7aa5b83
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
17653ab482d588c7a04f36956f67f82c92341e3ae3b0939b3d4d348d5e82c9cb
18baa66510b767aa153055b63c38fd838097271b1d6ff9b0557839cb194a6002
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
198b9f3cc2c9fc5a1d3ec247a16f003e9a8701b10b7cf92d2783097163bcf53e
1b290ff52300188cecc4d2c25fc1a2dcc6d4a75130ca305c1feae9271d278fe2
233677257ab4fe54e8fb3910d29afcaa8b7ed1eb7a9a85a87108fda28a743400
24e960d3a1b73128513ce865cc8d80541b364981cd56dd07db1bd9928b89ae67
28c052d2e61bdbb4a85e945f7aa8555c2548f4c65c399e654d6b2ae42e484120
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2a284fa845f162ec13dc7f23de658ac23118c7e1b7bf9cc160631b6650449cae
2c8d241d88a9ef9eaa2cbaa920b83d6b3fd9f00951fcd43b5ae12efe37c428da
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eec7fee3404cb4d2940d8df0d69271cf4c1463f67c2e24d68fd7c2228442d0d
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
32c2567207134b4b98a5e3a4b1dd0c869e87b9180c9e5606498e5e456c4de0d2
35cf92c7268169e4675f6e2b25c0b9179e496e16e38b8d1f7d4ce5eecd616369
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3a520d2e5f25c7690b0fb6f223a068da888a1a4cd41d81c4baccea44764c5c09
3b2a184ba2cf788cea7c9b86ad7e2ac6851abf21618de6e7309973854bd27cd0
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
404629f50819dec102fbb32402f72064fdc3c8de160a35d2285d765494a47f2b
406c4fb405b354201cab277fe38d0cf56f28ae88cb2fd5df31c24a5987780699
41c88a7367d92e05341a9789fccb99bf7168b08a9757fdfec8413d3aed86b10a
41ef556b0a4f4bdd486a106c3c90f6b5b89889c3f5040af4028e81c9837994ec
437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4683103ce213507d7da32014baf9dc2644771188ac4a87aaccccaa173559989c
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
54c03dc49439b0e09a0b1fc5e448b065c832aa14e3971426c6c8b0ddd76193ac
5818443b387973b6dd1f3185fbfce5515ca6f753e2e8b4c96fee56e7d5ac8898
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5934da5459fe133a893c1a5143fa52effe0605da516399659f3528e643f5b439
5fa17436f0622d15ee206337accdae6e7d373ce32855c0c795a338aa0691073f
6070049215ef9b98d1b389d67963816172ff29513d34335c5061cd9619a3ea17
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
64c9b5cdb0439b28548227469f0a722a13c9507b6b1da224fd2e18c7212ec2b0
6572ed6ff74715ed06ea651e8cfff5a76325e58bee7312b97682ea8cbec844e9
6bdc90670a1aaf518e9c91164d7123dcab0710f145386518e39796b4b1493aa9
6cec58ba72d3a8918616deb3c175f313bdd931f143c0909fc2285ab476e8c990
6ea9c7c24cf587fcab1896a4fd89f8aa972e1264aa19fedc0c86fcc568568eca
7a53c23ad2ca3cbe4b8c7fc5f79faeb815780dc21232854a6c8265efdbb05127
7ab0341f68cc06548e5b65a9660bf17584dd7a03bc68edf26a41a560789d1a84
7f0662b582c6b18767ead9ab5bbd64aa4157c37dd15e450e9cd92a1e537c81dd
7f37093d285548a3ffadf31d52554118e59bdfa3350f70083d981a4196732318
805a64cae010fcbad79541f5312569dad56ba8aa2405f9b9d869a8732d26805e
80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe
841cb5b0e5b4827fc446c3d291a73ffe9afdd355ffe7485c9dee417f2f61f754
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9917cba65e1d0bf423e1ad79c352dd3ab4f31a24dbb62deff80a346849266015
9cdb4dd08ba584cdf21b63932a8834d79969701403ef62afb63f0c6f436e6c0f
9ef666022c3b2e7ce78c9a82d0629305bf3812f8d787cb957f218159637ee7d4
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a607b964ac5717fa3841253368a8202f1fe5b451cba8468c76c2d43a8b50788f
a77b7b5cd027c5f8fdea045560cf85c5bfafe61391cd141f0deb86288644ab41
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5914b7e39801efe56b01a0281c9d4958cea9f221473b41037e8e26abb056c14
b73510a4c5a2e8835501c88f6748ade1de22fcf3fa2d15518c13be4443f9c19f
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25
bb51b9caddb8a0e55d70c819b8a8903fbf2f94b7ad453653ec6aa0e823524276
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c346dc719d9cc186e3ff6e1c91a10191755100e0d65387984b43fdf56fa00de0
c500deb21501fe2e46ba5eaf674707e5b6d5067daa6702a8cc9bdb387e0f68b5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0a242927d21fe8b4f228e5f13765395529dc3f475b738934f394515a54ae130
d1892e454db07f5094b205110d28b37cb95f3621d21e301ea04a33a0c4407289
d2b13ee812188a64ef574ee912eaea945b1ae2a5a54b413e2fdfda94a7a58d09
d4cd747ce987d317ce2b6762c740719096e3de398c10efa9526f177a9176d49a
d61c1a07086ae236fc63af84ba34c8b68f271a6a333a0d38f57079ececb2181e
d76ee8c8bbdfa8648d77d97039a0456d21c02f9de84d51357da75c894c7f377b
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dbeb241324f4c3e889518c86ec74c1f6f634fff0c6f23f8c5af28273b8f31112
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
df023067faaf4354636a8ec8710384a319b121581a69963a5c0c0ff38e72cbbc
e1892e9eee5c0b0cc01799ca7b3e16ebe91fabd6a4a876463aed1b9d65266150
e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690
e29e72a5cce3a8222fbf8aba93c55fd594b1a9bc0f4624abd8b63ead241bf80a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70696531ebef4e25c157f95ad6730a529ac4df922aa285b3d6e9236007e8820
e91aab64b4bce5372db7436b28d895a2ad782d82dd231f93aeb0c0ca272f3b4d
eca0106b71eeff5109594741b31a4c5e14306e016bf027206f4a068aeb04b862
efff6d3d67e90f4ae0273b4dd71e7bb1bddb0d016d42fc9becc5d41300811d54
f109de836caa3df45d42b650e24044cdf864c8e4133e20d7f19d6ac0fd819ecb
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fbd54881788ecce618c9647220accb97727dde43262d50e530619dcb2b5273e6
fc7dee0d1c507a90415debd13d75125b79226287e6ab53ca13f470d1a6339036
fec14b132aa8f5c290a39129469655fb29aeed7faf69a4d628c34cc667812988

www.abc-people.com Open in urlscan Pro 82.196.3.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

147 Requests

78 %HTTPS

38 %IPv6

48 Domains

66 Subdomains

45 IPs

7 Countries

1885 kBTransfer

4599 kBSize

6 Cookies

5 Outgoing links

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.abc-people.com Open in urlscan Pro
82.196.3.110 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

78 %
HTTPS

38 %
IPv6

48
Domains

66
Subdomains

45
IPs

7
Countries

1885 kB
Transfer

4599 kB
Size

6
Cookies

147 HTTP transactions
1 data transactions