urlscan.io logo urlscan.io
SecurityTrails logo

wbz-tavnsz.net Open in urlscan Pro
2606:4700:3034::ac43:d132  Public Scan

Go To Rescan Add Verdict Report
URL: https://wbz-tavnsz.net/
Submission: On January 27 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 141 IPs in 16 countries across 132 domains to perform 1148 HTTP transactions. The main IP is 2606:4700:3034::ac43:d132, located in United States and belongs to CLOUDFLARENET, US. The main domain is wbz-tavnsz.net.
TLS certificate: Issued by GTS CA 1P5 on January 26th 2024. Valid for: 3 months.
This is the only time wbz-tavnsz.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
49 135.148.55.194 16276 (OVH)
1 2600:9000:24f... 16509 (AMAZON-02)
19 2620:100:a001::4 19750 (AS-CRITEO)
1 22 2607:f8b0:400... 15169 (GOOGLE)
28 195.142.105.15 199484 (SAGLAYICI)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
4 151.101.129.44 54113 (FASTLY)
7 151.101.193.44 54113 (FASTLY)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42::714 54113 (FASTLY)
15 31 2620:100:a001::c 19750 (AS-CRITEO)
17 74.119.119.139 19750 (AS-CRITEO)
2 15 185.184.8.90 204995 (RTB-HOUSE...)
14 2602:803:c002... 26667 (RUBICONPR...)
14 2620:100:a001... 19750 (AS-CRITEO)
6 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 199.232.211.52 54113 (FASTLY)
1 2001:4860:480... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 141.226.124.48 200478 (TABOOLA-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 4 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
22 2607:f8b0:400... 15169 (GOOGLE)
30 2607:f8b0:400... 15169 (GOOGLE)
4 68.71.249.118 46562 (PERFORMIVE)
1 3.133.85.98 16509 (AMAZON-02)
12 108.156.152.115 16509 (AMAZON-02)
6 2607:f8b0:400... 15169 (GOOGLE)
4 104.18.34.83 13335 (CLOUDFLAR...)
10 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
13 2607:f8b0:400... 15169 (GOOGLE)
4 142.251.40.198 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
12 34.110.252.168 396982 (GOOGLE-CL...)
9 63.251.28.234 26558 (FREEWHEEL)
1 3 18.160.60.23 16509 (AMAZON-02)
22 22 35.211.178.172 15169 (GOOGLE)
5 31 172.240.127.128 7979 (SERVERS-COM)
5 212.36.83.245 15699 (AS_ADAM A...)
16 23 8.43.72.97 26667 (RUBICONPR...)
18 24 142.251.41.2 15169 (GOOGLE)
4 9 172.64.151.101 13335 (CLOUDFLAR...)
9 74 68.67.161.182 29990 (ASN-APPNEX)
3 67.202.105.34 32748 (STEADFAST)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
11 64.31.24.174 46475 (LIMESTONE...)
2 172.64.152.89 13335 (CLOUDFLAR...)
6 80 69.20.43.192 27357 (RACKSPACE)
2 142.251.32.98 15169 (GOOGLE)
11 2606:4700:20:... 13335 (CLOUDFLAR...)
8 9 67.202.105.23 32748 (STEADFAST)
1 23.62.105.110 16625 (AKAMAI-AS)
3 4 18.214.54.215 14618 (AMAZON-AES)
1 4 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 52.71.187.23 14618 (AMAZON-AES)
14 14 3.33.220.150 16509 (AMAZON-02)
7 10 34.111.113.62 396982 (GOOGLE-CL...)
1 1 3.219.123.12 14618 (AMAZON-AES)
1 54.83.168.181 14618 (AMAZON-AES)
1 3 35.244.154.8 396982 (GOOGLE-CL...)
1 1 67.202.105.22 32748 (STEADFAST)
6 6 35.214.175.163 15169 (GOOGLE)
2 47.252.78.131 45102 (ALIBABA-C...)
2 2 8.2.110.134 46636 (NATCOWEB)
6 6 2620:112:f002... 6336 (TURN-US-ASN)
4 4 54.205.114.77 14618 (AMAZON-AES)
2 2 23.66.169.40 16625 (AKAMAI-AS)
28 23.56.163.106 16625 (AKAMAI-AS)
6 34.117.239.71 396982 (GOOGLE-CL...)
3 3 216.200.232.253 30419 (MEDIAMATH...)
3 3 34.200.65.202 14618 (AMAZON-AES)
4 4 2606:ae80:147... 25751 (VALUECLICK)
2 3 52.223.22.214 16509 (AMAZON-02)
31 151.101.193.108 54113 (FASTLY)
2 18.160.83.5 16509 (AMAZON-02)
1 2 18.235.96.255 14618 (AMAZON-AES)
13 13 69.194.240.13 26120 (RHYTHMONE)
2 3 2600:1f18:4e9... 14618 (AMAZON-AES)
1 1 44.208.159.189 14618 (AMAZON-AES)
3 4 151.101.130.49 54113 (FASTLY)
2 2 198.148.27.131 19189 (PULSEPOINT)
4 4 2620:116:800b... 14618 (AMAZON-AES)
7 7 52.87.109.38 14618 (AMAZON-AES)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 3 199.38.167.131 54312 (ROCKETFUEL)
1 1 34.107.184.81 396982 (GOOGLE-CL...)
3 3 207.198.113.87 13768 (COGECO-PEER1)
2 4 52.71.57.44 14618 (AMAZON-AES)
5 6 2600:9000:269... 16509 (AMAZON-02)
1 208.115.232.150 46475 (LIMESTONE...)
11 34.197.147.123 14618 (AMAZON-AES)
11 104.36.115.111 62713 (AS-PUBMATIC)
11 185.167.164.49 198622 (ADFORM)
11 147.135.119.115 16276 (OVH)
4 54.172.228.57 14618 (AMAZON-AES)
2 34.149.20.76 15169 (GOOGLE)
1 2a04:4e42::485 54113 (FASTLY)
1 69.173.151.96 26667 (RUBICONPR...)
12 85.111.6.48 9121 (TTNET)
3 5 2a02:6b8::90 13238 (YANDEX)
2 37.157.2.230 198622 (ADFORM)
1 178.128.135.204 14061 (DIGITALOC...)
8 2600:9000:24d... 16509 (AMAZON-02)
1 216.137.45.118 16509 (AMAZON-02)
1 1 69.173.151.100 26667 (RUBICONPR...)
2 5 52.46.143.56 16509 (AMAZON-02)
2 3 52.94.223.37 16509 (AMAZON-02)
1 4 50.19.82.102 14618 (AMAZON-AES)
2 2 54.145.121.220 14618 (AMAZON-AES)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
1 147.28.129.37 54825 (PACKET)
91 23.56.163.14 16625 (AKAMAI-AS)
10 14 162.19.138.119 16276 (OVH)
8 23.56.162.249 16625 (AKAMAI-AS)
1 2620:1ec:48:1... 8075 (MICROSOFT...)
32 68.67.160.75 29990 (ASN-APPNEX)
3 85.111.6.50 9121 (TTNET)
7 3.161.150.40 16509 (AMAZON-02)
16 40 2620:1ec:c11:... 8068 (MICROSOFT...)
2 34.95.69.49 396982 (GOOGLE-CL...)
1 141.95.98.65 16276 (OVH)
15 8.28.7.79 62713 (AS-PUBMATIC)
15 162.248.18.36 62713 (AS-PUBMATIC)
2 6 104.36.115.113 62713 (AS-PUBMATIC)
2 29 162.248.18.37 62713 (AS-PUBMATIC)
1 40.76.134.238 8075 (MICROSOFT...)
2 2 35.194.66.159 396982 (GOOGLE-CL...)
2 162.248.18.34 62713 (AS-PUBMATIC)
10 18.246.194.225 16509 (AMAZON-02)
26 3.227.88.109 14618 (AMAZON-AES)
8 54.194.245.60 16509 (AMAZON-02)
12 3.1.125.59 16509 (AMAZON-02)
1 6 168.119.72.236 24940 (HETZNER-AS)
12 56 23.83.76.89 395954 (LEASEWEB-...)
2 2 50.57.31.206 19994 (RACKSPACE)
6 6 185.167.164.43 198622 (ADFORM)
3 3 54.197.121.110 14618 (AMAZON-AES)
1 1 35.211.118.13 19527 (GOOGLE-2)
2 2 44.195.106.99 14618 (AMAZON-AES)
1 1 176.122.21.139 48096 (ITGRAD)
1 159.69.72.5 24940 (HETZNER-AS)
2 2 193.232.148.141 48061 (UMA-TECH-AS)
1 2a02:6ea0:c40... 60068 (CDN77 ^_^)
1 169.197.150.8 398989 (DEEPINTENT)
2 2 35.210.53.219 15169 (GOOGLE)
1 2 34.202.222.101 14618 (AMAZON-AES)
4 4 74.119.119.150 19750 (AS-CRITEO)
1 1 82.145.213.8 39832 (NO-OPERA)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 1 172.105.220.23 63949 (AKAMAI-LI...)
1 35.186.193.173 15169 (GOOGLE)
1 23.88.86.2 24940 (HETZNER-AS)
1 195.5.165.20 44968 (IPROM-AS)
2 2 184.86.146.172 16625 (AKAMAI-AS)
1 2 54.163.145.250 14618 (AMAZON-AES)
4 5 35.244.159.8 15169 (GOOGLE)
1 54.86.26.94 14618 (AMAZON-AES)
1 52.2.244.166 14618 (AMAZON-AES)
1 2 38.98.69.175 174 (COGENT-174)
1 1 131.153.168.132 19437 (SS-ASH)
1 2a02:6ea0:c40... 60068 (CDN77 ^_^)
1 1 35.186.253.211 15169 (GOOGLE)
1 1 37.157.2.229 198622 (ADFORM)
2 51.222.241.100 16276 (OVH)
2 2 80.77.87.161 46636 (NATCOWEB)
2 2 5.161.187.67 213230 (HETZNER-C...)
6 6 70.42.32.31 22075 (AS-OUTBRAIN)
3 3 85.114.159.93 24961 (MYLOC-AS ...)
1 1 45.137.176.88 60350 (VP)
1 1 195.244.31.10 63140 (IGUANA-WO...)
8 10 52.16.166.255 16509 (AMAZON-02)
1 108.139.15.86 16509 (AMAZON-02)
1 1 107.178.254.65 396982 (GOOGLE-CL...)
1 1 134.122.57.34 14061 (DIGITALOC...)
1 3.209.233.220 14618 (AMAZON-AES)
4 4 34.233.39.191 14618 (AMAZON-AES)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 2 34.199.67.71 14618 (AMAZON-AES)
1 142.250.80.2 15169 (GOOGLE)
1148 141
1    2606:4700:3034::ac43:d132 (United States)

ASN13335 (CLOUDFLARENET, US)
wbz-tavnsz.net
49    135.148.55.194 (Reston, United States)

ASN16276 (OVH, FR)
PTR: ns1007904.ip-135-148-55.us
s.mynet.com.tr
imgrosetta.mynet.com.tr
1    2600:9000:24ff:fa00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
19    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
22    2607:f8b0:4006:80e::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
28    195.142.105.15 (Turkey)

ASN199484 (SAGLAYICI, TR)
adl.mynetreklam.com
img7.mynet.com.tr
imgmyntv.mynet.com
img7.mynet.com
1    2607:f8b0:4006:821::200a (Colchester, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2607:f8b0:4006:824::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
c2.taboola.com
pm-widget.taboola.com
trc.taboola.com
7    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
nr-events.taboola.com
pm-widget.taboola.com
3    2607:f8b0:4006:81c::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
31    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
17    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
15    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
14    2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
14    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
6    2607:f8b0:4006:824::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)
20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
3    2607:f8b0:4006:823::200a (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2607:f8b0:4006:81d::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2607:f8b0:4006:81d::200e (Colchester, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    199.232.211.52 (United States)

ASN54113 (FASTLY, US)
apv-launcher.minute.ly
1    2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c08::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)
ch-trc-events.taboola.com
1    2606:4700:20::ac43:48f0 (United States)

ASN13335 (CLOUDFLARENET, US)
snippet.minute.ly
4    2607:f8b0:4006:80f::2004 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2606:4700:10::6816:49ae (United States)

ASN13335 (CLOUDFLARENET, US)
counter.snackly.co
22    2607:f8b0:4006:80d::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
30    2607:f8b0:4006:821::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    68.71.249.118 (Toronto, Canada)

ASN46562 (PERFORMIVE, US)
udmserve.net
1    3.133.85.98 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-133-85-98.us-east-2.compute.amazonaws.com
ads.vidoomy.com
12    108.156.152.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-152-115.atl58.r.cloudfront.net
windsplay.com
6    2607:f8b0:4006:807::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    104.18.34.83 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
sc.tynt.com
10    2607:f8b0:4006:817::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
3    2607:f8b0:4006:81f::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
13    2607:f8b0:4006:81f::2006 (Colchester, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    142.251.40.198 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f6.1e100.net
ad.doubleclick.net
3    2606:4700:20::681a:658 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cdn.pixad.com.tr
mediazone.rtb.pixad.com.tr
1    2607:f8b0:4006:81e::200e (Colchester, United States)

ASN15169 (GOOGLE, US)
mts0.google.com
12    34.110.252.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.252.110.34.bc.googleusercontent.com
ad.lkqd.net
9    63.251.28.234 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
3    18.160.60.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-60-23.atl59.r.cloudfront.net
sb.scorecardresearch.com
22    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
31    172.240.127.128 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
5    212.36.83.245 (Sant Vicenç dels Horts, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: lb1.vdmy.dtic.es
a.vidoomy.com
23    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
24    142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net
cm.g.doubleclick.net
9    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
74    68.67.161.182 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
3    67.202.105.34 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
ic.tynt.com
de.tynt.com
3    2606:4700:20::ac43:4a93 (United States)

ASN13335 (CLOUDFLARENET, US)
ssp-service.pixad.com.tr
11    64.31.24.174 (Washington, United States)

ASN46475 (LIMESTONENETWORKS, US)
PTR: 174-24-31-64.static.reverse.lstn.net
s.richaudience.com
2    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-sic.33across.com
80    69.20.43.192 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
t.lkqd.net
cs.lkqd.net
2    142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
www.googleadservices.com
11    2606:4700:20::681a:b19 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.adpone.com
9    67.202.105.23 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
dp2.33across.com
ssc-cms.33across.com
sic.33across.com
1    23.62.105.110 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-105-110.deploy.static.akamaitechnologies.com
tags.bluekai.com
4    18.214.54.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-54-215.compute-1.amazonaws.com
ps.eyeota.net
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    52.71.187.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-187-23.compute-1.amazonaws.com
map.go.affec.tv
14    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
10    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    3.219.123.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-123-12.compute-1.amazonaws.com
usermatch.krxd.net
1    54.83.168.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-168-181.compute-1.amazonaws.com
beacon.krxd.net
3    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    67.202.105.22 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
dp1.33across.com
6    35.214.175.163 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 163.175.214.35.bc.googleusercontent.com
csync.loopme.me
2    47.252.78.131 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
2    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
6    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
4    54.205.114.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-114-77.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    23.66.169.40 (Mount Prospect, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-66-169-40.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
28    23.56.163.106 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-106.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
3    216.200.232.253 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
4    2606:ae80:1471:11::440 (United States)

ASN25751 (VALUECLICK, US)
33across-match.dotomi.com
pubmatic-match.dotomi.com
3    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
31    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
dcdn.adnxs.com
acdn.adnxs-simple.com
2    18.160.83.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-83-5.atl59.r.cloudfront.net
c.amazon-adsystem.com
2    18.235.96.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-96-255.compute-1.amazonaws.com
rtb.adentifi.com
13    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    2600:1f18:4e9:5a05:efc0:d7f0:30f1:7edd (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
1    44.208.159.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-159-189.compute-1.amazonaws.com
media.sabio.us
4    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
7    52.87.109.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-109-38.compute-1.amazonaws.com
match.prod.bidr.io
3    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    34.107.184.81 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.184.107.34.bc.googleusercontent.com
nxd.adhaven.com
3    207.198.113.87 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
4    52.71.57.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-57-44.compute-1.amazonaws.com
sync.crwdcntrl.net
bcp.crwdcntrl.net
6    2600:9000:269e:ec00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    208.115.232.150 (United States)

ASN46475 (LIMESTONENETWORKS, US)
PTR: 150-232-115-208.static.reverse.lstn.net
shb.richaudience.com
11    34.197.147.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-147-123.compute-1.amazonaws.com
ap.lijit.com
11    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
11    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
adx2.adform.net
11    147.135.119.115 (United States)

ASN16276 (OVH, FR)
PTR: ip115.ip-147-135-119.us
prg.smartadserver.com
4    54.172.228.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-228-57.compute-1.amazonaws.com
optimized-by.rubiconproject.com
2    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    69.173.151.96 (United States)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
12    85.111.6.48 (Turkey)

ASN9121 (TTNET, TR)
PTR: ns2.ttidc.com.tr
cpm.programattik.com
5    2a02:6b8::90 (Russian Federation)

ASN13238 (YANDEX, RU)
bs.yandex.ru
an.yandex.ru
2    37.157.2.230 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
track.adform.net
1    178.128.135.204 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
rt.marphezis.com
8    2600:9000:24d7:ee00:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)
vpaid.springserve.com
1    216.137.45.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-216-137-45-118.atl56.r.cloudfront.net
redcarpat.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
5    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    52.94.223.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    50.19.82.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-82-102.compute-1.amazonaws.com
match.sharethrough.com
2    54.145.121.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-121-220.compute-1.amazonaws.com
sync.ipredictive.com
2    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    147.28.129.37 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
91    23.56.163.14 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-14.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
ads.pubmatic.com
aktrack.pubmatic.com
14    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
8    23.56.162.249 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-162-249.deploy.static.akamaitechnologies.com
cdn.adnxs.com
1    2620:1ec:48:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
32    68.67.160.75 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
nym1-ib.adnxs.com
3    85.111.6.50 (Turkey)

ASN9121 (TTNET, TR)
PTR: ns2.ttidc.com.tr
rtb.programattik.com
7    3.161.150.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-150-40.atl59.r.cloudfront.net
choices.trustarc.com
40    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.bing.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
lb.eu-1-id5-sync.com
15    8.28.7.79 (United States)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
15    162.248.18.36 (United States)

ASN62713 (AS-PUBMATIC, US)
st.pubmatic.com
6    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
29    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
2    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
2    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
10    18.246.194.225 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-246-194-225.us-west-2.compute.amazonaws.com
vid-io-cle.springserve.com
26    3.227.88.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-88-109.compute-1.amazonaws.com
vid-io-iad.springserve.com
8    54.194.245.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-245-60.eu-west-1.compute.amazonaws.com
vid-io-dub.springserve.com
12    3.1.125.59 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-125-59.ap-southeast-1.compute.amazonaws.com
vid-io-sin.springserve.com
6    168.119.72.236 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.236.72.119.168.clients.your-server.de
sync.richaudience.com
56    23.83.76.89 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
rtb-csync.smartadserver.com
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
6    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
3    54.197.121.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-121-110.compute-1.amazonaws.com
pm.w55c.net
1    35.211.118.13 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 13.118.211.35.bc.googleusercontent.com
r.bidswitch.net
2    44.195.106.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-106-99.compute-1.amazonaws.com
dpm.demdex.net
1    176.122.21.139 (Russian Federation)

ASN48096 (ITGRAD, RU)
ads.adlook.me
1    159.69.72.5 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.5.72.69.159.clients.your-server.de
sync.dmp.otm-r.com
2    193.232.148.141 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp2.sender.ltmse.com
px.adhigh.net
1    2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
2    34.202.222.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-222-101.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
4    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
1    172.105.220.23 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1874-23.members.linode.com
gocm.c.appier.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    184.86.146.172 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-86-146-172.deploy.static.akamaitechnologies.com
px.owneriq.net
2    54.163.145.250 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-145-250.compute-1.amazonaws.com
thrtle.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
eu-u.openx.net
1    54.86.26.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-26-94.compute-1.amazonaws.com
crb.kargo.com
1    52.2.244.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-244-166.compute-1.amazonaws.com
sync.bfmio.com
2    38.98.69.175 (North Bergen, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
1    131.153.168.132 (Ashburn, United States)

ASN19437 (SS-ASH, US)
PTR: smooth-survey.psychefolk.com
server.cpmstar.com
1    2a02:6ea0:c400::11 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
vpaid.vidoomy.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    51.222.241.100 (Canada)

ASN16276 (OVH, FR)
PTR: haproxy-ca-011.roqad.pl
wt.rqtrk.eu
2    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    5.161.187.67 (Ashburn, United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.67.187.161.5.clients.your-server.de
sync-dmp.mobtrakk.com
6    70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    85.114.159.93 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
1    195.244.31.10 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor.omnitagjs.com
10    52.16.166.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-166-255.eu-west-1.compute.amazonaws.com
a.audrte.com
1    108.139.15.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-15-86.atl58.r.cloudfront.net
synchroscript.deliveryengine.adswizz.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    3.209.233.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-233-220.compute-1.amazonaws.com
bpi.rtactivate.com
4    34.233.39.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-39-191.compute-1.amazonaws.com
i.liadm.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
1    2600:1f18:ed:550f:6f5e:c54f:5770:5695 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
2    34.199.67.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-67-71.compute-1.amazonaws.com
io.narrative.io
1    142.250.80.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
169 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
vpaid.pubmatic.com — Cisco Umbrella Rank: 8037
ads.pubmatic.com — Cisco Umbrella Rank: 535
vid.pubmatic.com — Cisco Umbrella Rank: 13759
st.pubmatic.com — Cisco Umbrella Rank: 1309
aktrack.pubmatic.com — Cisco Umbrella Rank: 192454
image6.pubmatic.com — Cisco Umbrella Rank: 805
simage2.pubmatic.com — Cisco Umbrella Rank: 870
image2.pubmatic.com — Cisco Umbrella Rank: 912
image4.pubmatic.com — Cisco Umbrella Rank: 1237
simage4.pubmatic.com — Cisco Umbrella Rank: 1277
1 MB
144 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
secure.adnxs.com — Cisco Umbrella Rank: 490
acdn.adnxs.com — Cisco Umbrella Rank: 598
dcdn.adnxs.com — Cisco Umbrella Rank: 4365
cdn.adnxs.com — Cisco Umbrella Rank: 1783
nym1-ib.adnxs.com — Cisco Umbrella Rank: 1419
810 KB
92 lkqd.net
ad.lkqd.net — Cisco Umbrella Rank: 28621
v.lkqd.net — Cisco Umbrella Rank: 23416
t.lkqd.net — Cisco Umbrella Rank: 26961
cs.lkqd.net — Cisco Umbrella Rank: 2307
343 KB
73 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 967
eus.rubiconproject.com — Cisco Umbrella Rank: 579
optimized-by.rubiconproject.com — Cisco Umbrella Rank: 5533
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 777
token.rubiconproject.com — Cisco Umbrella Rank: 477
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1274
193 KB
67 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1533
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669 Failed
40 KB
66 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 423
mug.criteo.com — Cisco Umbrella Rank: 3123
bidder.criteo.com — Cisco Umbrella Rank: 679
dis.criteo.com — Cisco Umbrella Rank: 608
104 KB
64 springserve.com
vpaid.springserve.com — Cisco Umbrella Rank: 16926
vid-io-cle.springserve.com — Cisco Umbrella Rank: 13848
vid-io-iad.springserve.com — Cisco Umbrella Rank: 10103
vid-io-dub.springserve.com — Cisco Umbrella Rank: 13316
vid-io-sin.springserve.com — Cisco Umbrella Rank: 13643
868 KB
64 mynet.com.tr
s.mynet.com.tr — Cisco Umbrella Rank: 154090
img7.mynet.com.tr — Cisco Umbrella Rank: 197431
imgrosetta.mynet.com.tr — Cisco Umbrella Rank: 123319
384 KB
59 googlesyndication.com
20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
ade.googlesyndication.com — Cisco Umbrella Rank: 356
354 KB
55 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
ad.doubleclick.net — Cisco Umbrella Rank: 163
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
499 KB
40 bing.com
www.bing.com — Cisco Umbrella Rank: 53
934 KB
31 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1908
9 KB
23 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
r.bidswitch.net — Cisco Umbrella Rank: 6571
10 KB
20 adform.net
adx2.adform.net — Cisco Umbrella Rank: 13806
adx.adform.net — Cisco Umbrella Rank: 4252
c1.adform.net — Cisco Umbrella Rank: 583
track.adform.net — Cisco Umbrella Rank: 5048
cm.adform.net — Cisco Umbrella Rank: 1147
dmp.adform.net — Cisco Umbrella Rank: 3041
11 KB
20 33across.com
cdn-sic.33across.com — Cisco Umbrella Rank: 17149
dp2.33across.com — Cisco Umbrella Rank: 12127
dp1.33across.com — Cisco Umbrella Rank: 7249
ssc-cms.33across.com — Cisco Umbrella Rank: 901
events-ssc.33across.com — Cisco Umbrella Rank: 1615
sic.33across.com — Cisco Umbrella Rank: 15633
ssc.33across.com — Cisco Umbrella Rank: 3877
127 KB
19 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
509 KB
18 richaudience.com
s.richaudience.com — Cisco Umbrella Rank: 17908
shb.richaudience.com — Cisco Umbrella Rank: 4312
sync.richaudience.com — Cisco Umbrella Rank: 1717
22 KB
15 programattik.com
cpm.programattik.com — Cisco Umbrella Rank: 54911
rtb.programattik.com — Cisco Umbrella Rank: 99586
5 KB
15 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6599
creativecdn.com — Cisco Umbrella Rank: 564
3 KB
14 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 425
17 KB
14 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
6 KB
13 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
362 KB
13 taboola.com
c2.taboola.com — Cisco Umbrella Rank: 7279
cdn.taboola.com — Cisco Umbrella Rank: 1024
pm-widget.taboola.com — Cisco Umbrella Rank: 3284
nr-events.taboola.com — Cisco Umbrella Rank: 8384
trc.taboola.com — Cisco Umbrella Rank: 646
ch-trc-events.taboola.com — Cisco Umbrella Rank: 3780
267 KB
12 windsplay.com
windsplay.com — Cisco Umbrella Rank: 346138
54 KB
11 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 671
4 KB
11 adpone.com
hb.adpone.com — Cisco Umbrella Rank: 33496
1 MB
11 mynet.com
imgmyntv.mynet.com — Cisco Umbrella Rank: 285129
img7.mynet.com — Cisco Umbrella Rank: 283168
45 KB
10 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2054
7 KB
10 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
s.amazon-adsystem.com — Cisco Umbrella Rank: 326
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 801
79 KB
10 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 501
2 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 410
208 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
253 KB
9 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
5 KB
9 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497
4 KB
9 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 562
11 KB
8 vidoomy.com
ads.vidoomy.com — Cisco Umbrella Rank: 28864
a.vidoomy.com — Cisco Umbrella Rank: 2730
vid.vidoomy.com — Cisco Umbrella Rank: 2086
vpaid.vidoomy.com — Cisco Umbrella Rank: 3136
27 KB
7 trustarc.com
choices.trustarc.com — Cisco Umbrella Rank: 993
8 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 555
3 KB
7 turn.com
ad.turn.com — Cisco Umbrella Rank: 843
d.turn.com — Cisco Umbrella Rank: 1381
3 KB
7 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 13409
sc.tynt.com — Cisco Umbrella Rank: 16127
ic.tynt.com — Cisco Umbrella Rank: 11236
de.tynt.com — Cisco Umbrella Rank: 1526
23 KB
6 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 626
3 KB
6 openx.net
us-u.openx.net — Cisco Umbrella Rank: 524
rtb.openx.net — Cisco Umbrella Rank: 625
eu-u.openx.net — Cisco Umbrella Rank: 2043
1 KB
6 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 662
2 KB
6 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
3 KB
6 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 897
1 KB
6 pixad.com.tr
static.cdn.pixad.com.tr — Cisco Umbrella Rank: 82483
ssp-service.pixad.com.tr — Cisco Umbrella Rank: 80707
mediazone.rtb.pixad.com.tr — Cisco Umbrella Rank: 190025 Failed
160 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
390 KB
6 google.com
analytics.google.com — Cisco Umbrella Rank: 154
www.google.com — Cisco Umbrella Rank: 2
mts0.google.com — Cisco Umbrella Rank: 4031
48 KB
5 liadm.com
i.liadm.com — Cisco Umbrella Rank: 550
i6.liadm.com — Cisco Umbrella Rank: 2884
3 KB
5 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 11423
an.yandex.ru — Cisco Umbrella Rank: 6258
1 KB
4 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 508
1 KB
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 853
bcp.crwdcntrl.net — Cisco Umbrella Rank: 898
2 KB
4 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
2 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 716
1 KB
4 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1373
2 KB
4 dotomi.com
33across-match.dotomi.com — Cisco Umbrella Rank: 3423
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3439
1 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 730
3 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
1 KB
4 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1074
2 KB
4 udmserve.net
udmserve.net — Cisco Umbrella Rank: 3747
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 369
fonts.googleapis.com — Cisco Umbrella Rank: 28
9 KB
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1552
1 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 875
2 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 722
2 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 841
2 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 874
s.tribalfusion.com — Cisco Umbrella Rank: 2405
1 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 412
1 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1331
2 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 451
736 B
3 affec.tv
map.go.affec.tv — Cisco Umbrella Rank: 7362
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 177
1 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 4113
643 B
2 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 2235
560 B
2 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 973
1 KB
2 rqtrk.eu
wt.rqtrk.eu — Cisco Umbrella Rank: 1452
532 B
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4970
967 B
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1397
683 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1778
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1604
833 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5392
753 B
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 18494
822 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239
2 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1382
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
1 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1234
104 B
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1105
522 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 906
1 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 523
1 KB
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1259
451 B
2 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 3182
1 KB
2 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 4392
430 B
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1811
beacon.krxd.net — Cisco Umbrella Rank: 784
499 B
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
2 snackly.co
counter.snackly.co — Cisco Umbrella Rank: 5530
284 B
2 minute.ly
apv-launcher.minute.ly — Cisco Umbrella Rank: 4613
snippet.minute.ly — Cisco Umbrella Rank: 7277
45 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
184 KB
2 mynetreklam.com
adl.mynetreklam.com — Cisco Umbrella Rank: 311999
128 KB
2 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1685
mab.chartbeat.com — Cisco Umbrella Rank: 2582
11 KB
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1577
109 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2579
555 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 790
633 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2704
199 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 731
385 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1503
712 B
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 3405
614 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1716
425 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1149
359 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6118
279 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6671
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5784
360 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2934
436 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1353
674 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1217
554 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1026
339 B
1 otm-r.com
sync.dmp.otm-r.com — Cisco Umbrella Rank: 23229
69 B
1 adlook.me
ads.adlook.me — Cisco Umbrella Rank: 33704
329 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 4022
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 914
324 B
1 adnxs-simple.com
acdn.adnxs-simple.com — Cisco Umbrella Rank: 3146
46 KB
1 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 4271
31 KB
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 740
452 B
1 redcarpat.com
redcarpat.com — Cisco Umbrella Rank: 127967
36 KB
1 marphezis.com
rt.marphezis.com — Cisco Umbrella Rank: 8710
276 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
1 KB
1 adhaven.com
nxd.adhaven.com — Cisco Umbrella Rank: 66136
245 B
1 sabio.us
media.sabio.us — Cisco Umbrella Rank: 57612
236 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 727
553 B
1 wbz-tavnsz.net
wbz-tavnsz.net
65 KB
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 dyntrk.com Failed
gu.dyntrk.com Failed
0 tidaltv.com Failed
sync.tidaltv.com Failed
1148 132
Domain Requested by
70 ib.adnxs.com 6 redirects googleads.g.doubleclick.net
hb.adpone.com
acdn.adnxs.com
eus.rubiconproject.com
56 rtb-csync.smartadserver.com ads.pubmatic.com
46 imgrosetta.mynet.com.tr wbz-tavnsz.net
43 ads.pubmatic.com vpaid.pubmatic.com
ads.pubmatic.com
hb.adpone.com
40 www.bing.com 16 redirects windsplay.com
dcdn.adnxs.com
acdn.adnxs-simple.com
38 t.lkqd.net ad.lkqd.net
32 nym1-ib.adnxs.com hb.adpone.com
windsplay.com
acdn.adnxs-simple.com
cdn.adnxs.com
32 vpaid.pubmatic.com vpaid.springserve.com
blank
31 ads.betweendigital.com 5 redirects hb.adpone.com
ads.betweendigital.com
vid.vidoomy.com
31 gum.criteo.com 15 redirects static.criteo.net
cdn.taboola.com
30 tpc.googlesyndication.com securepubads.g.doubleclick.net
wbz-tavnsz.net
20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
tpc.googlesyndication.com
cdn.ampproject.org
s0.2mdn.net
29 cs.lkqd.net 6 redirects ad.lkqd.net
28 eus.rubiconproject.com de.tynt.com
eus.rubiconproject.com
static.cdn.pixad.com.tr
hb.adpone.com
sync.richaudience.com
26 vid-io-iad.springserve.com
24 cm.g.doubleclick.net 18 redirects googleads.g.doubleclick.net
eus.rubiconproject.com
23 acdn.adnxs.com cdn-sic.33across.com
windsplay.com
acdn.adnxs.com
hb.adpone.com
22 x.bidswitch.net 22 redirects
22 pagead2.googlesyndication.com securepubads.g.doubleclick.net
wbz-tavnsz.net
20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
s0.2mdn.net
22 securepubads.g.doubleclick.net 1 redirects wbz-tavnsz.net
securepubads.g.doubleclick.net
www.googletagservices.com
20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
cdn-sic.33across.com
21 simage2.pubmatic.com 2 redirects ads.pubmatic.com
19 static.criteo.net wbz-tavnsz.net
static.cdn.pixad.com.tr
static.criteo.net
hb.adpone.com
17 mug.criteo.com wbz-tavnsz.net
16 aktrack.pubmatic.com
16 pixel.rubiconproject.com 11 redirects eus.rubiconproject.com
15 st.pubmatic.com
15 vid.pubmatic.com vpaid.pubmatic.com
15 img7.mynet.com.tr wbz-tavnsz.net
s.mynet.com.tr
14 id5-sync.com 10 redirects static.cdn.pixad.com.tr
14 match.adsrvr.org 14 redirects
14 bidder.criteo.com adl.mynetreklam.com
static.criteo.net
hb.adpone.com
static.cdn.pixad.com.tr
14 fastlane.rubiconproject.com adl.mynetreklam.com
hb.adpone.com
static.cdn.pixad.com.tr
13 v.lkqd.net ad.lkqd.net
13 s0.2mdn.net wbz-tavnsz.net
20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
s0.2mdn.net
13 prebid-eu.creativecdn.com adl.mynetreklam.com
hb.adpone.com
static.cdn.pixad.com.tr
12 vid-io-sin.springserve.com
12 cpm.programattik.com static.cdn.pixad.com.tr
cpm.programattik.com
12 ad.lkqd.net wbz-tavnsz.net
ad.lkqd.net
12 windsplay.com wbz-tavnsz.net
windsplay.com
11 prg.smartadserver.com hb.adpone.com
11 adx2.adform.net hb.adpone.com
11 hbopenbid.pubmatic.com hb.adpone.com
11 ap.lijit.com hb.adpone.com
11 hb.adpone.com wbz-tavnsz.net
windsplay.com
11 s.richaudience.com windsplay.com
10 a.audrte.com 8 redirects
10 vid-io-cle.springserve.com
10 pixel.tapad.com 7 redirects eus.rubiconproject.com
ads.pubmatic.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 imgmyntv.mynet.com wbz-tavnsz.net
9 sync.1rx.io 9 redirects
9 ads.stickyadstv.com ad.lkqd.net
8 vid-io-dub.springserve.com
8 image2.pubmatic.com ads.pubmatic.com
8 cdn.adnxs.com hb.adpone.com
8 vpaid.springserve.com ad.lkqd.net
8 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
7 choices.trustarc.com windsplay.com
dcdn.adnxs.com
acdn.adnxs-simple.com
7 dcdn.adnxs.com hb.adpone.com
7 token.rubiconproject.com 5 redirects eus.rubiconproject.com
7 match.prod.bidr.io 7 redirects
7 fonts.gstatic.com fonts.googleapis.com
6 b1sync.zemanta.com 6 redirects
6 sync.richaudience.com 1 redirects hb.adpone.com
sync.richaudience.com
eus.rubiconproject.com
6 image6.pubmatic.com 2 redirects ads.pubmatic.com
6 s.ad.smaato.net 5 redirects
6 events-ssc.33across.com eus.rubiconproject.com
6 ssc-cms.33across.com 6 redirects
6 ad.turn.com 6 redirects
6 csync.loopme.me 6 redirects
6 www.googletagservices.com securepubads.g.doubleclick.net
20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
6 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
ads.pubmatic.com
5 a.vidoomy.com
4 i.liadm.com 4 redirects
4 dis.criteo.com 4 redirects
4 c1.adform.net 4 redirects
4 match.sharethrough.com 1 redirects eus.rubiconproject.com
4 optimized-by.rubiconproject.com ad.lkqd.net
4 cms.quantserve.com 4 redirects
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 sync.targeting.unrulymedia.com 4 redirects
4 sync.srv.stackadapt.com 4 redirects
4 secure.adnxs.com 3 redirects
4 px.ads.linkedin.com 1 redirects eus.rubiconproject.com
ads.pubmatic.com
4 ps.eyeota.net 3 redirects
4 ad.doubleclick.net wbz-tavnsz.net
4 udmserve.net adl.mynetreklam.com
securepubads.g.doubleclick.net
4 www.google.com 1 redirects wbz-tavnsz.net
tpc.googlesyndication.com
4 cdn.taboola.com wbz-tavnsz.net
cdn.taboola.com
3 dsp.adfarm1.adition.com 3 redirects
3 eu-u.openx.net 3 redirects
3 pm.w55c.net 3 redirects
3 rtb.programattik.com cpm.programattik.com
3 an.yandex.ru 3 redirects
3 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 sync.crwdcntrl.net 2 redirects
3 pixel-sync.sitescout.com 3 redirects
3 p.rfihub.com 2 redirects
3 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
3 eb2.3lift.com 2 redirects ads.pubmatic.com
3 ups.analytics.yahoo.com 3 redirects
3 sync.mathtag.com 3 redirects
3 idsync.rlcdn.com 1 redirects
3 map.go.affec.tv 2 redirects
3 ssp-service.pixad.com.tr static.cdn.pixad.com.tr
3 sb.scorecardresearch.com 1 redirects
3 googleads.g.doubleclick.net 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
3 fonts.googleapis.com ajax.googleapis.com
securepubads.g.doubleclick.net
20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
3 www.gstatic.com wbz-tavnsz.net
20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
3 s.mynet.com.tr wbz-tavnsz.net
2 io.narrative.io 1 redirects
2 dmp.adform.net 2 redirects
2 sync-dmp.mobtrakk.com 2 redirects
2 cs.admanmedia.com 2 redirects
2 wt.rqtrk.eu
2 creativecdn.com 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pubmatic-match.dotomi.com 2 redirects
2 us-u.openx.net 1 redirects ads.pubmatic.com
2 thrtle.com 1 redirects ads.pubmatic.com
2 px.owneriq.net 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 pool.admedo.com 2 redirects
2 px.adhigh.net 2 redirects
2 dpm.demdex.net 2 redirects
2 uipglob.semasio.net 2 redirects
2 um.simpli.fi 2 redirects
2 i.clean.gg acdn.adnxs-simple.com
2 capi.connatix.com 1 redirects eus.rubiconproject.com
2 sync.ipredictive.com 2 redirects
2 bs.yandex.ru static.cdn.pixad.com.tr
2 ssc.33across.com cdn-sic.33across.com
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 bh.contextweb.com 2 redirects
2 rtb.adentifi.com 1 redirects
2 c.amazon-adsystem.com cdn-sic.33across.com
c.amazon-adsystem.com
2 33across-match.dotomi.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 cs.krushmedia.com 2 redirects
2 event.clientgear.com ad.lkqd.net
2 dp2.33across.com 2 redirects
2 www.googleadservices.com
2 cdn-sic.33across.com cdn.tynt.com
cdn-sic.33across.com
2 de.tynt.com cdn.tynt.com
2 sc.tynt.com cdn.tynt.com
2 static.cdn.pixad.com.tr 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
static.cdn.pixad.com.tr
2 cdn.tynt.com wbz-tavnsz.net
20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
2 counter.snackly.co snippet.minute.ly
2 ch-trc-events.taboola.com wbz-tavnsz.net
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 trc.taboola.com cdn.taboola.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 nr-events.taboola.com c2.taboola.com
wbz-tavnsz.net
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 www.googletagmanager.com wbz-tavnsz.net
www.googletagmanager.com
2 adl.mynetreklam.com wbz-tavnsz.net
1 ade.googlesyndication.com
1 i6.liadm.com
1 d.turn.com 1 redirects
1 bpi.rtactivate.com
1 match.adsby.bidtheatre.com 1 redirects
1 bcp.crwdcntrl.net ads.pubmatic.com
1 pippio.com 1 redirects
1 synchroscript.deliveryengine.adswizz.com ads.pubmatic.com
1 simage4.pubmatic.com ads.pubmatic.com
1 ssum-sec.casalemedia.com
1 visitor.omnitagjs.com 1 redirects
1 sync.adotmob.com 1 redirects
1 cm.adform.net 1 redirects
1 rtb.openx.net 1 redirects
1 vpaid.vidoomy.com vid.vidoomy.com
1 server.cpmstar.com 1 redirects
1 track.adform.net sync.richaudience.com
1 sync.bfmio.com ads.pubmatic.com
1 crb.kargo.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 ums.acuityplatform.com 1 redirects
1 t.adx.opera.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 vid.vidoomy.com ads.betweendigital.com
1 sync.dmp.otm-r.com ads.betweendigital.com
1 ads.adlook.me 1 redirects
1 r.bidswitch.net 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 us01.z.antigena.com ads.pubmatic.com
1 lb.eu-1-id5-sync.com static.cdn.pixad.com.tr
1 acdn.adnxs-simple.com hb.adpone.com
1 adsdk.microsoft.com hb.adpone.com
1 prebid.a-mo.net eus.rubiconproject.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 redcarpat.com wbz-tavnsz.net
1 rt.marphezis.com static.cdn.pixad.com.tr
1 adx.adform.net static.cdn.pixad.com.tr
1 mediazone.rtb.pixad.com.tr static.cdn.pixad.com.tr
1 prebid-server.rubiconproject.com static.cdn.pixad.com.tr
1 cdn.jsdelivr.net static.cdn.pixad.com.tr
1 shb.richaudience.com hb.adpone.com
1 nxd.adhaven.com 1 redirects
1 s.tribalfusion.com 1 redirects
1 media.sabio.us 1 redirects
1 sic.33across.com cdn-sic.33across.com
1 dp1.33across.com 1 redirects
1 beacon.krxd.net
1 usermatch.krxd.net 1 redirects
1 tags.bluekai.com de.tynt.com
1 ic.tynt.com
1 mts0.google.com 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
1 ads.vidoomy.com securepubads.g.doubleclick.net
1 snippet.minute.ly apv-launcher.minute.ly
1 analytics.google.com www.googletagmanager.com
1 apv-launcher.minute.ly cdn.taboola.com
1 mab.chartbeat.com static.chartbeat.com
1 img7.mynet.com s.mynet.com.tr
1 c2.taboola.com wbz-tavnsz.net
1 ajax.googleapis.com wbz-tavnsz.net
1 static.chartbeat.com wbz-tavnsz.net
1 wbz-tavnsz.net
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 gu.dyntrk.com Failed
0 sync.tidaltv.com Failed
1148 223
Subject Issuer Validity Valid
wbz-tavnsz.net
GTS CA 1P5		 2024-01-26 -
2024-04-25		 3 months crt.sh
*.mynet.com.tr
Go Daddy Secure Certificate Authority - G2		 2023-09-12 -
2024-10-13		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.mynetreklam.com
Go Daddy Secure Certificate Authority - G2		 2023-10-31 -
2024-12-01		 a year crt.sh
*.mynet.com
Go Daddy Secure Certificate Authority - G2		 2023-09-12 -
2024-10-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.minute.ly
R3		 2024-01-18 -
2024-04-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
udmserve.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-10-06		 a year crt.sh
windsplay.com
Amazon RSA 2048 M01		 2023-04-30 -
2024-05-28		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
static.cdn.pixad.com.tr
E1		 2023-12-20 -
2024-03-19		 3 months crt.sh
*.lkqd.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-10 -
2024-07-20		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
ssp-service.pixad.com.tr
E1		 2024-01-14 -
2024-04-13		 3 months crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-27 -
2024-04-27		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
*.lijit.com
Amazon RSA 2048 M02		 2023-03-12 -
2024-04-10		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-17 -
2025-01-16		 a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-13 -
2024-02-13		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2023-12-25 -
2024-03-24		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.programattik.com
GeoTrust TLS RSA CA G1		 2023-10-09 -
2024-10-08		 a year crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-09-24 -
2024-03-24		 6 months crt.sh
*.marphezis.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-12 -
2025-01-10		 a year crt.sh
rtb.pixad.com.tr
E1		 2023-12-04 -
2024-03-03		 3 months crt.sh
*.springserve.com
Amazon RSA 2048 M02		 2023-03-01 -
2024-03-29		 a year crt.sh
redcarpat.com
Amazon RSA 2048 M03		 2023-11-26 -
2024-12-25		 a year crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
adsdk.microsoft.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-01-08 -
2024-07-06		 6 months crt.sh
*.trustarc.com
Amazon RSA 2048 M02		 2023-04-17 -
2024-05-14		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-01-21 -
2024-06-27		 5 months crt.sh
i.clean.gg
GTS CA 1D4		 2024-01-11 -
2024-04-10		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-10 -
2024-06-26		 6 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
*.dmp.otm-r.com
AlphaSSL CA - SHA256 - G4		 2023-06-19 -
2024-07-20		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
truffle.bid
R3		 2024-01-08 -
2024-04-07		 3 months crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03		 2023-12-11 -
2025-01-08		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-07-04 -
2024-08-01		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-18 -
2024-09-17		 a year crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh

This page contains 209 frames:

Primary Page: https://wbz-tavnsz.net/
Frame ID: 922AE33F76847971F18DBD1BE897EE74
Requests: 161 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Frame ID: 94C3491E7A5A7AF1052B69F4D8A13707
Requests: 2 HTTP requests in this frame

Frame: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B21A61621BA5A75277471D72B1ED06A6
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 56BB67A9DD5524B96A4B1DB9338AAC79
Requests: 1 HTTP requests in this frame

Frame: https://udmserve.net/udm/img.fetch?sid=14018;tid=1;dt=6;
Frame ID: 48B50BF6BF9CC122AF5411F9A8CCCDFA
Requests: 2 HTTP requests in this frame

Frame: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0F0554676DE44B4C565E9531E716A1DA
Requests: 8 HTTP requests in this frame

Frame: https://ads.vidoomy.com/mynet_22283.js
Frame ID: 94780466C4D59D7FF064A8D5835B2A82
Requests: 15 HTTP requests in this frame

Frame: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 11C636BD91F82EA657A74DE06789A543
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsviYtJm8UJPK6xWJ0_p-tJvyskyxCh-6SgfEW1LcwLvvSG01yBJ4oCVx323ncF9Iwlmgrjtgtbb3cHhxbyENUfQ58P-YsbU6DRu-ZR2DkGJhYIGJ2pszQ0m6swjOd8jQ6wd49ZJ-2VE8jIOHXDBDowLgrY4msNfd5dAUnAnSmqXvduGmUQg4YI69jEO5OypklZBEDCC8V5xtMuyWKrHLZzbLm_hPil7YeIcf9umkh6397QDGGnxrHW1hwAQ88wSUCHVWW1yUJ92_S5-v6X_NZquwyVSlUihuW36iO5FEFkJ3qKimGErmbn6b26GT2BVDrHBY2f2vP2XVP75sK_uDcZtXpEeonMprBwpb7bjqNzflrFW_Lvvmaqbocweixy8uMHo4zQZBQY&sai=AMfl-YQijDWTWQ58HKCTkbY3NOsFiBANtSjN2E0QNwDFBSuyMJZc9GiHJ0vVbUYBWal5pf-aP7ulVWKV8UPXxppRKLFSWb45YiphCVjKsYgcHYkaqsxbYMkxCXKFaTZmY6XgttB9MRoKNMwD1v3mJ1pgUIc&sig=Cg0ArKJSzH7azcQV10D_EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: F0C7C33E156E73EC7104C2CDB35C73E8
Requests: 17 HTTP requests in this frame

Frame: https://udmserve.net/udm/img.fetch?sid=14018;tid=1;dt=6;
Frame ID: 09171BA1366B6FE6C6E459AF3320AAD2
Requests: 3 HTTP requests in this frame

Frame: https://udmserve.net/udm/img.fetch?sid=14018;tid=1;dt=6;
Frame ID: E2489CCFF8C29AF8DA4601D581837A9B
Requests: 2 HTTP requests in this frame

Frame: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0829901AAE5874BCCD5B8D76FD2DA327
Requests: 14 HTTP requests in this frame

Frame: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 568CF86847FFD89AAD85342F54967AEE
Requests: 13 HTTP requests in this frame

Frame: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2121CE22785252F965620B0F8ED278F7
Requests: 29 HTTP requests in this frame

Frame: https://cdn.tynt.com/rciv.js
Frame ID: BA0AEDB592E6F24552348095EBEE3DA9
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs
Frame ID: 2F00132F6F974D012DAC5B6B3E38BF32
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJua-AIQlvKwnAQY7pDZ_QEwAQ&v=APEucNUFng_ErAh0t725F5IgCYX53TWAUukRTU_h4q7cKsdXvOQzj_5gZVdYx3-6u7PLkmKEx-Zwda27B2jja1FN_5j1A8qrAw
Frame ID: 9F12818A3A0765D63879CBF31F6EDD4F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjK1cjdATAB&v=APEucNU2UDZUVorNtXKr2ICdBV2MAV1J7hOMfYv_m7YVvP4n5xZjzDWNybzOoHCTVAzAIHLm7AWe5CV9Ik9FvWs5rbn3QIoCJQ
Frame ID: A86E6AB2D3A5034E30F9A103812CE2D1
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 14C351C389AFB7D953C872AF5E4C5B10
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A552593C35D9CC05345EFF88B88BBCAD
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 587CE0614CD3644E924F99CDE92D5EFE
Requests: 5 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 1C0E9EC2782AAF55D8E17842695F316E
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2907988793834914221/index.html?e=69&leftOffset=0&topOffset=0&c=9SmZyYCT3C&t=1&renderingType=2&ev=01_250
Frame ID: CD0E5F5C94804E5885662E554374FB9E
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs
Frame ID: 2308A43A58F425E31576EE093836209E
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3E6E32B0549E7619DF3B223CE3961097
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2E13A6756AEFFD132C274F5614028E06
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: A6D350CDB897048344D169E4C488D9B0
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 2BF2BDD6A3BFF4BFEF19478994D12584
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 4D850ECFDC2B0DF880C92754032EEF07
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 75EB3F9052DBF395CEB55EB0EE714880
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 7E51726FF4CB1F4BB8D0EBEE6C0C561B
Requests: 23 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: 002FBFB957DA407D0722D0D726A1EEEB
Requests: 18 HTTP requests in this frame

Frame: https://windsplay.com/r/p.html?f=ijqdwgate&e=1981144949990
Frame ID: 1FD87EE0C7E3E641B4FCDB6F53D2A2A6
Requests: 18 HTTP requests in this frame

Frame: https://windsplay.com/r/p.html?f=jaurxik&e=1981144949990
Frame ID: AB4D5D17795C804C743688A2622D16A8
Requests: 18 HTTP requests in this frame

Frame: https://windsplay.com/r/p.html?f=pboxdtxo&e=1981144949990
Frame ID: 372AD0F107DF6955E736F9039D609580
Requests: 18 HTTP requests in this frame

Frame: https://windsplay.com/r/p.html?f=tgxtthnd&e=1981144949990
Frame ID: C2401D94E047F6C5AA482A12398C01F9
Requests: 18 HTTP requests in this frame

Frame: https://windsplay.com/r/p.html?f=itwreqsy&e=1981144949990
Frame ID: 2407AE3531AD05D3C9EB70B439BAE1C8
Requests: 18 HTTP requests in this frame

Frame: https://windsplay.com/r/p.html?f=wxjerejyq&e=1981144949990
Frame ID: CE29718AA856116A311751FA56219BD7
Requests: 18 HTTP requests in this frame

Frame: https://windsplay.com/r/p.html?f=eyjzkkxfzf&e=1981144949990
Frame ID: 92434CD642C56812419E736807836574
Requests: 18 HTTP requests in this frame

Frame: https://windsplay.com/r/p.html?f=xxxkvszg&e=1981144949990
Frame ID: AD955A7E25D50235DB85210C9F3BEF29
Requests: 17 HTTP requests in this frame

Frame: https://windsplay.com/r/p.html?f=dhgwfr&e=1981144949990
Frame ID: 6B723C6BC8126FB4E68DD211001C743F
Requests: 18 HTTP requests in this frame

Frame: https://windsplay.com/r/p.html?f=ozurmjyis&e=1981144949990
Frame ID: E845133B3EBCD15260EC8D960D7DADDE
Requests: 18 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/27519?id=212458785817304&ret=html&random=1706325882
Frame ID: D047EC0FEFACE3431F452F06F2C23950
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js
Frame ID: 77C72B14D4B47F51F2261D6699BC7D47
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 3A1F77417CEB4DFDA726604501CF63EC
Requests: 20 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ast/ast.js
Frame ID: F698CE678BA2FAD64A340BD134EA3453
Requests: 7 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 09179CC46A8F7E8C2E0B49F98B2483FB
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 2FDAD36A2608EB8B0A8E233879F03F22
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 4536C9840F3CE7A738E36C7CA835E26C
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 4DC0D941C3643027CB0E411E6AE6F76A
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Frame ID: CAA312DDB755C2894081901C67A57399
Requests: 14 HTTP requests in this frame

Frame: https://redcarpat.com/a/728x90.png
Frame ID: DB6ACB3C27DBE4B07DDAB0657CF50B34
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Frame ID: 32E99B4947E9D597ECAD6446673054D7
Requests: 1 HTTP requests in this frame

Frame: https://cpm.programattik.com/user-synced?zone=921&uid=T6710851213427970150
Frame ID: 7D819AB1F9A881BC1D05970E2AF75703
Requests: 4 HTTP requests in this frame

Frame: https://cpm.programattik.com/user-synced?zone=920&uid=T6683566755625823493
Frame ID: 0B104DE91C7A686689DFB14682531BE4
Requests: 4 HTTP requests in this frame

Frame: https://cpm.programattik.com/user-synced?zone=924&uid=T8292404068245487557
Frame ID: 4E5BA17BB70CF3D6B6E7286E74E89A53
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 129FBC513D39612BF431F5C4C8CCC89A
Requests: 2 HTTP requests in this frame

Frame: https://dcdn.adnxs.com/renderer-content/8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
Frame ID: FE4E9F5D1622233AC082CC31D7D0FA1B
Requests: 9 HTTP requests in this frame

Frame: https://dcdn.adnxs.com/renderer-content/8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
Frame ID: A9E1B532D0345CCBC6D9A25F1A72C27C
Requests: 9 HTTP requests in this frame

Frame: https://dcdn.adnxs.com/renderer-content/8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
Frame ID: C1582966B6C816A86F637A83E1433793
Requests: 9 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Frame ID: B7FA76AB80CD89F97EBE386BB44B153F
Requests: 4 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 8E3079A38A8C1EEA3BAA697E87EA1166
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: 51342B7E2A3F3DCE1E03635D3E6EDDFB
Requests: 11 HTTP requests in this frame

Frame: https://dcdn.adnxs.com/renderer-content/8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
Frame ID: 4E864C6A975732350EC428957DAACF83
Requests: 9 HTTP requests in this frame

Frame: https://dcdn.adnxs.com/renderer-content/8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
Frame ID: 4D4B4F84037788DD593A4C715023D6C4
Requests: 9 HTTP requests in this frame

Frame: https://dcdn.adnxs.com/renderer-content/8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
Frame ID: 358F3D8795FAAE45E2A25C80754A7A67
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Frame ID: C5A5A5EA349BF3446F496625D3BEDB83
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Frame ID: 2D778926720BC9645970F43012D06153
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Frame ID: 6A4AE8B915638606EA3A8EFC8C2395BB
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Frame ID: 4C30C35E9C730DC7666357A230FFD684
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Frame ID: F10807D1C873A558745E59C6EF04B716
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Frame ID: F00E9DC07F49360C214EEC263762062D
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Frame ID: 12D35A75107810B7F8CB42B69F5EBC8E
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0703BFB3E233B3454524E66C92B0446D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Frame ID: 81A2B347F889C28085DCC23F01D4165C
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Frame ID: F8EE56B211BBF9B4B609959FDD80F8A8
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325882847,,
Frame ID: 16932320192F83138DDC54C26C7BD341
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5F573C66A5C61EED52BB92CCAC1803F9
Requests: 12 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=7A05A1EB-E839-419A-981D-8D23A8FF1E05&redir=true&gdpr=0&gdpr_consent=
Frame ID: 49044C4152DCAABAEAB4DA96E8BBB4AF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5554114585976271850&gdpr=0&gdpr_consent=
Frame ID: 53586F306820457717FDA712B69A9CD8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=9ed7d566-bcc3-11ee-9d27-bceb8ac44083
Frame ID: 78BEC5659238F6AEFA327C6BCD70E6F3
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partneruserid=AAG88U7LaO8AABO1UKlYcA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0
Frame ID: 6D5631F65CCCAC93B003CD7F5F8CFA51
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1BF09FF5D2897704063A45A0EC19C99F
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CFB11A07C5593A90CB40E5C4506A991F
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 576D1FA9049BF7A9DC748835BDB7FCE5
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B7AF391C49109B5154AD68A9B0394986
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 47CE451AC4124AFFC3884914CFDAD703
Requests: 5 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6550805774&rd=1
Frame ID: E18B0204329C4A11F405F691754D0034
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FCB4FE55672A6E37C665EC09CF72A08C
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: EB1F62A5DE989062D69CEEF9FB0AAB84
Requests: 20 HTTP requests in this frame

Frame: https://ads.betweendigital.com/match?bidder_id=261&external_user_id=70a21ae20dfbf74c5fa4b7af696db04c
Frame ID: 7733EAA8D9374FF01E067A78CF616862
Requests: 6 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: D82140B377D8B911F74CF732C41BB037
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 5158EDEFD871CA156B86573FE7647D6A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5520a5b8-4f14-47af-8167-705984949485&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: A1A5A65E175C63B788B60F9F75076879
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oCZVl6EkAMG7JwLHpSIakq8gAse7IQ6SpyK-4HVe
Frame ID: FE1EE893AD95665C6D9CD69EF9CB3E29
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:AkhEhhiT1Rtzjh5&gdpr=0&gdpr_consent=
Frame ID: C1F984F62FA8225870FF4123922B8831
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=7A05A1EB-E839-419A-981D-8D23A8FF1E05
Frame ID: E50C5EDD3A7D4621F792AD969068D3F4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 9753153479C584385FEB9E354D4BA0E4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=2w51-qyfWF5reWb4xqKsmAW16oU&gdpr=0&gdpr_consent=
Frame ID: A31B3DEF024CA8BFB197B7AFD23FA934
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2809753620617690363
Frame ID: 76FF13535FD51EFCCD49649C76C8EF5F
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: A0FB9ADF2EB2DFF2857A46D60EAA3500
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU8bf0252287024404b335b3ba67fa6f9d
Frame ID: A1A9C35E860AFC4A2BFFF4B857751D10
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: D729FCC85FEF5054162BB3E625C56E39
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=881709339909
Frame ID: EB1DB121E454F9BF36926B73F3CA9ADF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3a8765b4-777a-4700-b6f1-8334dac4d9f0&gdpr=0&gdpr_consent=
Frame ID: 0B9789599F0FA33E7A6CBBA49B8F4288
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=_POTYpxSAz2mj1OEf3e0ZQ
Frame ID: F64BD2C21F84C315A3FC603FF46F8A1F
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 4261073CDADB9DC122CAE72E0882518B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005
Frame ID: 582AE08A887A1C9A18235C5E4A2134C1
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: E71D42922034258E263FF7346B98DF81
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 60585AC4D198DB420E8D6F787BF28CC0
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: EE0151F94B3B46BEB90392F7105F6B5A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7596122872025351995
Frame ID: 89A73D1943BCB5D56C9B75D34083F374
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E57B5237F775449FBB25A116396F8954&gdpr=0&gdpr_consent=
Frame ID: 8378652663CB6FF97F67494901C72D39
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Frame ID: 73365923474EB9F956F4157AC89C93B3
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Frame ID: 7CBA093B6A717F17CFC799D00057CD6B
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325882847,,
Frame ID: F3EC3E1CD1A267B20D01156A3C62A666
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: E576BDC1449F5E8C3120C61573F6CCFF
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8B5509613D2DDBCB5EF8DCF292B0D55E
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 382A5A1D72DD9A6D04E1256940222EB4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 278033256214FD2411CB6CB066211F82
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B76BDB5EB1088ACEC3F300EC9BE5CBE2
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 370D156A161334506116B43D2DBB56F5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E5CF80B4D06159D63019C34AB162F325
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: B04EDC1364C05AA22DD2A77977378817
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 08E7176149B18DD72834C0F98907E788
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: FAB2ADE7F9BD44517B831C4B96608815
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 39902BD05F909821977F746B25F11406
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 225D7D7E9D06ED396779A08E92F281AE
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0AB68105FE0108B2C53BF94550D956C1
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 803B612150213E2EFBA579F5FB4040A5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 35FF7037F0078F0E2BE15254D9CEA436
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 4A160E5B3184B737B30D9B0903B4F768
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AA0C212891ACB421CBD6C3B47EC23F9D
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A843BE89DD3A3AF6666254494180D1E0
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 7E98B0438B35C8B1ACF0A14B10C41621
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 3CFD9B347E7374F64F1F1060BE6E24A6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E9A49B524A9400694DFEBC79C907745F
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: BEE6643493BA61CA2A2E4E97DD2ED4A3
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 50BAF79E793605B8A161BA53C47C2F4E
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 3216935155F26FE07C8FF55A8BE7A8F4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 9E078CDF29CB94BFC6A2B24B78B66D25
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DF87BC8EC66E75907A83EF526E7F46D8
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 3BAAC7D7B031946CCA95710BB8258A05
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: DD9228EC8F601608834814BA9DB7F6C2
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 8BCD9950E630C4720133349735CC77E9
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 51874027413425245BF14896997B702F
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: B666E67A42A15668F8247CD2A3C33E0B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 600C07AAA9C716E5E546EE09FD1B3279
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: AF4ABE26019CC33CDC66125B3B3F65BE
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C0F863C459FAD1E12856352490CCAE6D
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 4793345E9AF452C7C8D983CE69A2758F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 5BE10F2D7F0501A57A2DBF7A5D1F4622
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 0493FB7FCBA9CF800831B4FA3D798B6E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: FC98C8930A5B4725182FB381C463920D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 37352ABEA4A680450A27F336DD88C1CD
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: CD24D4688A24CB7AE1D9B12E07113992
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F235949B60D9058AE3B3DA8A26F4E3D2
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Frame ID: 3F157D67FA908D02F66962987672243E
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 83A5E65E48A0C26544E3750A30A7DD29
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 1A211EB69CF27F33B7D661BAAEC2ECDE
Requests: 4 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 9BC9B9A57192910FFE1AD5057B1DD3A1
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 8ED8B4FD99781430C2E71E33FBCE6D2C
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Frame ID: 16FE978D1A41446E44CA0B47E734EB03
Requests: 13 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Frame ID: 64A5D4BC608DF592FC2D565E208C78A4
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 14D967D8C286F522AB5A2090E14CD2D9
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325890690,,
Frame ID: 73F64F0F9193B6F3E0B7D4A621D980B7
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5D08F73FC67AA99290AD474B331B7402
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Frame ID: 29320A479B0D1FFC0A5BF4D480566460
Requests: 13 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325890689,,
Frame ID: C84FBFB56175C6CAAF2ABA30A69D6C76
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F4A6C939C9A63AB98843E0BF6BCB51B0
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Frame ID: 42650F54635F8CC42F206DF58D172354
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: A8509E023D40684DC9F2267DEF6D2F34
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Frame ID: BD42CFF8DF9751C4270B9266A956EAC8
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Frame ID: A1330BCE0D1A7745C270DF1C917DEF5A
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Frame ID: 1C77702014F2E61D2A4F639D55698402
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Frame ID: CB256BA996A03F9B5617B7F0F735ECEE
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Frame ID: 0A1BC0EB04DCB2559537A685BF764C5E
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Frame ID: ECE95B0EDA5DC2409D61F9205FA84FB0
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Frame ID: 01D8CA3F52D71FCD77810FF2AC6F41BE
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Frame ID: 531B5777E31F28DF59FE09B6B9380003
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Frame ID: C11ED74266ED1D771CE0EB456C0AFAED
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Frame ID: C7BF299A829051E94A9F0739DF2C61EA
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Frame ID: 3DBC2C4BB4E1E45D0B3C92CF0AE81B4E
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 2692F8C66ED5893B6E13B2C4A404DFB3
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 79B49BA6E0CEF9511BE3F1586EE54F72
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: A476A15A7388A0FD3B27C3A2D8DE1B3A
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Frame ID: 859F5C2AABF600B674A6A4C9A9272770
Requests: 13 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Frame ID: 695E1F24468280EE729CEEC98EA4568F
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0D72744F0C83528E53B40EC14802B58B
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325894803,,
Frame ID: A8B1638E2B8E6F2059BFBCB66DD5323A
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5B793E6080FD056E6638183EF294748E
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Frame ID: 50054D1ADFED439CB37D84731D2622BF
Requests: 13 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Frame ID: CA6C099D84523F821D16FDAC19CF3F93
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 251DF1CE2C65D2B590B1DAD4D5379337
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325894787,,
Frame ID: A2D8622A8D800333F06C017830592DB5
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6531A7FE756960BDA599631787F336F0
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 266F524791A06D504A908834262E1C21
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 6E0F16C1B13473E08BE41C077F06B249
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 2E5CF53D57C602CDDD978E35B67B140B
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Frame ID: D7581020E6D20D98A75418AAA0FD33E5
Requests: 13 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325898597,,
Frame ID: AAC8CEC256EEB19403FD1AB11B5C3EA0
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 253AF7FF1EAF88F4663769AC87E63EC0
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Frame ID: 3BDB56AEE715E276EEE79F13AFDAC9D6
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 31777E29DF8E8150F6768CAB8E813483
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Frame ID: B6921B7BAD045C0A89E9347D73A15EF6
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325898598,,
Frame ID: 200C86728FAFA09AAD51148B4F413A79
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9CA5B557BA081915AE4C9E00DB4C6824
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Frame ID: D31460C497E045811397A7A167EDC27B
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 68C6C97AC0182D6DD9719E3B37E3EEEB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mynet | Haber, Oyun, Video, Spor, Burçlar ve fazlası sizin için burada

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

1148
Requests

83 %
HTTPS

24 %
IPv6

132
Domains

223
Subdomains

141
IPs

16
Countries

10186 kB
Transfer

31038 kB
Size

270
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=wbz-tavnsz.net&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=fa1qYnxvVDVaa0pEMmk5b2RybHFzak9WZ202U1B1M0dlZU50bG5LYktBZkEva0RZTURwd1BFbHh4YVcxZ1dZbmpBM292Mk9Xd1RQUnhDYVkzQ0xUUy9aTVJWdTRoajJ3aVRYcE1YbEJiOFQxOEVaOERMZ3BVOGJDelVDSER0a0NLRVJEOExNZGJwaGdBSGRMREdlNFNSZVBMdERpcXA5YlNkYnVOUzVqbFEzMkxvRUcwQStCVHAvWjl3dDNwTkxvSXYyeW5ySzUxcmVaZ3QyMThVMWdDbU0zb3lXby9tVmFOL0xXZHd3b09STjErV1BuSi8zaWRlTDBPUEpkbmRiejY2NlU4djI2VERTM1hVdng0M0MzZmJXcUxUWTEyTkNLRGdPdVdqQjRnbGx2cWp6QT18&cppv=2
Request Chain 214
  • https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=909811&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1706325881 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=909811&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1706325881
Request Chain 215
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=629661031.29650371383184453.35665554 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=629661031.29650371383184453.35665554 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D&crf=1&rts=-5112315056377749517 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=b24fc8fc-8b1d-531b-b0fb-873ed54ff047&ssp=vidoomy&expires=30&user_group=1&gdpr=&gdpr_consent= HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=5520a5b8-4f14-47af-8167-705984949485
Request Chain 216
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LRVIDF5G-1Y-53O3
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq_Pr4To7dODnMWl3SC4R8&google_cver=1
Request Chain 218
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbR3ecQnBUX4gzpBRIBRpQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq_Pr4To7dODnMWl3SC4R8&google_cver=1
Request Chain 219
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEL3mBGAjaaRP3SLJZb6k18Q&google_cver=1
Request Chain 220
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk4NzE0MTY1OTczMTk4MzA%3D
Request Chain 221
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq_Pr4To7dODnMWl3SC4R8&google_cver=1
Request Chain 222
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbR3eXl.HFQGCwnPjyN2EgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq_Pr4To7dODnMWl3SC4R8&google_cver=1&google_hm=2
Request Chain 223
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEL3mBGAjaaRP3SLJZb6k18Q&google_cver=1
Request Chain 224
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU1NDExNDU4NTk3NjI3MTg1MA%3D%3D
Request Chain 274
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CxpFTd3e0ZcSjO5fFjvQPufiLoAG-qN2zdcn6gqv2EWQQASDQgL8eYMnGqYvApNgPoAHx6pmaA8gBCeACAKgDAcgDywSqBIACT9AGowc_CA7oBTCRmwOErhcuvglK4gbaOxsES6frD9WwyrwGic6F8evuvG_8ehcyW1ugnDhKVCOnRzEEmfZdxUgCUP87BGTWpL29NA5q2odva1G3AcLJ-1uWtu9Ye4c8HtyFEA5onqq4QTyXWAwz5_WK_yjXmv3cQHZIKVEV2bdi12yEYQYCBBgTHNghW2ZspOssosk7BwFIClDw2FX9D69ayFEtIHxKlVJEr9b-aJYTcHrvFXyRiNPAwRv_WjIq1cRy0SfTcKeJkdxoTlfPNflElD6EAtpJbpCBBmsOY0NAhmiH7wh6VJjHY7DOEJAiYLwzGAWSirDnxF50b0bv4sAE3YuigL4E4AQBiAWqvaTlTZIFBAgEGAGSBQQIBRgEoAYugAf3lOZlqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQktMD0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlj8ir6fz_yDA5oJeGh0dHBzOi8vd3d3LnNtb290aGlla2luZy5jb20vP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09cGVyZm9ybWFuY2VtYXgmdXRtX2NhbXBhaWduPXNrX25tZl8yMDIzJnV0bV9jb250ZW50PWV2ZXJncmVlboAKA8gLAZgM3LH86ugE2gwQCgoQsP3H6ofS2qUXEgIBA-INEwjpm7-fz_yDAxWXooMIHTn8AhS4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTUzNjMyMzAwNzU2MzA4NDUY_YEX&sigh=pciK7OdqBl8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_KP2lFn4MzH27V0bBldNjdCXRR9r_-VEdpewbjtFfb41TcbP1L358c5JzHRHLl9RkodG68pD7wz9kkwp30j8Ajiqj3XiA861h_RgB&template_id=515&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x85d2849efb6c32450000000000000000%22,%222%22:%220xef06d91d3381c7a10000000000000000%22,%223%22:%220xf6389f02fd02625f0000000000000000%22,%224%22:%220x8245bc9bd4a869400000000000000000%22,%225%22:%220xa9e78a5b66b8162e0000000000000000%22},%22debug_key%22:%222205185644205554017%22,%22debug_reporting%22:true,%22destination%22:%22https://smoothieking.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22860255601%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212895154647319302001%22}&andc=true
Request Chain 296
  • https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1706325881929.6 HTTP 302
  • https://tags.bluekai.com/site/27519?id=212458785817304&ret=html&random=1706325882
Request Chain 297
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1706325881929.1 HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&us_privacy=&random=1706325881929.1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjJZVlpjdWV1cDBlV1dES1ptenFhbnd6YXF2dU9fZ2FFT0xNWVZnTllVMnM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51 HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEEbrZObH5-9OGriMhzucH2I&google_cver=1
Request Chain 298
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWW0d3lnEWOeDWTzAg%3D%3D&us_privacy=&_rand=1706325881929.2 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWW0d3lnEWOeDWTzAg%3D%3D&us_privacy=&_rand=1706325881929.2&expected_cookie=bcfd732b-b564-4b60-8804-acba379c52d9
Request Chain 299
  • https://map.go.affec.tv/map/3a/?pid=CoIKSWW0d3lnEWOeDWTzAg%3D%3D&us_privacy=&ts=1706325881929.3 HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D65b4777a4c66c10001d8bb8b%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 302
  • https://map.go.affec.tv/map/an/5554114585976271850?ch=65b4777a4c66c10001d8bb8b&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent= HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://map.go.affec.tv/map/ttd/ea18b846-2890-45b5-bb97-1db97e1acc8a?ttd_puid=&gdpr=0&gdpr_consent=
Request Chain 300
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSWW0d3lnEWOeDWTzAg%3D%3D&us_privacy=&random=1706325881929.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKSWW0d3lnEWOeDWTzAg%3D%3D&us_privacy=&random=1706325881929.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=7c557dde-d608-4ba1-a19b-be5a365c1632%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=7c557dde-d608-4ba1-a19b-be5a365c1632%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ea18b846-2890-45b5-bb97-1db97e1acc8a&ttd_puid=7c557dde-d608-4ba1-a19b-be5a365c1632%2Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad%2C HTTP 302
  • https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Request Chain 301
  • https://dp2.33across.com/ps/?pid=1205&rand=1706325881929.5 HTTP 302
  • https://idsync.rlcdn.com/405716.gif?partner_uid=212437783677323
Request Chain 302
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKSWW0d3lnEWOeDWTzAg%3D%3D&us_privacy=&random=1706325881929.7&pu=https%3A%2F%2Fwbz-tavnsz.net%2F HTTP 302
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212436263600266&seg_code=33x&random=1706325882
Request Chain 303
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=306b5649-1e77-4371-b2e5-386788abd9cb
Request Chain 304
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=TK3fIZEzRKA
Request Chain 305
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=TK3fIZEzRKA&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=4d7615b4-be95-5d57-b504-b94b8d751387
Request Chain 306
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7830607249730030491
Request Chain 307
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=2w51-qyfWF5reWb4xqKsmAW16oU
Request Chain 308
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f13ff11e-70c9-48d5-9f0d-aff05ede43a5
Request Chain 309
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=TK3fIZEzRKA
Request Chain 310
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=TK3fIZEzRKA&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=43f0b14c-94f8-5f2d-a463-f84ac04fbf2a
Request Chain 311
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7758549655692102555
Request Chain 312
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=2w51-qyfWF5reWb4xqKsmAW16oU
Request Chain 316
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 317
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=the33across HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=2w51-qyfWF5reWb4xqKsmAW16oU&user_group=1&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=5520a5b8-4f14-47af-8167-705984949485 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=5520a5b8-4f14-47af-8167-705984949485&ts=1706325882&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 318
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706325881946.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=3a8765b4-777a-4700-b6f1-8334dac4d9f0
Request Chain 319
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true&verify=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-mBwtZ3VE2uH41PFivdrrNkRFi8ZcOjZw~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-mBwtZ3VE2uH41PFivdrrNkRFi8ZcOjZw%7EA&ts=1706325882&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 320
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=593c3a791cc906e0&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAACcU3Po9IQEwNAdjKFAAAAAAA&expiration=1706412282&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAACcU3Po9IQEwNAdjKFAAAAAAA&ts=1706325882&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 321
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2664641436242888384639 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2664641436242888384639&ts=1706325882&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 323
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 343
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f13ff11e-70c9-48d5-9f0d-aff05ede43a5
Request Chain 345
  • https://sync.1rx.io/usersync2/lkqd HTTP 302
  • https://sync.1rx.io/usersync2/lkqd?zcc=1&cb=1706325883286 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1594602095 HTTP 302
  • https://sync.1rx.io/usersync/turn/7830607249730030491?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D7%26partnerUserId%3DRX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005
Request Chain 346
  • https://x.bidswitch.net/sync?ssp=lkqd HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=lkqd&ssp_user_id=5520a5b8-4f14-47af-8167-705984949485&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-lcqacoRE2pl6a96giA5Cw1qaMRVuYBCxYpJuww--~A&expires=5&ssp=lkqd HTTP 302
  • https://cs.lkqd.net/cs?partnerId=12&partnerUserId=5520a5b8-4f14-47af-8167-705984949485&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3D5520a5b8-4f14-47af-8167-705984949485%26redirect%3D%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D46%2526partnerUserId%253D5520a5b8-4f14-47af-8167-705984949485 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=43&partnerUserId=5520a5b8-4f14-47af-8167-705984949485&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3D5520a5b8-4f14-47af-8167-705984949485 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=46&partnerUserId=5520a5b8-4f14-47af-8167-705984949485
Request Chain 347
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D13%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=13&partnerUserId=f13ff11e-70c9-48d5-9f0d-aff05ede43a5
Request Chain 348
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=22&partnerUserId=ea18b846-2890-45b5-bb97-1db97e1acc8a
Request Chain 351
  • https://media.sabio.us/imp_pixel?invsrc=11&secure=1 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=39&partnerUserId=7290042619747241509
Request Chain 353
  • https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D&_test=ZbR3ewAAX5lxcQBK HTTP 302
  • https://cs.lkqd.net/cs?partnerId=52&partnerUserId=ZbR3ewAAX5lxcQBK&_test=ZbR3ewAAX5lxcQBK
Request Chain 354
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=53&partnerUserId=CxTYaqsNLmpX&ev=1&pid=561322
Request Chain 356
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=VEszZklaRXpSS0E HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEECs5P1_GZI5BvvvQ1zbK6k&google_cver=1
Request Chain 357
  • https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=v-_lWb7tsA-k7rIJuuuqXLDpsgmk6L5cuOuWxMOs
Request Chain 358
  • https://match.prod.bidr.io/cookie-sync/lkq HTTP 303
  • https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1 HTTP 303
  • https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAG88U7LaO8AABO1UKlYcA
Request Chain 359
  • https://a.tribalfusion.com/i.match?p=b30&u=TK3fIZEzRKA&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b30&u=TK3fIZEzRKA&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662067896561467
Request Chain 361
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID HTTP 302
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_ecdcfb41-5f05-4835-a680-1212fdf19aad
Request Chain 362
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=118 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=118 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0a28d24a-cf74-430f-bb09-6fcd90d36213-65b4777b-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D0a28d24a-cf74-430f-bb09-6fcd90d36213-65b4777b-5553%26partner_url%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D97%2526partnerUserId%253D0a28d24a-cf74-430f-bb09-6fcd90d36213-65b4777b-5553 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0a28d24a-cf74-430f-bb09-6fcd90d36213-65b4777b-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D0a28d24a-cf74-430f-bb09-6fcd90d36213-65b4777b-5553%26partner_url%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D97%2526partnerUserId%253D0a28d24a-cf74-430f-bb09-6fcd90d36213-65b4777b-5553&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=0a28d24a-cf74-430f-bb09-6fcd90d36213-65b4777b-5553&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUserId%3D0a28d24a-cf74-430f-bb09-6fcd90d36213-65b4777b-5553 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=97&partnerUserId=0a28d24a-cf74-430f-bb09-6fcd90d36213-65b4777b-5553
Request Chain 381
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwbz-tavnsz.net%2F&domain=wbz-tavnsz.net&bundle=qOKN6V9TMmVDQXpNQVg5Z3A4Y1QlMkZ2VzFFdkthNEtWMTVMUkdZRFc3RTVEeGZteDV4eHBzeFVvUnJpdlFXZTNqdnp0SUpjQ3FDVVlLN0xlOGxzNDRGN1JrUTFBS2lyVUpBSWdFTVlhaFZDSkFMN0hHUjVUcDJjbmxVS3c4SVdHaG5CMVhJcGpVd1J1JTJGRnQwUmw0ZkFDSiUyQlhIdEElM0QlM0Q&cw=1&pbt=1&lsw=1&gdpr=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=tLhxtHxOWVhJQnRMSDlzRGk3Tk5DOWNUckxEODIwaSswc1FjdVRYRHlTSVV1Z1ltVmx3UDY2dTV1TGVvM29BR3RhVHZ1Wlg4SlhueW1CUlpVZ1BwQnMvUzNoVkRVQ3ZlT1NVbWtDRW9vQjY3eXh2NVh1cDh1Sy9iTTNvU1Q1UENCV3dtNXJXWW0rc2kreW4wT1pZcTl6SlZCS214U05NMFZjM3p2MnZMbWZZMWxDbGREbVJCTnpvVEFsb3JDWnFIb1pxdDRwb0RFSmtJMkZDNXFuRDVZTVEwY1g5c1R1eU1FdGlzN3ArMU8zN0U3TnVqMnZEaXZpdFJJQzBqMWM4cGdiemxJUFNDNnMwaVNpd0dKMU5TTU9xelU3SERZV2dXWkt6a3RqU1hVM2ZmNnNmZz18&cppv=2
Request Chain 435
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LRVIDF5G-1Y-53O3 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LRVIDF5G-1Y-53O3 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LRVIDF5G-1Y-53O3&ts=1706325884&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 527
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&gdpr_consent=&expires=30
Request Chain 528
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJWSURGNUctMVktNTNPMw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECr-mgr1DAz8gVx8JmaVktc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJWSURGNUctMVktNTNPMw==&google_push=
Request Chain 529
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRVIDF5G-1Y-53O3
Request Chain 530
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG28mOAITGQrfDYQ7mD6ad4&google_cver=1
Request Chain 531
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WqA_5ISbRImB4UAIaRdroQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WqA_5ISbRImB4UAIaRdroQ
Request Chain 532
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/qfYetX4_4Ldi12mC5otX0Mn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-6hcdDctE2oLgCEsIRwagKs1kPyzmiIwG5G5oWw--~A
Request Chain 533
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDdkOWMzZDg4MDdlYjU0OWFkODc2MmM5NmE3ZmFhYzA3NmE1OTgxZQ
Request Chain 534
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LRVIDF5G-1Y-53O3&ex=d-rubiconproject.com&status=ok
Request Chain 535
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=phgrMhscQ8q6Li8eZcULlA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=phgrMhscQ8q6Li8eZcULlA
Request Chain 536
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAG88U7LaO8AABO1UKlYcA&expires=30
Request Chain 537
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRVIDF5G-1Y-53O3
Request Chain 538
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9937cf25-d733-49e9-a224-fe71af373a0d&expires=30
Request Chain 539
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LRVIDF5G-1Y-53O3&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LRVIDF5G-1Y-53O3&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 540
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRVIDF5G-1Y-53O3
Request Chain 541
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRVIDF5G-1Y-53O3
Request Chain 542
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LRVIDF5G-1Y-53O3
Request Chain 549
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwbz-tavnsz.net%2F&domain=20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=U2nVP3xadjJRRUprRHZUZTJOT2NRakpKVGVGZVdMVXBZcUlRUlJKQXlRN1dMNWhmN09mTnJjU3B1QTRza1JmUTV5UDZzbnlLTEtOZUZGNWZ3ZGVkbEkxV0w5LzhTcjRQTVhGWCtKaDE0MlZZUm41UjQ1cnNwL3NwZG9LMnNWbXdlbm5EWXNSODE3KzBvMmkzWmRaZXp2TVpmOUJKYVVCd0VXYWs5QXlVQU5wY05vYTY5Tjl0SFBuM3hHekxCTUZPUjhXK2RxS0k5V043N0F4ZnQ4OGtVZ3cxdm1QL3ZyV0IvalovNTZEN2tLZHBYTC8vazRXYSt4Wm5ocFQ3c1QzOTk5b2NmTVlZZ2hMSW1Odlh2ZnhvUGg2ZXEyQzArMGZ5cWtwTVJpN0N0bHAvRnhBdDZ2djlYQjUrZ0JFSnhyZHNZZnBLR1FDUnkwRmtiTHVBd0pUR2QrMXR5YWtsUU1mZFVja2F6SWhvYjVYK2N6Tis0cUxmSlJHLzlJamJlVDNqbDZiZkl8&cppv=2
Request Chain 578
  • https://an.yandex.ru/mapuid/turktelekomrtb/ HTTP 302
  • https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=85683BD4B01D75A3
Request Chain 579
  • https://ads.betweendigital.com/match?bidder_id=45308&callback_url=%2F%2Fcpm.programattik.com%2Fuser-sync%3Fzone%3D921%26dsp%3D8%26t%3Dimage%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://cpm.programattik.com/user-sync?zone=921&dsp=8&t=image&uid=b24fc8fc-8b1d-531b-b0fb-873ed54ff047
Request Chain 580
  • https://an.yandex.ru/mapuid/turktelekomrtb/ HTTP 302
  • https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=85683BD4B01D75A3
Request Chain 581
  • https://ads.betweendigital.com/match?bidder_id=45308&callback_url=%2F%2Fcpm.programattik.com%2Fuser-sync%3Fzone%3D920%26dsp%3D8%26t%3Dimage%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://cpm.programattik.com/user-sync?zone=920&dsp=8&t=image&uid=b24fc8fc-8b1d-531b-b0fb-873ed54ff047
Request Chain 582
  • https://an.yandex.ru/mapuid/turktelekomrtb/ HTTP 302
  • https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=85683BD4B01D75A3
Request Chain 583
  • https://ads.betweendigital.com/match?bidder_id=45308&callback_url=%2F%2Fcpm.programattik.com%2Fuser-sync%3Fzone%3D924%26dsp%3D8%26t%3Dimage%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://cpm.programattik.com/user-sync?zone=924&dsp=8&t=image&uid=b24fc8fc-8b1d-531b-b0fb-873ed54ff047
Request Chain 588
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=45790be1-12e3-4133-87c7-b55ce34c176b&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=0f576a21-4c9b-4919-bd76-51dc50f7bc67&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%3F%26RG%3D68cb99f9720c4ddeacbd974e3a7bd5d6%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=22137440&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=1343668520684867350 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=68cb99f9720c4ddeacbd974e3a7bd5d6&SNR=1&GV=2&med=10
Request Chain 594
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=de3a77af-392e-4003-a572-23e5caacb59e&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=53f42e5b-8495-424f-aa2d-a0f4be7f7e5e&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%3F%26RG%3Dee7e3963327d44419deb4dc0599c3d14%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=22137440&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_p2f_zbovyr&aid=6176426157599198940&wp=0.024788 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=ee7e3963327d44419deb4dc0599c3d14&SNR=1&GV=2&med=10
Request Chain 600
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=0b8f570e-74ea-4bf1-aefa-4ae8c7bcc4cb&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=7941d982-0a60-44fd-9200-a606709be18c&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D9ab9b3a9baaa4d89b6d0d018f834deeb%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=22137440&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=6155422239041619496 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=9ab9b3a9baaa4d89b6d0d018f834deeb&SNR=1&GV=2&med=10
Request Chain 606
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=b6de0de9-b7eb-4496-9769-89ed8cc173db&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=4e424406-697c-4e68-a0e4-99a3fd5237d9&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%3F%26RG%3D27d1a70e5250457b9514317d5f3d6384%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=22137440&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_qvfnoyr_oenaq&aid=6722583793264245075 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=27d1a70e5250457b9514317d5f3d6384&SNR=1&GV=2&med=10
Request Chain 612
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=d3d7516a-fc7b-49ee-969a-9273e4d5751a&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=c09cee16-69c9-4558-a15f-c4de5be1a939&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%3F%26RG%3Df856f1dbbf8e4fc98d2a683cd3088a92%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=22137440&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_p2f_zbovyr&aid=2804687946167308583&wp=0.035338 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=f856f1dbbf8e4fc98d2a683cd3088a92&SNR=1&GV=2&med=10
Request Chain 619
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=bad3ebf0-39e9-4a2a-83d2-bab8b4e85c5b&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=1766ad1a-f18e-4c6b-8332-957d5943f64b&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%3F%26RG%3De821d197cc5c47dc8453de200ae9df50%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=22137440&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_gznk&aid=1434822020875448541 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=e821d197cc5c47dc8453de200ae9df50&SNR=1&GV=2&med=10
Request Chain 628
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=8dcda9e2-ddc1-4eae-bb4d-95c6b2cd280f&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=4e6c266c-1f98-4c50-b802-f8679c4a914c&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%3F%26RG%3D7c5f284b29ac4a0abd5e5e0fadbb8d21%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=22137440&trafficGroup=knaqe_3c&trafficSubGroup=tqcecnff&aid=8134711272972235605 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=7c5f284b29ac4a0abd5e5e0fadbb8d21&SNR=1&GV=2&med=10
Request Chain 632
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=d589748d-961f-4c17-a8ad-cebbb41d653e&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=9ab5f150-03be-485b-a5d1-80a90a7ca6f8&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D4e430b0b8b024923a094c68e8e873f81%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=22137440&trafficGroup=knaqe_3c&trafficSubGroup=tqcecnff&aid=1880030912225417430 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4e430b0b8b024923a094c68e8e873f81&SNR=1&GV=2&med=10
Request Chain 636
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=mVHsiHxhSTd2MFNSL2VaU09jTTQwSTNIWk5RQnVyY0hUSStpdVhTWFhML08xMTNhSmlXUDZQWUNHNzU5RFgvdzQxdXlOdVJKTXM3TnJRcTZiRlFoSHZGYk9yQXNFc2lMNzV2TXF2VnVWVDY1cjVUZ21US2tFYmd0TytjQVFxcmpxS2dRVjdNVTg3WUNlaSt5TWZnb2ZXY3VBblhWNlBncjNhdnBPQTZjcGtPOHlhNEFMWWFMcjBGMjFiNWFGaWVlOEVuZkMxR1Y1Qlk1eEwrVzM5NEFYb0VZb3RhTDNYY2Fla0lGT2xkM1VQcER5ZmlQVjlVUjMrREdxWmhvRnVKbU4vSzMyNHlBcnJOWlpTRkVZbHN4bWZlVm9QdHdkUUNFWFNjZTFCRlhoalozQTN5ditZSFErV0V6RjhDVXdQMWZZdFFLclROV2FGUXptRktyaXd6eDYzd1pSaG5ZbDZON1MrUEdhZWhCNVF0OUNLc08xZ1FOZU9hczRWeWdrWlR4REVlc2x8&cppv=2
Request Chain 669
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5554114585976271850&gdpr=0&gdpr_consent=
Request Chain 670
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=9ed7d566-bcc3-11ee-9d27-bceb8ac44083
Request Chain 671
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHODhVN0xhTzhBQUJPMVVLbFljQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAG88U7LaO8AABO1UKlYcA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAG88U7LaO8AABO1UKlYcA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAG88U7LaO8AABO1UKlYcA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0
Request Chain 672
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=egWh6-g5QZqYHY0jqP8eBQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 673
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=7A05A1EB-E839-419A-981D-8D23A8FF1E05 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D7c557dde-d608-4ba1-a19b-be5a365c1632%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5554114585976271850&pt=7c557dde-d608-4ba1-a19b-be5a365c1632%2C%2C
Request Chain 676
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0EwNUExRUItRTgzOS00MTlBLTk4MUQtOEQyM0E4RkYxRTA1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 677
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAirZUZi-uraAcrnq-r_QKI&google_cver=1
Request Chain 678
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E57B5237F775449FBB25A116396F8954
Request Chain 679
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&gdpr_consent=
Request Chain 681
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Em9_0iRE2uWbcxB7CFqri3zmKEUONJU-~A&gdpr=0
Request Chain 682
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=d589748d-961f-4c17-a8ad-cebbb41d653e&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=9ab5f150-03be-485b-a5d1-80a90a7ca6f8&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D4e430b0b8b024923a094c68e8e873f81%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=22137440&trafficGroup=knaqe_3c&trafficSubGroup=tqcecnff&aid=1880030912225417430 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=4e430b0b8b024923a094c68e8e873f81&tids=15000&med=10
Request Chain 703
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=0b8f570e-74ea-4bf1-aefa-4ae8c7bcc4cb&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=7941d982-0a60-44fd-9200-a606709be18c&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D9ab9b3a9baaa4d89b6d0d018f834deeb%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=22137440&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=6155422239041619496 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=9ab9b3a9baaa4d89b6d0d018f834deeb&tids=15000&med=10
Request Chain 706
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=de3a77af-392e-4003-a572-23e5caacb59e&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=53f42e5b-8495-424f-aa2d-a0f4be7f7e5e&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Dee7e3963327d44419deb4dc0599c3d14%26tids%3D1%26med%3D10&rtype=mvFeedbackURL&tagId=22137440&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_p2f_zbovyr&aid=6176426157599198940&wp=${AUCTION_PRICE} HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ee7e3963327d44419deb4dc0599c3d14&tids=1&med=10
Request Chain 708
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=45790be1-12e3-4133-87c7-b55ce34c176b&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=0f576a21-4c9b-4919-bd76-51dc50f7bc67&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D68cb99f9720c4ddeacbd974e3a7bd5d6%26tids%3D1%26med%3D10&rtype=mvFeedbackURL&tagId=22137440&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=1343668520684867350 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=68cb99f9720c4ddeacbd974e3a7bd5d6&tids=1&med=10
Request Chain 711
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=bad3ebf0-39e9-4a2a-83d2-bab8b4e85c5b&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=1766ad1a-f18e-4c6b-8332-957d5943f64b&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3De821d197cc5c47dc8453de200ae9df50%26tids%3D1%26med%3D10&rtype=mvFeedbackURL&tagId=22137440&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_gznk&aid=1434822020875448541 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=e821d197cc5c47dc8453de200ae9df50&tids=1&med=10
Request Chain 713
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=d3d7516a-fc7b-49ee-969a-9273e4d5751a&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=c09cee16-69c9-4558-a15f-c4de5be1a939&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Df856f1dbbf8e4fc98d2a683cd3088a92%26tids%3D1%26med%3D10&rtype=mvFeedbackURL&tagId=22137440&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_p2f_zbovyr&aid=2804687946167308583&wp=${AUCTION_PRICE} HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=f856f1dbbf8e4fc98d2a683cd3088a92&tids=1&med=10
Request Chain 715
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=8dcda9e2-ddc1-4eae-bb4d-95c6b2cd280f&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=4e6c266c-1f98-4c50-b802-f8679c4a914c&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D7c5f284b29ac4a0abd5e5e0fadbb8d21%26tids%3D1%26med%3D10&rtype=mvFeedbackURL&tagId=22137440&trafficGroup=knaqe_3c&trafficSubGroup=tqcecnff&aid=8134711272972235605 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=7c5f284b29ac4a0abd5e5e0fadbb8d21&tids=1&med=10
Request Chain 717
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=b6de0de9-b7eb-4496-9769-89ed8cc173db&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=4e424406-697c-4e68-a0e4-99a3fd5237d9&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D27d1a70e5250457b9514317d5f3d6384%26tids%3D1%26med%3D10&rtype=mvFeedbackURL&tagId=22137440&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_qvfnoyr_oenaq&aid=6722583793264245075 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=27d1a70e5250457b9514317d5f3d6384&tids=1&med=10
Request Chain 722
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6550805774 HTTP 302
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6550805774&rd=1
Request Chain 725
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6771990059 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/ea18b846-2890-45b5-bb97-1db97e1acc8a HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005
Request Chain 726
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZbR3ewAAX5lxcQBK&gdpr=0&gdpr_consent=
Request Chain 727
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4027850678975933537&gdpr=0&gdpr_consent=
Request Chain 728
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-cd97pA0gcDiLvxp5fxf53Qn1RQt5eJeJkHFIxa-OTw&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/102/8/2.gif?puid=4027850678975933537&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/2/7/3.gif?puid=5554114585976271850&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AAG88U7LaO8AABO1UKlYcA&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=ea18b846-2890-45b5-bb97-1db97e1acc8a&ttl=%%TTL%% HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F4%2F6.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/102/123/4/6.gif?puid=18d48f2b6b9-26b00000010a59e6&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/102/112/3/7.gif?puid=B86DEE7BEC4EECF0&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F2%2F8.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/102/10/2/8.gif?puid=481039510169595972&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F1%2F9.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/104/1/9.gif?puid=5520a5b8-4f14-47af-8167-705984949485&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F163%2F0%2F10.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/102/163/0/10.gif?puid=AkhEhhiT1Rtzjh5&gdpr=0&gdpr_consent=
Request Chain 729
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&gdpr_consent=
Request Chain 733
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=between&bsw_custom_parameter=5520a5b8-4f14-47af-8167-705984949485 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=5520a5b8-4f14-47af-8167-705984949485&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dbetween%26bsw_param%3D5520a5b8-4f14-47af-8167-705984949485 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=7c557dde-d608-4ba1-a19b-be5a365c1632&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D7c557dde-d608-4ba1-a19b-be5a365c1632%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Dbetween%252526bsw_param%25253D5520a5b8-4f14-47af-8167-705984949485%252C HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=7c557dde-d608-4ba1-a19b-be5a365c1632&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D7c557dde-d608-4ba1-a19b-be5a365c1632%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Dbetween%252526bsw_param%25253D5520a5b8-4f14-47af-8167-705984949485%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=42104034399028679712155648240527062714&pt=7c557dde-d608-4ba1-a19b-be5a365c1632%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dbetween%2526bsw_param%253D5520a5b8-4f14-47af-8167-705984949485%2C HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=between&bsw_param=5520a5b8-4f14-47af-8167-705984949485 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=5520a5b8-4f14-47af-8167-705984949485
Request Chain 734
  • https://ads.adlook.me/csync?pid=btw&uid=b24fc8fc-8b1d-531b-b0fb-873ed54ff047&url=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D128%26external_user_id%3D%7BuserId%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=128&external_user_id=e7931392255b4d1eb5817ada86475dab
Request Chain 736
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=gRgb5CTQoW0.AikABlGNSPLJcg
Request Chain 742
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5520a5b8-4f14-47af-8167-705984949485 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5520a5b8-4f14-47af-8167-705984949485 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=0720d1d8-a8b6-4457-9ba7-7cfe8ceb61a0&user_group=1&ssp=pubmatic&bsw_param=5520a5b8-4f14-47af-8167-705984949485 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5520a5b8-4f14-47af-8167-705984949485&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 743
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oCZVl6EkAMG7JwLHpSIakq8gAse7IQ6SpyK-4HVe
Request Chain 744
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:AkhEhhiT1Rtzjh5&gdpr=0&gdpr_consent=
Request Chain 745
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=2b264bda-1995-43f9-82fb-d30181d4ae55&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=7A05A1EB-E839-419A-981D-8D23A8FF1E05
Request Chain 746
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 747
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=2w51-qyfWF5reWb4xqKsmAW16oU&gdpr=0&gdpr_consent=
Request Chain 748
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2809753620617690363
Request Chain 750
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU8bf0252287024404b335b3ba67fa6f9d
Request Chain 751
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 752
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=881709339909
Request Chain 753
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3a8765b4-777a-4700-b6f1-8334dac4d9f0&gdpr=0&gdpr_consent=
Request Chain 754
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=_POTYpxSAz2mj1OEf3e0ZQ
Request Chain 756
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=8345392668 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/1508/3a8765b4-777a-4700-b6f1-8334dac4d9f0?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005
Request Chain 760
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7596122872025351995&uid=Q7596122872025351995&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7596122872025351995
Request Chain 761
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E57B5237F775449FBB25A116396F8954&gdpr=0&gdpr_consent=
Request Chain 762
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&vxii_pid=12&vxii_pid1=10067&vxii_rcid=c9ab0d85-fd57-4e59-91c7-85a3b499f492
Request Chain 763
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent=
Request Chain 766
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9937cf25-d733-49e9-a224-fe71af373a0d&gdpr=0&gdpr_consent=
Request Chain 767
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1f5742648788243b&is_secure=true&networkId=17100&version=1&nuid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACcDz2cVEWJQN6pBHbAAAAAAA&expiration=1706412287&nuid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 768
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7830607249730030491&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 769
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33646_10FECF050_A65EACC2&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 770
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=0a28d24a-cf74-430f-bb09-6fcd90d36213-65b4777b-5553&gdpr=0&gdpr_consent=
Request Chain 771
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_9cf28c52-bcc3-11ee-b38e-126da42bc963&gdpr=0
Request Chain 772
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=GxYHZq_DnYR8peAn_851_xrMe7PO2nbX7azw4MAivjA&pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
Request Chain 773
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=481039510169595972
Request Chain 776
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=publicidad&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Request Chain 777
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=60aa20a9-e486-49a7-826c-1zz1706325785 HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=5520a5b8-4f14-47af-8167-705984949485&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Drichaudience%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=richaudience&user_id=jYsQb8N8r4ztaE9h2fb10 HTTP 302
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=5520a5b8-4f14-47af-8167-705984949485&gdpr=&gdpr_consent=&us_ps=
Request Chain 778
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&euconsent=&domain=sync.richaudience.com
Request Chain 787
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LRVIDF5G-1Y-53O3&gdpr=0
Request Chain 788
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3D70a21ae20dfbf74c5fa4b7af696db04c%26dspid%3Dopenx HTTP 302
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=0e06f90a-5a71-4401-9ee8-b8aade7d3758&vid=70a21ae20dfbf74c5fa4b7af696db04c&dspid=openx
Request Chain 789
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3D70a21ae20dfbf74c5fa4b7af696db04c%26dspid%3Dadf HTTP 303
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=481039510169595972&vid=70a21ae20dfbf74c5fa4b7af696db04c&dspid=adf
Request Chain 796
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAG88U7LaO8AABO1UKlYcA&partnerid=127&gdpr=0
Request Chain 797
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=57406687-8359-414a-ba2e-983339914e7d&gdpr=0
Request Chain 798
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26uid%3DSMART_USER_ID%26gdpr_pd%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=4027850678975933537&gdpr_pd=0&gdpr=0&gdpr_consent=
Request Chain 799
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDAyNzg1MDY3ODk3NTkzMzUzNw==&gdpr=0&gdpr_consent=
Request Chain 800
  • https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=172d7189-394e-4638-832f-8590408566d1&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Request Chain 805
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAG88U7LaO8AABO1UKlYcA&partnerid=127&gdpr=0
Request Chain 806
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=smartadserver&bsw=5520a5b8-4f14-47af-8167-705984949485 HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=&ssp=smartadserver&bsw=5520a5b8-4f14-47af-8167-705984949485&chk=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=NDYxM2MxNDA0NzQ0YTA2YQ&gdpr=0&gdpr_consent=&us_privacy=&ssp=smartadserver&bsw_param=5520a5b8-4f14-47af-8167-705984949485 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=5520a5b8-4f14-47af-8167-705984949485&gdpr=0&gdpr_consent=
Request Chain 807
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=7e92928104
Request Chain 808
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=2251e13d-722c-4884-b2f6-c68379352e13&gdpr=0&gdpr_consent=
Request Chain 809
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=&s=2 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=nmeEaVjnU38KmSVrV-bu&gdpr=0
Request Chain 814
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAG88U7LaO8AABO1UKlYcA&partnerid=127&gdpr=0
Request Chain 815
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=4702a7c3-4a31-4856-b9d9-3ab63a55712b&gdpr=0&gdpr_consent=
Request Chain 816
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=f13ff11e-70c9-48d5-9f0d-aff05ede43a5&gdpr_consent=null&gdpr=0
Request Chain 817
  • https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%3D%23GDPR_CONSENT%23&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=7830607249730030491&gdpr=0&gdpr_consent=
Request Chain 818
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7328613885281106071&gdpr=0&gdpr_consent=
Request Chain 823
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=7e92928104
Request Chain 824
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=5554114585976271850&gdpr=0&gdpr_consent=
Request Chain 825
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0a16220400d2b5865bd61592&gdpr=0&gdpr_consent=
Request Chain 826
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=ea18b846-2890-45b5-bb97-1db97e1acc8a&ttl=%%TTL%%
Request Chain 827
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent=
Request Chain 832
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=7e92928104
Request Chain 833
  • https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=5b7e0147-082c-4b5d-92cf-2fe7fb610a19&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Request Chain 834
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=&s=2 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=nmeEaVjnU38KmSVrV-bu&gdpr=0
Request Chain 835
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=323ac30330a93ceb331e0fd5eb382862&gdpr=0&gdpr_consent=0
Request Chain 836
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NDAyNzg1MDY3ODk3NTkzMzUzNw==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELvH8ST_n_RCUCuoDPhCfqI&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 841
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=4702a7c3-4a31-4856-b9d9-3ab63a55712b&gdpr=0&gdpr_consent=
Request Chain 842
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=2251e13d-722c-4884-b2f6-c68379352e13&gdpr=0&gdpr_consent=
Request Chain 843
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=7e92928104
Request Chain 844
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26uid%3DSMART_USER_ID%26gdpr_pd%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=4027850678975933537&gdpr_pd=0&gdpr=0&gdpr_consent=
Request Chain 845
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&gdpr_consent=
Request Chain 850
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=2809753620617690363&expires=30&ssp=smartadserver HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=5520a5b8-4f14-47af-8167-705984949485&gdpr=&gdpr_consent=
Request Chain 851
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDAyNzg1MDY3ODk3NTkzMzUzNw==&gdpr=0&gdpr_consent=
Request Chain 852
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MmdhR2NnWURJeEZUemlrZC10VVJoWHlIQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDJnYUdjZ1lESXhGVHppa2QtdFVSaFh5SEEiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDJnYUdjZ1lESXhGVHppa2QtdFVSaFh5SEEiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDJnYUdjZ1lESXhGVHppa2QtdFVSaFh5SEEiLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=481039510169595972&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDJnYUdjZ1lESXhGVHppa2QtdFVSaFh5SEEiLCJkIjpbeyJuYW1lIjoic21hcnQifV19 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=2gaGcgYDIxFTzikd-tURhXyHA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648%26r%3Dhttps%253A%252F%252Fa.audrte.com%252Fp%253F HTTP 302
  • https://a.audrte.com/match?uid=4027850678975933537&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 853
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=2h3irtsft_jBHLX-3xmtq9Ubtf7BGrmr3RnFEblL
Request Chain 854
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=CxTYaqsNLmpX&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 859
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=2251e13d-722c-4884-b2f6-c68379352e13&gdpr=0&gdpr_consent=
Request Chain 860
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7328613885283858585&gdpr=0&gdpr_consent=
Request Chain 861
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NDAyNzg1MDY3ODk3NTkzMzUzNw==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELvH8ST_n_RCUCuoDPhCfqI&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 862
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4027850678975933537&gdpr=0&gdpr_consent=
Request Chain 868
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=&s=2 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=nmeEaVjnU38KmSVrV-bu&gdpr=0
Request Chain 869
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NDAyNzg1MDY3ODk3NTkzMzUzNw==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELvH8ST_n_RCUCuoDPhCfqI&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 870
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent=
Request Chain 871
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MmdhN3RJRnNSNE9RTU9wMFVmZXpQR3FUdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDJnYTd0SUZzUjRPUU1PcDBVZmV6UEdxVHciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDJnYTd0SUZzUjRPUU1PcDBVZmV6UEdxVHciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDJnYTd0SUZzUjRPUU1PcDBVZmV6UEdxVHciLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=481039510169595972&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDJnYTd0SUZzUjRPUU1PcDBVZmV6UEdxVHciLCJkIjpbeyJuYW1lIjoic21hcnQifV19 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=2gaGcgYDIxFTzikd-tURhXyHA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648%26r%3Dhttps%253A%252F%252Fa.audrte.com%252Fp%253F HTTP 302
  • https://a.audrte.com/match?uid=4027850678975933537&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 872
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005&rndcb=2486051683 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=5520a5b8-4f14-47af-8167-705984949485&google_hm=NTUyMGE1YjgtNGYxNC00N2FmLTgxNjctNzA1OTg0OTQ5NDg1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENJXa2e0CfMx5zhj1Em_RrQ&google_cver=1&ssp=adconductor&bsw_param=5520a5b8-4f14-47af-8167-705984949485 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/5520a5b8-4f14-47af-8167-705984949485?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005
Request Chain 877
  • https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%3D%23GDPR_CONSENT%23&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=7830607249730030491&gdpr=0&gdpr_consent=
Request Chain 878
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&gdpr_consent=
Request Chain 879
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=2h3irtsft_jBHLX-3xmtq9Ubtf7BGrmr3RnFEblL
Request Chain 880
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7328613885282941086&gdpr=0&gdpr_consent=
Request Chain 881
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=4702a7c3-4a31-4856-b9d9-3ab63a55712b&gdpr=0&gdpr_consent=
Request Chain 882
  • https://pixel.rubiconproject.com/exchange/sync.php?p=publicidad&gdpr=0&gdpr_consent=&gdpr=0&khaos=LRVIDF5G-1Y-53O3 HTTP 302
  • https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LRVIDF5G-1Y-53O3&gdpr=0
Request Chain 920
  • https://idsync.rlcdn.com/712188.gif?partner_uid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent= HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=9514ef1a70cae9a4e687eba5b475580b265418c15d7eb2165b214ca565623491791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=9514ef1a70cae9a4e687eba5b475580b265418c15d7eb2165b214ca565623491791426b5417dce21&rand=06656222
Request Chain 923
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b5cd31c0-6b62-4732-961f-d87a56fbf45a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 948
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=7A05A1EB-E839-419A-981D-8D23A8FF1E05 HTTP 303
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&_li_chk=true&previous_uuid=a221e9018812460991e312008b376dd4 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7830607249730030491 HTTP 303
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=a221e901-8812-4609-91e3-12008b376dd4 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=liveintent HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=481039510169595972&ssp=liveintent HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=5520a5b8-4f14-47af-8167-705984949485 HTTP 303
  • https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=5520a5b8-4f14-47af-8167-705984949485
Request Chain 950
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:7A05A1EB-E839-419A-981D-8D23A8FF1E05 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=a1205780-bcc3-11ee-b039-16c962239a11&companyId=673&id=pubmatic_id:7A05A1EB-E839-419A-981D-8D23A8FF1E05
Request Chain 956
  • https://s.ad.smaato.net/c/?adExInit=v HTTP 302
  • https://cs.lkqd.net/cs?partnerId=109&partnerUserId=7e92928104&gdpr=0&gdpr_consent=
Request Chain 1006
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=wbz-tavnsz.net&sn=ChromeSyncframe&so=3&topUrl=wbz-tavnsz.net&bundle=hQR-MF9TMmVDQXpNQVg5Z3A4Y1QlMkZ2VzFFdkVOaUV1SkpkeDBJS3Z6MlF5RXV3NnkxcWk2UXVhQnNPRWt0dXdMZ1FaS25HZDhCZDExQ09BTzFBdHFlbHNZZlEwa3U1MzFOOSUyQndWSHB2YVBGVkdLQVJscUVleEp1YmpQd2Zyc1BSNnc2M3o2ZjVya04lMkI2MTc1b0pialZaUFZEWUElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=KiE7h3xibC9LRnJ5SldxZWhEWENwYjlIUjlEWk51Uk9WMHJCME5Sam1IZ3pJMmhSR2pTQkdvVTcvdjdiK0pMSWYvMHp2SDBPekJWOWwvYzlrczZsazVzbFF5eXJTWjAyMTVENmpPejJDMjZJQjNCUWFjRjIyTWxVVngrdkZBNnRZRDJub20yK1o4TjZzTnNoNTFwbGJURUxmUVRyMk93R005SDJmc1V5N3NpMExkMFJHelJEOE13R3htdGJDQVlzVUExUTQzT1RwZUx3MjhlZXNCVUZicFhSTFBBMkdDYzFyMm8yUE9SYXJWUVNWYWQ0VFNVbzdnSW5oSFRHNzVzdDM4YzcrMlJZcHphM0taNnFyTUpXQ3ZaMWdvRkp4WnNaeEI2RFdGdUN5QzJ3ckFSQT18&cppv=2
Request Chain 1036
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windsplay.com&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=qmk2iHx6blhNa3BWQ3BWSkVFbm1rNGlsVnVCbHhPdVVZSExzdlRFYVFnWTBYTTByaUVJVmg1K1lMdWpUcDdlRWJiclVRNklRTHBKNENTTjdyNWdZaExqaUVQb0VvVXNEU2s2aEZjajhFK01Nc3JpRlpZRWtFYmNydlZtTGFjOFYvMUlSQ0dFOFY5bkI2bm4zbmhEZko0OEJFUkZJaUxpbDdKOXpvUVh6U29Vbm50SWQ5SlcyaXdyQmtHeGR0b0wxazRXM2h2ZzN6cUZvZG4wNVZXQmwyTmZlR0xaRnFwZlFCMnpyMERnN0V3UU1ObWVxbHIrN2RIc1ZRYmRDLzJrdGgyT0UzVDJzU2VpTzU2OTZzOVE2U3c2SnpJNG9rZ1g2VnlXMjR3UzJGS1ovRUJEa3dhdmhiM3M1cEdEU2x0Q1V4YXcwS3w&cppv=2
Request Chain 1039
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windsplay.com&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Z7_TnHxsdmRJTndrd0sxZXlJTVVmcDBjQ3djc09aYWpBSGZKdm94dFA4YTc3cWlySDVhTW8zNDFmNER1aDdOa3BnT0hRNW5Vbk5QRlRmUGZJU2o3WHk5NURuNW5BM0phNG84V2hQeDRCczJlay9EeER0aldCQ3RsRk5hWW0rdlM1L1E4ZktXVEZRV2JLTWpnZDl4TDFDUzNKOHJ2ellpbm1kcEF3d1I2OVB5MWpYaUk0L3A2QnJLSVVrTTV4eGFtRVJ5K252alVQR2lhc09wdGFJN2Fad0R1OGhzN3hES2EyZllLMGtBdGpUSzg3OVNqRUx5UFo4UTlZWWUwTTNJaHVqTzFMWlh3TDY1MFZwZldQMk90N3RhMFBkUCt5aDYyZE1kMVhWSGNuSWNCQWJzbVlGZUhLK05PL1JLaVQrZmxoRDhIQ3w&cppv=2
Request Chain 1040
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windsplay.com&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=OZsu5XxwS2Y5WG9mOC8vT0dBZGlzKys4ZEFKdkZRcWY1WGNUazNhdHBqNXRWeHlwMGtWeUlsNHVNMGkrWDRpY0pOM2x3VVNyS25yMGRFVEhCQ2hYRWFsYzB4ZGU5cjRDOE1jYld3emsxbncwYkpzM0tuenlkZ3U1L3FEbnZ2MlR6Zkh1S0RzMDJnSUxjc1doei90Q20vamtBcjRwdGpPNzhPaUw5cm5XNHNrZ20xNnMwTDRKSWhic1pjcnRPUHdDOVhXRWFrMno1L1NtTU83N3ZDOXhrYkNqYXBYbkFJbjRsSkdxR1g5Tm44NmtpMDVoYmRTaWIrMmhUd0Rybk5nZVFrbDQ0eVNWdUs2V3Awb0hNRFZ4cE1tR29UbFJXTXRtaXRCTFgyUVRUZ2NkbnZNMlhjNUo4VEtFYXptU2cxQ3NwOHM5Rnw&cppv=2
Request Chain 1043
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windsplay.com&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=nht5E3xlWFhmRTJ2MUQzWEVmWEJkMUNBSFVmRlVJNHQ3WGRXMzF0Z3BtbTFYVm1DVW45T0N4alZqUFZDT1dzakpSa296US9wVmVoTElacC80SThEelFGL00vNk5BQWFtcG1JcDZ5TE5XcWZaRFVqdmsvaW1zSmdYMnlZWHh1UmRoQ1FuRlY4ekdZYnUyNCtOS0s5VmRyVHMrbVRTRWpyWFQ1OGJGb0ZUREVRYUVTN0QzbDF5UGo0VDFrcUlaR0JIY05YYXljZzREeTdpTzR6V1g5enBLclNTT1Y0U1Uzc1k5TDYwOFlpYnBMVXNPUlVUSy9UWnh2a0xiLzRhZzZNM1I4aVFsZndwTVFBOUJONlRTbTJ4bDgvSjd6SFFYSkwzWksyUWFPZXRkOE9Vb2F0aHhkeDlxWWo5eW5Pc2ZRWnEyV2ZqT3w&cppv=2
Request Chain 1045
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windsplay.com&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=tNUOTnxtYlZlTjJxNEJ2cGlMVndmdGV3cDZSeFNGRVJKVTJJQTBZbDIvakMzQ0M3Y1dyS3lTWDllczBLK2RrcnV3cDA2ZHNYcmVNLzM1TFhZeDVQZGVOMDhVQ0MxQTlIWnNDY0tKYUtveVcrUVNIVGtCTGU3U0ppZFhURkxVeHJsM3doZWE4clp3b1RPbWR4bHdtTnRzUlM5YS9oZFpIWU1QZjcyUTluTFYwWnA0b2xkSmFBelhKYUdYRTdGa2k0M05xeTU1QVZkN2RtN3V1L0tvdDZKYWc0S3NiN0xpblZXRjdiVFF2a0lQNjJiTUdGSWtRQ1RTcFd1RlhBWUFEVlJkNXRpK1pRMVAzYXQ4SUtrc1dMZmxxYnRHQmhJSERKZ05WMGpuUWNsd3d3R2o2cHBUMXJTQjI1a0xIVHBCTndHK2pPcXw&cppv=2
Request Chain 1047
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windsplay.com&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=C9vyl3xqOWZnajd6b3FZNm1aaWdSbFM1ZFBlNkg5UHlzSE8wcUVzV1dnVTBXZWZQZzRuREgvWTg2MjVIVE5tUlBCQW9OSGwrWWNEZTNqdEtaeTJBNlNEaTkwWnZMSklLTWtIdFhPNFZyV3BIK1p2TXkwMDU4YTZvS0xpMjB5OEFuZGRickRPS3ZQSDdXZlgvT05YdUQ5bi9xbkVpKzYxT1pHUEdEVlVIQzh0TU1Tbkc3V1NoNDhkeStaWkFXaVRZTjJLbWd1Q0hVTXBNTDQyYkkxY2NIeDR0dFVvdEFyQ05ZSnJWZEhxVlVpamVWSSttLzVrajVFTzJLTTRHYkJHV08yQTVtRzB0UmptOEJ4bGRMaVdnVXNkbDA5UUZBWHhSb2trQTVpR1RsVVRWTVNDY3h4aG9GVGZYMDR0WTRZY0JOTzE5RHw&cppv=2
Request Chain 1048
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windsplay.com&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=bOSQ6HxRMkdwMi9hTFM3VTR3bUxyMmhwVjFHNHpudWZSYzZiWmpMRzk4YVBuQzlMWDBiVzFmZnBzb3FCc2hQVTAyY1BPTWRPOGpiMUJEQnR3RS8rSndXelFJY3RrclRoVmJSczYyS0dCeEFJWDlTVE9Wak9STVpIdDJKTFhpYkw2SkZVNVFNZUovT2cyWVhEb0p4M255SEUzb1FLY1NGMFVNVjJkSjNyR1lSNzJreUg1V1dlR21pMnUySUxKWXY0NmFrUTU4U1JOd0M4VENCRFlxQXFxNm5zMytvazV1T3F0QjA0cXV1eFEyaDl1b1ZMRUl2MXIvQXExS1E1NS9MVW84VC8vTG42UWVBMFpJKzg0Ni9CS1VhRFk0WFVmOWVENjlEOXppTlY3TmYwR2dHMk4vUzkyVGNhRlJXalY4T0ZIc3kydHw&cppv=2
Request Chain 1049
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windsplay.com&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=-a2SLnxROFN1K0Franc5Q0lQK2NxMVRDSmNhakVKMDluVUZma1ZOczM2VjZEcnV6NUoyZFF6NmVBZXRDZWlSVW9hSVErcDI4M1gyejl6bnNQUnVUT1hGQ2NjMWpHK2JPK3JrcHdpaUllaSttRlUrSHB5anAwblRuVXBnU2hKc0xHVW1lNnlBRm5PNVRQMDc0OG9tOGRLOTRuQnJQSU4waEFwTklkNlg5bUpJOGRVOXJ6cmtUTVVYUldQc05ISERqZXNYQlZDTDZtVURUN2pMOUNJYWVaN2pXMlhKUjNXbGlYMkI5K0J2dS8rSmJOMEZTbzFrSG1TNHhPRklNenZtZmpSUTNpcjlnZ09oUjhGN1VWRmplSDNmS04wNHRxNWdWQ0RGVXpzcWs0TURXZVcwZmRtN3A4dDJGMmpQYTUyWE1ua3lJd3w&cppv=2
Request Chain 1050
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windsplay.com&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=_agWp3x3dlAvVVVOWU1DUDE0alM3TEtpdGx3N2NhY1lvVTVpM3BoaE95NHY4MEdDT2RsRGdaeVFjM0VRdFRkZUhXZnBtQlI3QjJjOEpjbERzL1oreEpGSFZHdy9zSzltWTZVWmdvLzFHaER4VGhkellNVGNaMkMzZjhYRGpQc2VLYkhzUVAra2QyT0xXSndTYVY3S1pDeEtsd0psQlpzaWU4RXBSVkxuZUcrNWVMVEordUloakYwQW9jUm0rM2xkWU9hKzdwb3hLMWp6ZnpYTFdiUkcyM1Y2d3JzczZIVGtWWVNpV2JkdVNON2Q0RVVJR04zTk91T3V2MVJuMUhJUTlSeWN6NHh6VlNBQ2loSGR0cWFYOXI4VGp5cVZjSjJUTk9pdWNKWWhsUXUyaUdGbz18&cppv=2
Request Chain 1051
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windsplay.com&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=QsZ9H3xvNEJrWUhjOEc4dnJnOHRtNjVNVGk0allqZytibzlJMVhUZGtFblcwZ2xnS2VFKzFGRjJtTER1L00wZnlObWd2UzVuRmNVU083K2cxYlM2RlJIU0kwRExPbHlVTGN6QndyTXlWMkRBb2l3aXNacVRQNG5kUEVGTzJtZmlyU0VMYzZxc3pld0ZQbWlCSk0weDVQSUtlSUt5UVFqZ0tZQlI2dmVMZEd5WmRSNHg5ZVgra1Y4Z0ZITUIyVVRCRzJlQVFYb0ZsV2VOVGRGbVVxcWRzUERaOVp3WkJsUkpSUEcwTlVBWFZzdVM5SEE4cjhHdkxOZGhldzB0bzlOQi9tNTVkKytuVmROUHlrSHpSd3VHeHRzL1ZJYitaYW9QeUFzR1BuaHZYT1Y3TDd3SHlzOE1vMmZBLytDSjUwZE0yVmRBTnw&cppv=2

1148 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wbz-tavnsz.net/ 		337 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2f80a00ca15d89e26e2ea5b1b2726a75c24c86f4c648bfbc2c61eec52617c4b3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84bde23d198f4283-EWR
content-encoding
br
content-type
text/html
date
Sat, 27 Jan 2024 03:24:37 GMT
last-modified
Fri, 26 Jan 2024 22:40:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMvCopT6t0jElvdbjL1GekKwC8qwOEfpDWlr46CgAAzlRgGGg5U9UIX3nMJzNBVMxGwHik9IGAMIq0weadvY4wEIIhOAesjAFOYbuJvD%2BH%2F3rGncwKRVrUIb03OuLCgWiz9bEh1XPD3pTkVfFA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
all.css
s.mynet.com.tr/rosetta/services/anasayfa/production/build//css/ 		70 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.mynet.com.tr/rosetta/services/anasayfa/production/build//css/all.css?id=5c5efaf32bfd38692237
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN / Mynet Team
Resource Hash
9b8b6c264f7962c6914f72061c60092057ccea26ef2f0e9fc8bed1598f683dc8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:38 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
age
16022
x-powered-by
Mynet Team
x-cache-status
HIT
x-cache
HIT 182
x-url
/rosetta/services/anasayfa/production/build//css/all.css?id=5c5efaf32bfd38692237
x-midtier
tr-ist-sh-s15
x-host
s.mynet.com.tr
cip
192.168.42.1
last-modified
Tue, 23 Jan 2024 09:19:10 GMT
server
MerlinCDN
etag
W/"65af848e-11700"
vary
Accept-Encoding, Accept-Encoding
allow
GET, HEAD, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
access-control-allow-headers
accept, authorization
funding-choices.js
s.mynet.com.tr/rosetta/services/anasayfa/production/build//js/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.mynet.com.tr/rosetta/services/anasayfa/production/build//js/funding-choices.js?id=8e597d733109cb3803de
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN / Mynet Team
Resource Hash
ca54da7405b66bd186a7f18e1b6fc69db4bdcbb3223552155bff97eba8a71867

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:38 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
age
106168
x-powered-by
Mynet Team
x-cache-status
HIT
x-cache
MISS 182
x-url
/rosetta/services/anasayfa/production/build//js/funding-choices.js?id=8e597d733109cb3803de
x-midtier
tr-izm-nt-s15
x-host
s.mynet.com.tr
cip
192.168.42.1
last-modified
Tue, 23 Jan 2024 09:19:10 GMT
server
MerlinCDN
etag
W/"65af848e-267d"
vary
Accept-Encoding, Accept-Encoding
allow
GET, HEAD, POST, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
access-control-allow-headers
accept, authorization
chartbeat_mab.js
static.chartbeat.com/js/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24ff:fa00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 19:18:27 GMT
content-encoding
gzip
via
1.1 fe93d00fe1df6fd9b66bf26ae685ebb4.cloudfront.net (CloudFront)
last-modified
Thu, 21 Dec 2023 01:18:23 GMT
server
nginx
x-amz-cf-pop
ATL58-P5
age
29171
etag
W/"6583925f-5f13"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
jr4oLJd9WabFwMlc2XSmbuDWgOJGaBSCV_8s1c-nFD8hvEPv3tSVeg==
expires
Sat, 27 Jan 2024 19:18:27 GMT
publishertag.js
static.criteo.net/js/ld/ 		127 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
828767fbeb1fd6669664e2017314c590e3ed617df4a258a6ad788f8328c37999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 18 Jan 2024 07:12:05 GMT
server
nginx
etag
W/"65a8cf45-1fcd8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 Jan 2024 03:24:38 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd3fffcf8090daf5007f4a1fca5b2cad3900f3b053c4f0022c2480fd9c6cbdb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29369
x-xss-protection
0
server
cafe
etag
60 / 19749 / m202401230101 / config-hash: 16415232170016434785
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 03:24:38 GMT
ads-manager.js
adl.mynetreklam.com/mynetads/ads-manager/ 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adl.mynetreklam.com/mynetads/ads-manager/ads-manager.js?id=51546de0e0db03ea6cd2cf8cc2def63c
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
d4186d66c3a74108f2ff4dc97f5a5173653f33a2909def5b1c8aafbeb15784bc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
MISS
cteonnt-length
77609
date
Sat, 27 Jan 2024 03:24:39 GMT
content-encoding
gzip
expires
Sun, 26 Jan 2025 03:15:17 GMT
last-modified
Wed, 17 Jan 2024 12:52:44 GMT
server
nginx
x-rocket-node
edge126.ist.tr.eu.rocketcdn.com
etag
"65a7cd9c-12f29"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
x-rocket-mastercachestatus
HIT
prebid.js
adl.mynetreklam.com/mynetads/ads-manager/ 		306 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adl.mynetreklam.com/mynetads/ads-manager/prebid.js?id=ae5756caa9dbe261a65e634025c0e052
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
f136c2b2f7a9c50314ed05dab812fadd13729c2ce2fe4bbf329997b4b2ea8eab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
MISS
cteonnt-length
313036
date
Sat, 27 Jan 2024 03:24:39 GMT
content-encoding
gzip
expires
Sun, 26 Jan 2025 03:24:39 GMT
last-modified
Wed, 17 Jan 2024 12:52:44 GMT
server
nginx
x-rocket-node
edge126.ist.tr.eu.rocketcdn.com
etag
"65a7cd9c-4c6cc"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
x-rocket-mastercachestatus
MISS
mynet-logo.png
img7.mynet.com.tr/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/mynet-logo.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
a5440147c494bb87fa48e4591f10c8ab73e6bde14482823a8cc14f3743e88cba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Sat, 27 Jan 2024 03:24:39 GMT
expires
Sun, 26 Jan 2025 03:24:39 GMT
last-modified
Wed, 20 May 2015 12:09:33 GMT
server
nginx
x-rocket-node
edge126.ist.tr.eu.rocketcdn.com
etag
"555c797d-12fe"
content-type
image/png
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4862
x-rocket-mastercachestatus
HIT
goolgle-play-icon.png
img7.mynet.com.tr/footer/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/footer/goolgle-play-icon.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
acb947e2eebaa33f79022a4f09c62a2aa2fe66d14bbe5b3e526496e79e2e7bc6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Sat, 27 Jan 2024 03:24:39 GMT
expires
Sun, 26 Jan 2025 03:24:39 GMT
last-modified
Tue, 05 Jul 2022 11:45:26 GMT
server
nginx
x-rocket-node
edge126.ist.tr.eu.rocketcdn.com
etag
"62c42456-1c4a"
content-type
image/png
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7242
x-rocket-mastercachestatus
HIT
app-store-icon.png
img7.mynet.com.tr/footer/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/footer/app-store-icon.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
b811bba243402dd0f4e387efc1134be758728283b481cce3deb139d868245010

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Sat, 27 Jan 2024 03:24:39 GMT
expires
Sun, 26 Jan 2025 03:24:39 GMT
last-modified
Tue, 05 Jul 2022 11:45:26 GMT
server
nginx
x-rocket-node
edge126.ist.tr.eu.rocketcdn.com
etag
"62c42456-1282"
content-type
image/png
x-rocket-masternode
cache117.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4738
x-rocket-mastercachestatus
HIT
huawei-app-gallery-icon.png
img7.mynet.com.tr/footer/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/footer/huawei-app-gallery-icon.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
4b13b8918cbdfebdbc7727fdb82a83fdd77465b002501f6d718ee871b16fe9c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Sat, 27 Jan 2024 03:24:39 GMT
expires
Sun, 26 Jan 2025 03:24:39 GMT
last-modified
Tue, 05 Jul 2022 11:45:26 GMT
server
nginx
x-rocket-node
edge126.ist.tr.eu.rocketcdn.com
etag
"62c42456-2e3e"
content-type
image/png
x-rocket-masternode
cache117.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11838
x-rocket-mastercachestatus
HIT
footer-icon-facebook.svg
img7.mynet.com.tr/footer/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/footer/footer-icon-facebook.svg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
a1a635df2e37f2e83ef80aab643358014182d71b79a676edbc0f8e8b9074033b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Sat, 27 Jan 2024 03:24:39 GMT
expires
Sun, 26 Jan 2025 03:24:39 GMT
last-modified
Tue, 05 Jul 2022 11:45:16 GMT
server
nginx
x-rocket-node
edge126.ist.tr.eu.rocketcdn.com
etag
"62c4244c-4a7"
content-type
image/svg+xml
x-rocket-masternode
cache117.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1191
x-rocket-mastercachestatus
HIT
footer-icon-twitter.svg
img7.mynet.com.tr/footer/ 		779 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/footer/footer-icon-twitter.svg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
830a5f83a7785740c7a163718c599b5a3391bcd697046f382970d016ccf471c3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Sat, 27 Jan 2024 03:24:39 GMT
expires
Sun, 26 Jan 2025 03:24:39 GMT
last-modified
Tue, 05 Jul 2022 11:45:17 GMT
server
nginx
x-rocket-node
edge126.ist.tr.eu.rocketcdn.com
etag
"62c4244d-30b"
content-type
image/svg+xml
x-rocket-masternode
cache117.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
779
x-rocket-mastercachestatus
HIT
footer-icon-instagram.svg
img7.mynet.com.tr/footer/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/footer/footer-icon-instagram.svg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
b652c7af4cda3d8395a637b1b9f615ef6ec3c6dea7c73cd70393ab5a054eb69b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Sat, 27 Jan 2024 03:24:39 GMT
expires
Sun, 26 Jan 2025 03:24:39 GMT
last-modified
Tue, 05 Jul 2022 11:45:17 GMT
server
nginx
x-rocket-node
edge126.ist.tr.eu.rocketcdn.com
etag
"62c4244d-62d"
content-type
image/svg+xml
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1581
x-rocket-mastercachestatus
HIT
footer-icon-linkedin.svg
img7.mynet.com.tr/footer/ 		582 B
888 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/footer/footer-icon-linkedin.svg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
85ed4284f4265536d1ee7cf85771a133ee662fa6d3b8654f72cae4ed7c3efd42

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Sat, 27 Jan 2024 03:24:39 GMT
expires
Sun, 26 Jan 2025 03:24:39 GMT
last-modified
Tue, 05 Jul 2022 11:45:16 GMT
server
nginx
x-rocket-node
edge126.ist.tr.eu.rocketcdn.com
etag
"62c4244c-246"
content-type
image/svg+xml
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
582
x-rocket-mastercachestatus
HIT
footer-icon-youtube.svg
img7.mynet.com.tr/footer/ 		642 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/footer/footer-icon-youtube.svg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
16519f02cd04c7d61dd738385238629dd5d90a7137468c88bfd31c4ea8c77fb9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Sat, 27 Jan 2024 03:24:39 GMT
expires
Sun, 26 Jan 2025 03:24:39 GMT
last-modified
Tue, 05 Jul 2022 11:45:17 GMT
server
nginx
x-rocket-node
edge126.ist.tr.eu.rocketcdn.com
etag
"62c4244d-282"
content-type
image/svg+xml
x-rocket-masternode
cache117.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
642
x-rocket-mastercachestatus
HIT
16502184-182x182.png
imgrosetta.mynet.com.tr/file/16502184/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16502184/16502184-182x182.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
fe4088d4b42b8e852bf0de960f1d674581e3a58205e9b8e5a107cc0cf64710bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
age
5758588
x-midtier
tr-ist-sh-s03
x-cache-status
HIT
xurl
/file/16502184/16502184-182x182.png
content-length
1664
last-modified
Tue, 21 Nov 2023 09:02:13 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525024-182x182.png
imgrosetta.mynet.com.tr/file/16525024/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525024/16525024-182x182.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
a82ae3ccbc347d2d0ae12acff505162fc136433c44220d660af7c196f89e9824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
age
5758588
x-midtier
tr-ist-sh-s03
x-cache-status
HIT
xurl
/file/16525024/16525024-182x182.png
content-length
1298
last-modified
Tue, 21 Nov 2023 09:04:27 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525035-182x182.png
imgrosetta.mynet.com.tr/file/16525035/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525035/16525035-182x182.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
1a15b9f9cdecef5ac547b83ba2a25604adce447ed6bc62945b4c6111eeff9f86

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
age
5758588
x-midtier
nl-naw-ws-s08
x-cache-status
HIT
xurl
/file/16525035/16525035-182x182.png
content-length
1866
last-modified
Tue, 21 Nov 2023 09:02:13 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525126-182x182.png
imgrosetta.mynet.com.tr/file/16525126/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525126/16525126-182x182.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
4f9c0b644bad659bf548fd90c92dde166a731890ea5866ccb4ebab50fb3fcaed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
age
5758588
x-midtier
tr-ist-shy-s01
x-cache-status
HIT
xurl
/file/16525126/16525126-182x182.png
content-length
4304
last-modified
Sun, 19 Nov 2023 06:21:47 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525134-182x182.png
imgrosetta.mynet.com.tr/file/16525134/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525134/16525134-182x182.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
03f176d100a509e97621f940aad0d2a6daabe13037d2d10dfef03d69e0c92753

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Mon, 20 Nov 2023 11:09:10 GMT
server
MerlinCDN
age
5758588
x-midtier
de-fra-lea-s01
x-cache-status
HIT
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4344
16610245-182x182.jpg
imgrosetta.mynet.com.tr/file/16610245/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16610245/16610245-182x182.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
be29cfb407bc4e24051d062066348ce8d2a2e1d73f444a74e7475cfe874e61a7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
age
5758588
x-midtier
tr-ist-sh-s03
x-cache-status
HIT
xurl
/file/16610245/16610245-182x182.jpg
content-length
3830
last-modified
Tue, 21 Nov 2023 09:02:13 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525419-182x182.png
imgrosetta.mynet.com.tr/file/16525419/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525419/16525419-182x182.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
9b7ac554e776d024e32a0654ebb72450659ba1d9eea30417cb895d5b9c9df6aa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
age
5758588
x-midtier
tr-ist-shy-s03
x-cache-status
HIT
xurl
/file/16525419/16525419-182x182.png
content-length
9030
last-modified
Mon, 20 Nov 2023 11:09:23 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525233-182x182.png
imgrosetta.mynet.com.tr/file/16525233/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525233/16525233-182x182.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
bbc5041579b574064ba464d1c4e572b82b29e8cab0dfc71bd0a793d459576452

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
age
5758588
x-midtier
tr-ist-shy-s01
x-cache-status
HIT
xurl
/file/16525233/16525233-182x182.png
content-length
6314
last-modified
Mon, 20 Nov 2023 11:09:23 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525218-182x182.png
imgrosetta.mynet.com.tr/file/16525218/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525218/16525218-182x182.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
bfeb517d0e6a70708458568a22d6324948620da4b5300c4ade4745a44fbb3b7b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
age
5758588
x-midtier
de-fra-lea-s01
x-cache-status
HIT
xurl
/file/16525218/16525218-182x182.png
content-length
5586
last-modified
Mon, 20 Nov 2023 11:09:23 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525201-182x182.png
imgrosetta.mynet.com.tr/file/16525201/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525201/16525201-182x182.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
4750994865d74cad784e2ec6afd323ec8255a8fd8f02f236eb115e8e2bb47414

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
age
5758588
x-midtier
tr-ist-shy-s01
x-cache-status
HIT
xurl
/file/16525201/16525201-182x182.png
content-length
7708
last-modified
Mon, 20 Nov 2023 11:08:52 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525156-182x182.png
imgrosetta.mynet.com.tr/file/16525156/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525156/16525156-182x182.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
925c732f1e1b3fe1bd3f2e8e2eead6f9110784c1efe9a866bc33529ce85605e6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
age
5758588
x-midtier
tr-ist-shy-s03
x-cache-status
HIT
xurl
/file/16525156/16525156-182x182.png
content-length
6288
last-modified
Mon, 20 Nov 2023 11:09:23 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525157-182x182.png
imgrosetta.mynet.com.tr/file/16525157/ 		894 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525157/16525157-182x182.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
df4158b26fd967828e058b3c5e3248b24a2323c6cb53fa52382a73aae489612f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
age
5758588
x-midtier
tr-izm-nt-s16
x-cache-status
HIT
xurl
/file/16525157/16525157-182x182.png
content-length
894
last-modified
Mon, 20 Nov 2023 11:09:23 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525225-182x182.png
imgrosetta.mynet.com.tr/file/16525225/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525225/16525225-182x182.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
c5f39c5f92ffbbd5bb3052a029d608560c31e04bef6b59e2d95bb4c6afe11794

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
age
5758588
x-midtier
nl-naw-ws-s08
x-cache-status
HIT
xurl
/file/16525225/16525225-182x182.png
content-length
5022
last-modified
Mon, 20 Nov 2023 11:09:23 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525170-182x182.png
imgrosetta.mynet.com.tr/file/16525170/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525170/16525170-182x182.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
5baf9227251bca529ade2d7defc1433aecc69f7fb66abe6db9f978631fe3ce1d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
age
5758588
x-midtier
de-fra-lea-s01
x-cache-status
HIT
xurl
/file/16525170/16525170-182x182.png
content-length
10378
last-modified
Mon, 20 Nov 2023 11:09:23 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525219-182x182.png
imgrosetta.mynet.com.tr/file/16525219/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525219/16525219-182x182.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
54e45670c0d4a16548720e3cb5b0c4bcc9dc10b46a987a60f6a582915c6cfdf4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
age
5758588
x-midtier
de-fra-dp-s02
x-cache-status
HIT
xurl
/file/16525219/16525219-182x182.png
content-length
4528
last-modified
Mon, 20 Nov 2023 11:09:11 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525228-182x182.png
imgrosetta.mynet.com.tr/file/16525228/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525228/16525228-182x182.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
895d1281c0fe9c342eccbd0d30b2766f567bac2be840f40e2fe91c38858a4dcb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
age
5758588
x-midtier
nl-naw-ws-s08
x-cache-status
HIT
xurl
/file/16525228/16525228-182x182.png
content-length
5076
last-modified
Mon, 20 Nov 2023 11:09:23 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525234-182x182.png
imgrosetta.mynet.com.tr/file/16525234/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525234/16525234-182x182.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
0f4a047d2d4276ef16799a4ae590d3753bfe740c307f81df0a1b1d667c40b736

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
via
HTTP/2.0 Merlin CDN
age
1
x-midtier
tr-izm-nt-s15
x-cache-status
MISS
xurl
/file/16525234/16525234-182x182.png
content-length
4922
last-modified
Sat, 27 Jan 2024 03:24:39 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525235-182x182.png
imgrosetta.mynet.com.tr/file/16525235/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525235/16525235-182x182.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
e72b1a7791a6a89e8cbef367a7eeb744bfbcf2098076e560215cf391da3b460e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
via
HTTP/2.0 Merlin CDN
age
0
x-midtier
de-fra-dp-s02
x-cache-status
MISS
xurl
/file/16525235/16525235-182x182.png
content-length
9644
last-modified
Fri, 26 Jan 2024 22:40:13 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525245-182x182.png
imgrosetta.mynet.com.tr/file/16525245/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525245/16525245-182x182.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
ca72f7517a3025fd4ad2e42c5e6b309b7d9c206742e04f695263c1e8522b3513

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
age
0
x-midtier
tr-ist-sh-s14
x-cache-status
HIT
xurl
/file/16525245/16525245-182x182.png
content-length
4792
last-modified
Fri, 26 Jan 2024 22:40:13 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16941704-960x200.jpg
imgrosetta.mynet.com.tr/file/16941704/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16941704/16941704-960x200.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
b04f62243c642157a9de155351f9d3639969dd2c4c01de67a26bf96566750681

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:38 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 14:36:03 GMT
server
MerlinCDN
age
0
x-midtier
de-fra-dp-s02
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
27102
16941309-320x180.jpg
imgrosetta.mynet.com.tr/file/16941309/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16941309/16941309-320x180.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
705f78a3e8fae21fd33949b2cf4d27cd0952e6e26b02008fcfed07ea69fc541f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:38 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 13:52:20 GMT
server
MerlinCDN
age
0
x-midtier
tr-izm-nt-s15
x-cache-status
MISS
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4436
16941116-320x180.jpg
imgrosetta.mynet.com.tr/file/16941116/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16941116/16941116-320x180.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
a62ef51520a05baeaab1defd1bdc9a8aac33f00e4bf6af50dc4872c7e1cf7e21

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:38 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 13:27:24 GMT
server
MerlinCDN
age
0
x-midtier
tr-ist-shy-s03
x-cache-status
MISS
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
10286
16940504-320x180.jpg
imgrosetta.mynet.com.tr/file/16940504/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16940504/16940504-320x180.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
76a0cef65b91884f2fc208ebc599c6693755ea98a5c4cf96d0c77e1f35fff412

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:38 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 12:04:28 GMT
server
MerlinCDN
age
0
x-midtier
nl-naw-ws-s08
x-cache-status
MISS
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9612
16761525-320x180.jpg
imgrosetta.mynet.com.tr/file/16761525/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16761525/16761525-320x180.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
860becd8f262c4ac54a520551bf669ac2a8dd2bb91e9f55548e2deb30e877ba6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:38 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 21 Mar 2023 04:40:06 GMT
server
MerlinCDN
age
0
x-midtier
tr-ist-sh-s15
x-cache-status
MISS
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3000
16941151-640x480.jpg
imgrosetta.mynet.com.tr/file/16941151/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16941151/16941151-640x480.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
9db1ce7488682bc1d31de275e811269e544697f4612e8cbead0f78f667e4fdd8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:38 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 13:59:37 GMT
server
MerlinCDN
age
0
x-midtier
tr-ist-shy-s01
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
50862
16940567-50x50.jpg
imgrosetta.mynet.com.tr/file/16940567/ 		734 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16940567/16940567-50x50.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
14240ce58e4a8c0a5ccb80529d63f0f6b3ff40ffde43e6c3ec6bec4e95d966b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 12:54:47 GMT
server
MerlinCDN
age
0
x-midtier
nl-naw-ws-s08
x-cache-status
MISS
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
734
16941515-50x50.jpg
imgrosetta.mynet.com.tr/file/16941515/ 		794 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16941515/16941515-50x50.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
8686eebd0bb820ad8dcde3c11ff92a614641f1f4cf2d233e903d341a18823204

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 14:19:35 GMT
server
MerlinCDN
age
0
x-midtier
tr-izm-nt-s15
x-cache-status
MISS
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
794
16940512-50x50.jpg
imgrosetta.mynet.com.tr/file/16940512/ 		658 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16940512/16940512-50x50.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
49aaaced371e37547be2c1c11d111beb962cf2baef824954a4069c8f3ccbc7dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 12:07:27 GMT
server
MerlinCDN
age
0
x-midtier
tr-ist-shy-s01
x-cache-status
MISS
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
658
16940840-50x50.jpg
imgrosetta.mynet.com.tr/file/16940840/ 		808 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16940840/16940840-50x50.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
d3fa6a0001bbe5bb523b2ce5cc489f09cda290eff30ea93a9ac33a338205c32b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 13:06:20 GMT
server
MerlinCDN
age
0
x-midtier
de-fra-lea-s01
x-cache-status
MISS
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
808
16940437-50x50.jpg
imgrosetta.mynet.com.tr/file/16940437/ 		670 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16940437/16940437-50x50.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
61c19e1fc4613677b53ca3996111d2df798786a02f712c811cae4e04eebd3fce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 11:59:49 GMT
server
MerlinCDN
age
0
x-midtier
tr-ist-shy-s03
x-cache-status
MISS
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
670
16941079-50x50.jpg
imgrosetta.mynet.com.tr/file/16941079/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16941079/16941079-50x50.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
e33ecd361c65ce9e5832859f1870de5516a65918bedf7b0897f74fe9d9d9c5ca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 13:26:43 GMT
server
MerlinCDN
age
0
x-midtier
tr-ist-shy-s03
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1050
16937681-50x50.jpg
imgrosetta.mynet.com.tr/file/16937681/ 		972 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16937681/16937681-50x50.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
37898befed06ec2091ab7a5bae371e7859e9e063b10decfed5bc3c6b1ae212f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 06:16:43 GMT
server
MerlinCDN
age
0
x-midtier
tr-ist-sh-s14
x-cache-status
MISS
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
972
16941472-50x50.jpg
imgrosetta.mynet.com.tr/file/16941472/ 		722 B
997 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16941472/16941472-50x50.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
9c15db234ed83ecb86b0f195a31a7ade2326f7e0bf70c2109c9e44e4944e741f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 14:11:09 GMT
server
MerlinCDN
age
0
x-midtier
tr-ist-shy-s01
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
722
16939762-50x50.jpg
imgrosetta.mynet.com.tr/file/16939762/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16939762/16939762-50x50.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
45a56a8f0e8448108990ac41fb0b66edfb1a0b0ca58197e7966d97a598c896f3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 10:29:06 GMT
server
MerlinCDN
age
0
x-midtier
tr-ist-sh-s14
x-cache-status
MISS
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1102
16937269-50x50.jpg
imgrosetta.mynet.com.tr/file/16937269/ 		712 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16937269/16937269-50x50.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
450513e41b24681b566b69cb1b8bbd8db946f0eb5cf7281fefaebdb5b8be3c33

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 06:08:32 GMT
server
MerlinCDN
age
1
x-midtier
tr-ist-sh-s14
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
712
16939589-50x50.jpg
imgrosetta.mynet.com.tr/file/16939589/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16939589/16939589-50x50.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
b4490b9d78fdf93f085ca22b2678d67df9de7a3c497885e6087761f26d204bdc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 10:14:23 GMT
server
MerlinCDN
age
0
x-midtier
de-fra-dp-s02
x-cache-status
MISS
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1288
16937550-50x50.jpg
imgrosetta.mynet.com.tr/file/16937550/ 		740 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16937550/16937550-50x50.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
40286952645aab5649fca9c2577f51aa78e4fdf91621f0018c02e34b2ab5aec4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 05:23:02 GMT
server
MerlinCDN
age
0
x-midtier
de-fra-dp-s02
x-cache-status
MISS
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
740
16939567-50x50.jpg
imgrosetta.mynet.com.tr/file/16939567/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16939567/16939567-50x50.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
999f1cc5cfbf6cddc426d2381ddc6c5e33ac58ed1ecbb677e1586956ced9bb70

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 10:22:16 GMT
server
MerlinCDN
age
0
x-midtier
tr-ist-sh-s15
x-cache-status
MISS
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1040
16941150-50x50.jpg
imgrosetta.mynet.com.tr/file/16941150/ 		670 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16941150/16941150-50x50.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
57d9785952ab5b73d421569dfafe39bf3143d4fb52abc19fe681c20ebba9a30d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 13:48:42 GMT
server
MerlinCDN
age
0
x-midtier
tr-ist-shy-s01
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
670
16940334-50x50.jpg
imgrosetta.mynet.com.tr/file/16940334/ 		920 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16940334/16940334-50x50.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
81d1890c21fabc0c4cd5a7c4507e30e8d4dfbaaf55234be94aca0fc34c711d0b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 11:45:15 GMT
server
MerlinCDN
age
0
x-midtier
tr-ist-sh-s15
x-cache-status
MISS
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
920
16938832-50x50.jpg
imgrosetta.mynet.com.tr/file/16938832/ 		826 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16938832/16938832-50x50.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
545a8e29cad37a8eaf4da20d81c90a423c34585df265e78ac39959476d36d005

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 08:32:56 GMT
server
MerlinCDN
age
0
x-midtier
tr-ist-sh-s14
x-cache-status
MISS
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
826
16932675-50x50.jpg
imgrosetta.mynet.com.tr/file/16932675/ 		982 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16932675/16932675-50x50.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
63c883386442213e5f1742f75ed55016563eb44eb9011db2988de2b96afec237

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Mon, 24 Apr 2023 07:18:04 GMT
server
MerlinCDN
age
0
x-midtier
tr-ist-sh-s14
x-cache-status
MISS
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
982
16938882-50x50.jpg
imgrosetta.mynet.com.tr/file/16938882/ 		730 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16938882/16938882-50x50.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
cc60f24889ab5a265e365fae995bd94953d08b1e20efb7283461923b68d923ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 08:30:41 GMT
server
MerlinCDN
age
0
x-midtier
tr-ist-shy-s03
x-cache-status
MISS
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
730
16938388-50x50.jpg
imgrosetta.mynet.com.tr/file/16938388/ 		692 B
968 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16938388/16938388-50x50.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
650414e044fef66b3f67c4053d73e56f025ffd7ab7538382070f0da1409fcd9a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 07:48:11 GMT
server
MerlinCDN
age
0
x-midtier
nl-naw-ws-s08
x-cache-status
MISS
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
692
16938687-50x50.jpg
imgrosetta.mynet.com.tr/file/16938687/ 		782 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16938687/16938687-50x50.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
cd1229c3c8ff5e3ea1855145e7491b244ddc9cfa17887cb8ab7036181b1215ca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 08:12:01 GMT
server
MerlinCDN
age
0
x-midtier
de-fra-dp-s02
x-cache-status
MISS
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
782
16939249-320x180.jpg
imgrosetta.mynet.com.tr/file/16939249/ 		670 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16939249/16939249-320x180.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
be31671458ccb62ec81327fcea50613b2b45a5642ea938782e14cbba6c4c9264

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 25 Apr 2023 10:29:14 GMT
server
MerlinCDN
age
0
x-midtier
tr-ist-shy-s03
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
670
192x108.jpg
imgmyntv.mynet.com/images/8198400/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f31302f383139383430302f312e6a70673f76657273696f6e3d323032332d30342d32352031363a30303a3032/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgmyntv.mynet.com/images/8198400/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f31302f383139383430302f312e6a70673f76657273696f6e3d323032332d30342d32352031363a30303a3032/192x108.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx / Mynet Team
Resource Hash
ff0c7736eae96e8fa5d35871a5530833c0b0eba4ded324d4d8bef20c1701e03d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
MISS
date
Sat, 27 Jan 2024 03:24:39 GMT
x-powered-by
Mynet Team
x-cache
MISS 66.41
x-url
/images/8198400/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f31302f383139383430302f312e6a70673f76657273696f6e3d323032332d30342d32352031363a30303a3032/192x108.jpg
x-host
imgmyntvcdn.mynet.com
content-length
3620
x-rocket-mastercachestatus
HIT
last-modified
Fri, 26 Jan 2024 22:40:12 GMT
server
nginx
x-rocket-node
edge131.ist.tr.eu.rocketcdn.com
content-type
image/jpeg
access-control-allow-origin
*
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
accept, authorization
expires
Sun, 26 Jan 2025 03:24:39 GMT
192x108.jpg
imgmyntv.mynet.com/images/8198375/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3137352f383139383337352f312e6a70673f76657273696f6e3d323032332d30342d32352031323a32303a3234/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgmyntv.mynet.com/images/8198375/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3137352f383139383337352f312e6a70673f76657273696f6e3d323032332d30342d32352031323a32303a3234/192x108.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx / Mynet Team
Resource Hash
ee6183ab6be9da0fdefb8052d6d4574f6886401cc325dafe2ac8dd119a30b9b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
MISS
date
Sat, 27 Jan 2024 03:24:39 GMT
x-powered-by
Mynet Team
x-cache
MISS 66.41
x-url
/images/8198375/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3137352f383139383337352f312e6a70673f76657273696f6e3d323032332d30342d32352031323a32303a3234/192x108.jpg
x-host
imgmyntvcdn.mynet.com
content-length
1341
x-rocket-mastercachestatus
HIT
last-modified
Fri, 26 Jan 2024 22:40:12 GMT
server
nginx
x-rocket-node
edge131.ist.tr.eu.rocketcdn.com
content-type
image/jpeg
access-control-allow-origin
*
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
accept, authorization
expires
Sun, 26 Jan 2025 03:24:39 GMT
192x108.jpg
imgmyntv.mynet.com/images/8198367/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3136372f383139383336372f312e6a70673f76657273696f6e3d323032332d30342d32352031303a35343a3031/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgmyntv.mynet.com/images/8198367/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3136372f383139383336372f312e6a70673f76657273696f6e3d323032332d30342d32352031303a35343a3031/192x108.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx / Mynet Team
Resource Hash
0ba8dd1271630b11abc53a8aafbbc2ad15402ca40a99ce1749e4a6ddd0d32805

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
MISS
date
Sat, 27 Jan 2024 03:24:39 GMT
x-powered-by
Mynet Team
x-cache
MISS 66.41
x-url
/images/8198367/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3136372f383139383336372f312e6a70673f76657273696f6e3d323032332d30342d32352031303a35343a3031/192x108.jpg
x-host
imgmyntvcdn.mynet.com
content-length
3183
x-rocket-mastercachestatus
HIT
last-modified
Fri, 26 Jan 2024 22:40:12 GMT
server
nginx
x-rocket-node
edge131.ist.tr.eu.rocketcdn.com
content-type
image/jpeg
access-control-allow-origin
*
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
accept, authorization
expires
Sun, 26 Jan 2025 03:24:39 GMT
192x108.jpg
imgmyntv.mynet.com/images/8198364/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3136342f383139383336342f312e6a70673f76657273696f6e3d323032332d30342d32352031303a35333a3031/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgmyntv.mynet.com/images/8198364/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3136342f383139383336342f312e6a70673f76657273696f6e3d323032332d30342d32352031303a35333a3031/192x108.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx / Mynet Team
Resource Hash
43c93b68643ec0d35801b2d8b770734d1ab9d6bbf4accc1a25f7769d11d01b29

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
MISS
date
Sat, 27 Jan 2024 03:24:39 GMT
x-powered-by
Mynet Team
x-cache
MISS 66.41
x-url
/images/8198364/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3136342f383139383336342f312e6a70673f76657273696f6e3d323032332d30342d32352031303a35333a3031/192x108.jpg
x-host
imgmyntvcdn.mynet.com
content-length
3731
x-rocket-mastercachestatus
HIT
last-modified
Fri, 26 Jan 2024 22:40:12 GMT
server
nginx
x-rocket-node
edge131.ist.tr.eu.rocketcdn.com
content-type
image/jpeg
access-control-allow-origin
*
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
accept, authorization
expires
Sun, 26 Jan 2025 03:24:39 GMT
192x108.jpg
imgmyntv.mynet.com/images/8198363/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3136332f383139383336332f312e6a70673f76657273696f6e3d323032332d30342d32352031303a34313a3032/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgmyntv.mynet.com/images/8198363/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3136332f383139383336332f312e6a70673f76657273696f6e3d323032332d30342d32352031303a34313a3032/192x108.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx / Mynet Team
Resource Hash
9ada0f1c08c6e818b4287101844436a50df24b58a743aeeb827b6d9f461126c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
MISS
date
Sat, 27 Jan 2024 03:24:39 GMT
x-powered-by
Mynet Team
x-cache
MISS 66.41
x-url
/images/8198363/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3136332f383139383336332f312e6a70673f76657273696f6e3d323032332d30342d32352031303a34313a3032/192x108.jpg
x-host
imgmyntvcdn.mynet.com
content-length
5838
x-rocket-mastercachestatus
HIT
last-modified
Fri, 26 Jan 2024 22:40:12 GMT
server
nginx
x-rocket-node
edge131.ist.tr.eu.rocketcdn.com
content-type
image/jpeg
access-control-allow-origin
*
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
accept, authorization
expires
Sun, 26 Jan 2025 03:24:39 GMT
192x108.jpg
imgmyntv.mynet.com/images/8198354/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3135342f383139383335342f312e6a70673f76657273696f6e3d323032332d30342d32352030393a31303a3032/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgmyntv.mynet.com/images/8198354/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3135342f383139383335342f312e6a70673f76657273696f6e3d323032332d30342d32352030393a31303a3032/192x108.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx / Mynet Team
Resource Hash
0b3cb59a25f05b0280818127f46f01ac0f9ae22c8a5a9ecdac9b4c6e30b9f35e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
MISS
date
Sat, 27 Jan 2024 03:24:39 GMT
x-powered-by
Mynet Team
x-cache
MISS 66.41
x-url
/images/8198354/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3135342f383139383335342f312e6a70673f76657273696f6e3d323032332d30342d32352030393a31303a3032/192x108.jpg
x-host
imgmyntvcdn.mynet.com
content-length
6024
x-rocket-mastercachestatus
HIT
last-modified
Fri, 26 Jan 2024 22:40:12 GMT
server
nginx
x-rocket-node
edge131.ist.tr.eu.rocketcdn.com
content-type
image/jpeg
access-control-allow-origin
*
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
accept, authorization
expires
Sun, 26 Jan 2025 03:24:39 GMT
192x108.jpg
imgmyntv.mynet.com/images/8198342/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3134322f383139383334322f312e6a70673f76657273696f6e3d323032332d30342d32352030383a33333a3032/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgmyntv.mynet.com/images/8198342/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3134322f383139383334322f312e6a70673f76657273696f6e3d323032332d30342d32352030383a33333a3032/192x108.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx / Mynet Team
Resource Hash
e16851eb4d6890fa1ea32ba17f901324ae7209fae117df5382fccb60c9efee63

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
MISS
date
Sat, 27 Jan 2024 03:24:39 GMT
x-powered-by
Mynet Team
x-cache
MISS 66.41
x-url
/images/8198342/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3134322f383139383334322f312e6a70673f76657273696f6e3d323032332d30342d32352030383a33333a3032/192x108.jpg
x-host
imgmyntvcdn.mynet.com
content-length
2172
x-rocket-mastercachestatus
HIT
last-modified
Fri, 26 Jan 2024 22:40:12 GMT
server
nginx
x-rocket-node
edge131.ist.tr.eu.rocketcdn.com
content-type
image/jpeg
access-control-allow-origin
*
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
accept, authorization
expires
Sun, 26 Jan 2025 03:24:39 GMT
192x108.jpg
imgmyntv.mynet.com/images/8198338/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3133382f383139383333382f312e6a70673f76657273696f6e3d323032332d30342d32352030383a32363a3031/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgmyntv.mynet.com/images/8198338/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3133382f383139383333382f312e6a70673f76657273696f6e3d323032332d30342d32352030383a32363a3031/192x108.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx / Mynet Team
Resource Hash
18a840c1cbe2c8666325ff8f5c12484ec8e79cbcb5ec861ecfd72bda6f953230

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
MISS
date
Sat, 27 Jan 2024 03:24:39 GMT
x-powered-by
Mynet Team
x-cache
MISS 66.41
x-url
/images/8198338/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3133382f383139383333382f312e6a70673f76657273696f6e3d323032332d30342d32352030383a32363a3031/192x108.jpg
x-host
imgmyntvcdn.mynet.com
content-length
4967
x-rocket-mastercachestatus
HIT
last-modified
Fri, 26 Jan 2024 22:40:12 GMT
server
nginx
x-rocket-node
edge131.ist.tr.eu.rocketcdn.com
content-type
image/jpeg
access-control-allow-origin
*
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
accept, authorization
expires
Sun, 26 Jan 2025 03:24:39 GMT
192x108.jpg
imgmyntv.mynet.com/images/8198334/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3133342f383139383333342f312e6a70673f76657273696f6e3d323032332d30342d32352030383a31333a3032/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgmyntv.mynet.com/images/8198334/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3133342f383139383333342f312e6a70673f76657273696f6e3d323032332d30342d32352030383a31333a3032/192x108.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx / Mynet Team
Resource Hash
eafd87520de9a62ab2a8752e6f71da7ef0f007f76a7c929ca04a4f2f9ee47de2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
MISS
date
Sat, 27 Jan 2024 03:24:39 GMT
x-powered-by
Mynet Team
x-cache
MISS 66.41
x-url
/images/8198334/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3133342f383139383333342f312e6a70673f76657273696f6e3d323032332d30342d32352030383a31333a3032/192x108.jpg
x-host
imgmyntvcdn.mynet.com
content-length
3648
x-rocket-mastercachestatus
HIT
last-modified
Fri, 26 Jan 2024 22:40:12 GMT
server
nginx
x-rocket-node
edge131.ist.tr.eu.rocketcdn.com
content-type
image/jpeg
access-control-allow-origin
*
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
accept, authorization
expires
Sun, 26 Jan 2025 03:24:39 GMT
192x108.jpg
imgmyntv.mynet.com/images/8198326/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3132362f383139383332362f312e6a70673f76657273696f6e3d323032332d30342d32352030383a30323a3032/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgmyntv.mynet.com/images/8198326/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3132362f383139383332362f312e6a70673f76657273696f6e3d323032332d30342d32352030383a30323a3032/192x108.jpg
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx / Mynet Team
Resource Hash
74e69698b41d638f93198a599d0e853ffa3c70e9f421063028aab0dba8cdf15b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
MISS
date
Sat, 27 Jan 2024 03:24:39 GMT
x-powered-by
Mynet Team
x-cache
MISS 66.41
x-url
/images/8198326/687474703a2f2f7669333263646e2e6d796e65742e636f6d2f766964656f2f3132392f3132362f383139383332362f312e6a70673f76657273696f6e3d323032332d30342d32352030383a30323a3032/192x108.jpg
x-host
imgmyntvcdn.mynet.com
content-length
4883
x-rocket-mastercachestatus
HIT
last-modified
Fri, 26 Jan 2024 22:40:12 GMT
server
nginx
x-rocket-node
edge131.ist.tr.eu.rocketcdn.com
content-type
image/jpeg
access-control-allow-origin
*
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
accept, authorization
expires
Sun, 26 Jan 2025 03:24:39 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.16/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77616
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5480
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 05:51:03 GMT
gtm.js
www.googletagmanager.com/ 		297 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TTQ2B72
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e00d38903a23f4005c9c12b16e8af8e8ae4b4fca2af8a0fc39cced3de3281d5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94991
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 Jan 2024 03:24:39 GMT
newsroom.js
c2.taboola.com/nr/mynetnewtr-mynet/ 		70 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c2.taboola.com/nr/mynetnewtr-mynet/newsroom.js
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a42a04355bd43398fb68db0a21fd5d42bd472fa4942ddb1587d6ac1ab8f8e873

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 varnish
date
Sat, 27 Jan 2024 03:24:39 GMT
x-amz-request-id
W75VS1F4VKQ20DWA
age
90
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
18162
x-amz-id-2
ALtY/yKhxts03S1YgKTrxEf5ZKWmCQ5YvphSDP0CuZ0ek9lnmssavAd/OyPhczi6HylFor37e0o=
x-served-by
cache-lga21946-LGA
last-modified
Fri, 17 Nov 2023 11:53:46 GMT
server
AmazonS3
x-timer
S1706325880.751168,VS0,VE1
etag
"89df9563bd08d6769f420ee94063b61f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
x-cache-hits
1
loader.js
cdn.taboola.com/libtrc/mynetnewtr-mynet/ 		654 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/mynetnewtr-mynet/loader.js
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4cddeb9d6db2c3743f14a9fb3ef986c8db4ad16cc7c664efcf5120639d3dd236

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
e77qOIyb9LNx_a44bUCDvNJoMZ8aNYPt
content-encoding
gzip
via
1.1 varnish
date
Sat, 27 Jan 2024 03:24:39 GMT
x-amz-request-id
H9FQFTT9CDCP5PBV
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
38475
x-amz-id-2
04cCCu3awLuQwaeK3VNO+HRvxPRgJHiu4jCOZGtcSB4DdLQav0gh9kfi3hp8ZzZTSCFsutwcj/A=
x-served-by
cache-lga21929-LGA
last-modified
Thu, 25 Jan 2024 12:51:21 GMT
server
AmazonS3
x-timer
S1706325880.747174,VS0,VE16
etag
"b8892811eaa1b85ad23da8c26a81fbe9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
52
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
sprite.png
img7.mynet.com.tr/anasayfa/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/anasayfa/img/sprite.png?v=3
Requested by
Host: s.mynet.com.tr
URL: https://s.mynet.com.tr/rosetta/services/anasayfa/production/build//css/all.css?id=5c5efaf32bfd38692237
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
0b2a316f7137cd3a66d8138a29ddd82ae0b2cd60d420b179640645f29bd0b0ab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.mynet.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Sat, 27 Jan 2024 03:24:39 GMT
expires
Sun, 26 Jan 2025 03:24:39 GMT
last-modified
Wed, 20 Oct 2021 07:37:23 GMT
server
nginx
x-rocket-node
edge126.ist.tr.eu.rocketcdn.com
etag
"616fc733-2224"
content-type
image/png
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8740
x-rocket-mastercachestatus
HIT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4fd9ad329677ab75a20d16e52912e93faec9b6ef732e8a1fcfd4cca8bd6085

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95acaa393a26bd1c5d32e38f928f4f5454e81901bcd52ad9d54076c8dd63b30d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
ph-1.gif
img7.mynet.com.tr/anasayfa/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/anasayfa/img/ph-1.gif
Requested by
Host: s.mynet.com.tr
URL: https://s.mynet.com.tr/rosetta/services/anasayfa/production/build//css/all.css?id=5c5efaf32bfd38692237
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
c8ce764186ba03e617f017c5d3ea825e5036fbd912b4afc3f121d56f18919bb6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.mynet.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Sat, 27 Jan 2024 03:24:39 GMT
expires
Sun, 26 Jan 2025 03:24:39 GMT
last-modified
Thu, 11 Feb 2021 15:14:48 GMT
server
nginx
x-rocket-node
edge126.ist.tr.eu.rocketcdn.com
etag
"602549e8-140a"
content-type
image/gif
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5130
x-rocket-mastercachestatus
HIT
arw-r.gif
img7.mynet.com.tr/anasayfa/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/anasayfa/img/arw-r.gif
Requested by
Host: s.mynet.com.tr
URL: https://s.mynet.com.tr/rosetta/services/anasayfa/production/build//css/all.css?id=5c5efaf32bfd38692237
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
65c8c8f808419b33126ff7d9f5673db0bb11ebe66ad3fa536d2a8de66e4b1759

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.mynet.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Sat, 27 Jan 2024 03:24:39 GMT
expires
Sun, 26 Jan 2025 03:24:39 GMT
last-modified
Thu, 11 Feb 2021 15:14:47 GMT
server
nginx
x-rocket-node
edge126.ist.tr.eu.rocketcdn.com
etag
"602549e7-599"
content-type
image/gif
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1433
x-rocket-mastercachestatus
HIT
sprite-social-icon24.png
img7.mynet.com.tr/anasayfa/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/anasayfa/img/sprite-social-icon24.png
Requested by
Host: s.mynet.com.tr
URL: https://s.mynet.com.tr/rosetta/services/anasayfa/production/build//css/all.css?id=5c5efaf32bfd38692237
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
cd135495db38f7be16a5d67d9854f22b451b6dd91a8e74c222572e9d9d7bd4fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.mynet.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Sat, 27 Jan 2024 03:24:39 GMT
expires
Sun, 26 Jan 2025 03:24:39 GMT
last-modified
Thu, 11 Feb 2021 15:14:48 GMT
server
nginx
x-rocket-node
edge126.ist.tr.eu.rocketcdn.com
etag
"602549e8-f29"
content-type
image/png
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3881
x-rocket-mastercachestatus
HIT
icon-twitter.svg
img7.mynet.com/rosetta/services/static/ 		486 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com/rosetta/services/static/icon-twitter.svg
Requested by
Host: s.mynet.com.tr
URL: https://s.mynet.com.tr/rosetta/services/anasayfa/production/build//css/all.css?id=5c5efaf32bfd38692237
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
a41680bcdd579f2172bb0fdc6a88245a9b0e6330941d3544f5cf1975d1123bdd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.mynet.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Sat, 27 Jan 2024 03:24:40 GMT
expires
Sun, 26 Jan 2025 03:24:40 GMT
last-modified
Thu, 12 Oct 2023 06:42:29 GMT
server
nginx
x-rocket-node
edge131.ist.tr.eu.rocketcdn.com
etag
"65279555-1e6"
content-type
image/svg+xml
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
486
x-rocket-mastercachestatus
HIT
all.js
s.mynet.com.tr/rosetta/services/anasayfa/production/build//js/ 		182 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.mynet.com.tr/rosetta/services/anasayfa/production/build//js/all.js?id=59b6094caf526c209d48
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN / Mynet Team
Resource Hash
793f9f7be2a6c2da3251b3071e2ef9f80ee76a07b2302a040ebe0a2aef04c76a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:38 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
age
16022
x-powered-by
Mynet Team
x-cache-status
HIT
x-cache
MISS 182
x-url
/rosetta/services/anasayfa/production/build//js/all.js?id=59b6094caf526c209d48
x-midtier
tr-ist-sh-s14
x-host
s.mynet.com.tr
cip
192.168.42.1
last-modified
Tue, 23 Jan 2024 09:19:10 GMT
server
MerlinCDN
etag
W/"65af848e-2d7fa"
vary
Accept-Encoding, Accept-Encoding
allow
GET, HEAD, POST, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
access-control-allow-headers
accept, authorization
sidebar-mp-bg.png
img7.mynet.com.tr/rosetta/services/microsites/widgets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/rosetta/services/microsites/widgets/sidebar-mp-bg.png
Requested by
Host: s.mynet.com.tr
URL: https://s.mynet.com.tr/rosetta/services/anasayfa/production/build//css/all.css?id=5c5efaf32bfd38692237
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
c051035d3e52525bbb88488852e434c26dd11aeac6219359f2202fdd741b13fa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.mynet.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Sat, 27 Jan 2024 03:24:39 GMT
expires
Sun, 26 Jan 2025 03:24:39 GMT
last-modified
Mon, 30 Mar 2020 11:11:04 GMT
server
nginx
x-rocket-node
edge126.ist.tr.eu.rocketcdn.com
etag
"5e81d3c8-a31"
content-type
image/png
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2609
x-rocket-mastercachestatus
HIT
sidebar-tv-bg.png
img7.mynet.com.tr/rosetta/services/microsites/widgets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/rosetta/services/microsites/widgets/sidebar-tv-bg.png
Requested by
Host: s.mynet.com.tr
URL: https://s.mynet.com.tr/rosetta/services/anasayfa/production/build//css/all.css?id=5c5efaf32bfd38692237
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
4f999891facbc65204286bde7858127c18e7476caecb2315a139e05d26aad2c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.mynet.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Sat, 27 Jan 2024 03:24:39 GMT
expires
Sun, 26 Jan 2025 03:24:39 GMT
last-modified
Mon, 30 Mar 2020 11:11:04 GMT
server
nginx
x-rocket-node
edge126.ist.tr.eu.rocketcdn.com
etag
"5e81d3c8-552"
content-type
image/png
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1362
x-rocket-mastercachestatus
HIT
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 21 Jan 2025 03:24:38 GMT
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 21 Jan 2025 03:24:38 GMT
firebase-app.js
www.gstatic.com/firebasejs/9.10.0/ 		86 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/9.10.0/firebase-app.js
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97a6c6a88dabfb26c2387ffd82de82fc9d7bcf4242c6be4a5d26918838fef0ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wbz-tavnsz.net/
Origin
https://wbz-tavnsz.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:08:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76579
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19579
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 19:21:35 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 06:08:19 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/9.10.0/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/9.10.0/firebase-messaging.js
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1afb6f415fd545753fdb37277ae67733cd31f7ce1991b0c20f0df10278b28fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wbz-tavnsz.net/
Origin
https://wbz-tavnsz.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:01:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7874
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 19:21:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 06:01:06 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56ab6b29646315f6b094297b45752ae23fe18430c8eb531edaa6297d917eb5f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:29:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
39301
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138344
x-xss-protection
0
server
cafe
etag
11931332024773231753
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 25 Jan 2025 16:29:37 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		59 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=wbz-tavnsz.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d62470abcbb79765f7d5451ba0bbc27696e360ef607e3e1a31ef24e94e85b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
x-xss-protection
0
expires
Sat, 27 Jan 2024 03:24:38 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		154 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=mynet.com&domain=wbz-tavnsz.net&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
09aa176404e29bff9a0ec1b4862ea7a62f1a86bb1e7a045f141a46b8d809f675

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 27 Jan 2024 03:24:38 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
131
x-served-by
cache-lga21977-LGA
x-timer
S1706325878.325233,VS0,VE16
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Thu, 25 Jan 2024 03:24:38 GMT
syncframe
gum.criteo.com/ Frame 94C3 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:37 GMT
server
Kestrel
server-processing-duration-in-ticks
608131
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
sid
mug.criteo.com/ Frame 94C3
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=wbz-tavnsz.net&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=fa1qYnxvVDVaa0pEMmk5b2RybHFzak9WZ202U1B1M0dlZU50bG5LYktBZkEva0RZTURwd1BFbHh4YVcxZ1dZbmpBM292Mk9Xd1RQUnhDYVkzQ0xUUy9aTVJWdTRoajJ3aVRYcE1YbEJiOFQxOEVaOERMZ3BVOGJDelVDSE...
425 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=fa1qYnxvVDVaa0pEMmk5b2RybHFzak9WZ202U1B1M0dlZU50bG5LYktBZkEva0RZTURwd1BFbHh4YVcxZ1dZbmpBM292Mk9Xd1RQUnhDYVkzQ0xUUy9aTVJWdTRoajJ3aVRYcE1YbEJiOFQxOEVaOERMZ3BVOGJDelVDSER0a0NLRVJEOExNZGJwaGdBSGRMREdlNFNSZVBMdERpcXA5YlNkYnVOUzVqbFEzMkxvRUcwQStCVHAvWjl3dDNwTkxvSXYyeW5ySzUxcmVaZ3QyMThVMWdDbU0zb3lXby9tVmFOL0xXZHd3b09STjErV1BuSi8zaWRlTDBPUEpkbmRiejY2NlU4djI2VERTM1hVdng0M0MzZmJXcUxUWTEyTkNLRGdPdVdqQjRnbGx2cWp6QT18&cppv=2
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6022d5ac7b098e715cf546b615fc3f75aba2160551b84714841c53a5bb61d3e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:37 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2150579
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=fa1qYnxvVDVaa0pEMmk5b2RybHFzak9WZ202U1B1M0dlZU50bG5LYktBZkEva0RZTURwd1BFbHh4YVcxZ1dZbmpBM292Mk9Xd1RQUnhDYVkzQ0xUUy9aTVJWdTRoajJ3aVRYcE1YbEJiOFQxOEVaOERMZ3BVOGJDelVDSER0a0NLRVJEOExNZGJwaGdBSGRMREdlNFNSZVBMdERpcXA5YlNkYnVOUzVqbFEzMkxvRUcwQStCVHAvWjl3dDNwTkxvSXYyeW5ySzUxcmVaZ3QyMThVMWdDbU0zb3lXby9tVmFOL0xXZHd3b09STjErV1BuSi8zaWRlTDBPUEpkbmRiejY2NlU4djI2VERTM1hVdng0M0MzZmJXcUxUWTEyTkNLRGdPdVdqQjRnbGx2cWp6QT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
369643
content-length
0
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
177 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: adl.mynetreklam.com
URL: https://adl.mynetreklam.com/mynetads/ads-manager/prebid.js?id=ae5756caa9dbe261a65e634025c0e052
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:39 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24266&site_id=409966&zone_id=2298308&size_id=57%3B9%3B15%3B15%3B2%3B15%3B2%3B2%3B15%3B15&alt_size_ids=%3B8%3B10%3B%3B57%3B10%3B55%2C57%3B55%2C57%3B10%3B&gdpr=0&rf=https%3A%2F%2Fwbz-tavnsz.net%2F&kw=mynet%2Cmynethaber%2Coyun%2Calt%C4%B1nfiyatlar%C4%B1%2Cyemektarifleri%2Cseyahat%2Csa%C4%9Fl%C4%B1k%2Chavadurumu%2Ckad%C4%B1n%2Csinema&tg_i.domain=wbz-tavnsz.net&tg_i.page=https%3A%2F%2Fwbz-tavnsz.net%2F&tk_flint=pbjs_lite_v8.24.0&l_pb_bid_id=17e81ed6d26def9%3B18d9da4e23abdd8%3B19fb6159954bb36%3B20de602ff9b6525%3B2183da274db6872%3B226c0ada6361f85%3B234b48d94930a72%3B241162426c40a5e%3B255813b20472086%3B26b33985f490a26&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&m_ch_mobile=%3F0&slots=10&rand=0.26703577572009607
Requested by
Host: adl.mynetreklam.com
URL: https://adl.mynetreklam.com/mynetads/ads-manager/prebid.js?id=ae5756caa9dbe261a65e634025c0e052
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ffb67a45e219131bf2837288df509b62c1c0799fa32ab790f9292ba577f34ed5

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:39 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		686 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24266&site_id=409966&zone_id=2298308&size_id=2%3B15%3B55%3B15&alt_size_ids=55%2C57%3B10%3B%3B10&gdpr=0&rf=https%3A%2F%2Fwbz-tavnsz.net%2F&kw=mynet%2Cmynethaber%2Coyun%2Calt%C4%B1nfiyatlar%C4%B1%2Cyemektarifleri%2Cseyahat%2Csa%C4%9Fl%C4%B1k%2Chavadurumu%2Ckad%C4%B1n%2Csinema&tg_i.domain=wbz-tavnsz.net&tg_i.page=https%3A%2F%2Fwbz-tavnsz.net%2F&tk_flint=pbjs_lite_v8.24.0&l_pb_bid_id=27307ef5b6a96ff%3B28ffd632f922062%3B2942673b1b9f377%3B309d34e2410b6ad&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&m_ch_mobile=%3F0&slots=4&rand=0.5527197721675645
Requested by
Host: adl.mynetreklam.com
URL: https://adl.mynetreklam.com/mynetads/ads-manager/prebid.js?id=ae5756caa9dbe261a65e634025c0e052
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d39a00c302f3a8860587e592d2c954f44d082b7971c61e99ec631232d69c054d

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:39 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=149&profileId=185&av=36&wv=8.24.0&cb=77548039270
Requested by
Host: adl.mynetreklam.com
URL: https://adl.mynetreklam.com/mynetads/ads-manager/prebid.js?id=ae5756caa9dbe261a65e634025c0e052
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:39 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
ads
securepubads.g.doubleclick.net/gampad/ 		878 KB
156 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1734083426458124&correlator=357179614402034&eid=21065724&output=ldjh&gdfp_req=1&vrg=202401230101&ptt=17&impl=fifs&iu_parts=28687765%2Cmynet%2Canasayfa%2Cprestitial_oop%2Cmasthead_970x250%2Cpageskin_sol_120x600%2Csidebar_300x250_6%2Csidebar_300x250_1%2Cfooter_970x250%2Csidebar_300x250_5%2Cbody_970x250_1%2Cbody_970x250_2%2Csidebar_300x250_7%2Csidebar_300x250_2%2Cbody_970x280%2Cadvertorial_aramanset_1_oop%2Csidebar_300x250_3%2Cheader_970x90%2Cadvertorial_altmanset_3_oop%2Cadvertorial_altmanset_2_oop%2Cadvertorial_altmanset_1_oop%2Cadvertorial_manset_1_oop%2Cadvertorial_manset_2_oop%2Cadvertorial_manset_3_oop%2Csidebar_300x250_4&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F7%2C%2F0%2F1%2F2%2F8%2C%2F0%2F1%2F2%2F9%2C%2F0%2F1%2F2%2F10%2C%2F0%2F1%2F2%2F11%2C%2F0%2F1%2F2%2F12%2C%2F0%2F1%2F2%2F13%2C%2F0%2F1%2F2%2F14%2C%2F0%2F1%2F2%2F15%2C%2F0%2F1%2F2%2F16%2C%2F0%2F1%2F2%2F17%2C%2F0%2F1%2F2%2F18%2C%2F0%2F1%2F2%2F19%2C%2F0%2F1%2F2%2F20%2C%2F0%2F1%2F2%2F21%2C%2F0%2F1%2F2%2F22%2C%2F0%2F1%2F2%2F23%2C%2F0%2F1%2F2%2F24&prev_iu_szs=1x1%2C970x250%2C160x600%7C120x600%2C300x250%7C300x600%2C300x250%2C728x90%7C970x250%2C300x250%7C300x600%2C970x250%7C970x90%7C728x90%2C970x250%7C970x90%7C728x90%2C300x250%7C300x600%2C300x250%2C970x280%7C970x250%7C970x90%7C728x90%2C1x1%2C300x250%7C300x600%2C970x90%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C300x250%7C300x600&ifi=1&sfv=1-0-40&ists=2097790&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706325879724&lmt=1706308809&adxs=0%2C300%2C0%2C976%2C980%2C315%2C976%2C315%2C315%2C976%2C975%2C315%2C315%2C976%2C315%2C315%2C315%2C315%2C315%2C315%2C315%2C976&adys=0%2C332%2C600%2C10337%2C1032%2C14515%2C9476%2C2937%2C5103%2C11114%2C4437%2C3750%2C1730%2C6910%2C966%2C1730%2C1730%2C1730%2C1602%2C1602%2C1602%2C8592&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C0%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C0%7C11%7C12%7C13%7C14%7C15%7C16%7C17&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl%7Cm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwbz-tavnsz.net%2F&vis=1&psz=1600x15174%7C1000x250%7C1600x15174%7C309x5524%7C329x-1%7C990x1%7C307x31%7C990x250%7C990x250%7C309x5524%7C329x250%7C990x250%7C990x6105%7C307x31%7C970x90%7C990x6105%7C990x6105%7C990x6105%7C660x678%7C660x678%7C660x678%7C307x31&msz=1600x0%7C1000x0%7C160x-1%7C307x0%7C300x-1%7C970x0%7C307x0%7C970x0%7C970x0%7C307x0%7C300x-1%7C970x0%7C970x0%7C307x0%7C970x0%7C970x0%7C970x0%7C970x0%7C640x0%7C640x0%7C640x0%7C307x0&fws=0%2C132%2C512%2C4%2C132%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C0%2C4%2C4%2C0%2C0%2C0%2C4%2C4%2C4%2C4&ohw=0%2C1000%2C0%2C329%2C329%2C990%2C307%2C990%2C990%2C329%2C329%2C990%2C0%2C307%2C970%2C0%2C0%2C0%2C660%2C660%2C660%2C307&ga_vid=267516988.1706325880&ga_sid=1706325880&ga_hid=379957345&ga_fc=false&dlt=1706325877825&idt=506&cust_params=mynet_servis%3Danasayfa%26mynet_kategori%3Ddefault%26keywords%3Dnonloginuser&adks=1429935035%2C583505459%2C1756351970%2C1989975144%2C926693769%2C3200204486%2C2589032798%2C1386793920%2C3157235594%2C2558342557%2C1814472857%2C2764281875%2C3257773599%2C2408398317%2C606531388%2C4250751928%2C2013204914%2C3627819867%2C4289697014%2C1685323194%2C1466297028%2C1592201327&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66f96fd80a187ec3244df82a2ee055d49ba59b978c8744a0a9c8370e955b0c51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
159413
x-xss-protection
0
google-lineitem-id
5383714757,-1,-1,5753318044,-1,5653713517,4389476089,5753320270,4389476089,5653713517,6460560862,4389476089,6383782018,5653713517,-1,4367746458,5297151497,5262221178,5263404887,-2,-2,5653713517
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138427522541,-1,-1,138358268993,-1,138359575141,138208642207,138358269119,138208668330,138359151113,138460050444,138386043624,138446866292,138344351375,-1,138206793491,138304449933,138299544897,138299544783,-2,-2,138359575126
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B21A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:39 GMT
expires
Sun, 26 Jan 2025 03:24:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
events
bidder.criteo.com/csm/ 		0
192 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:39 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
css
fonts.googleapis.com/ 		3 KB
934 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin-ext
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
458bb3a60559f5c11cce4ce12b4a829f5f25a3b43531d2ee7a43565ccede7f18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 Jan 2024 03:24:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 03:24:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Jan 2024 03:24:39 GMT
load.js
pm-widget.taboola.com/mynetnewtr-mynet/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/mynetnewtr-mynet/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mynetnewtr-mynet/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
075c19e8bfd08072fcfe14dddd4fde1d69737880192e0ef05ab111105c72c9aa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
upeBjmqn6v71ZVS6X3bfCVvgGtmsZqS9
content-encoding
gzip
via
1.1 varnish
date
Sat, 27 Jan 2024 03:24:39 GMT
x-amz-request-id
G10XW4M43XWWGFKG
age
1596
x-cache
HIT
content-length
1133
x-amz-id-2
kRojsCVsvKldGtO9W4pFTMLgxxeqagz4y6j1yqW/XPkZ4kOBAevSGblm0SqRP6qePt9ZDahCv/U=
x-served-by
cache-lga21946-LGA
last-modified
Fri, 29 Sep 2023 05:11:04 GMT
server
AmazonS3
x-timer
S1706325880.867079,VS0,VE1
etag
"35bf1e27cd4f19d64021ecffa2600f54"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1
impl.20240125-5-RELEASE.js
cdn.taboola.com/libtrc/ 		842 KB
174 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20240125-5-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mynetnewtr-mynet/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e57eed97b19a7b770dd3aa55cdbde01e5d83de9d25ffc1fca6a38c96fe4c7aff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
23zuRYr1wZq0zPCHrSXYSLM2PpuBUD1v
content-encoding
br
via
1.1 varnish
date
Sat, 27 Jan 2024 03:24:39 GMT
x-amz-request-id
2DHJ1YKQJWZ88GPG
age
4995
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
177933
x-amz-id-2
QPEb+tiTZuwNdRtYI2a0mvHyqLmGxqO1tDGQdrHMupqYltbC9oUwvA5FeatQ5QJwD+jpWdskud0=
x-served-by
cache-lga21929-LGA
last-modified
Thu, 25 Jan 2024 10:01:24 GMT
server
AmazonS3-br
x-timer
S1706325880.863767,VS0,VE0
etag
"3eb08da99246feefc99d5e32897e1b6d"
vary
Accept-Encoding
content-type
application/javascript
abp
78
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
100994
get-action
nr-events.taboola.com/newsroom/1.0/mynetnewtr-mynet/ 		132 B
441 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nr-events.taboola.com/newsroom/1.0/mynetnewtr-mynet/get-action?page.url=https%3A%2F%2Fwww.mynet.com%2F&view.id=161598184136083957&page.template=home&page.dashboard=home
Requested by
Host: c2.taboola.com
URL: https://c2.taboola.com/nr/mynetnewtr-mynet/newsroom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f3f3bac55a34bf74cb853f3454ab20e32288a0e0322d758c40443d17482b62eb

Request headers

Referer
https://wbz-tavnsz.net/
Origin
https://wbz-tavnsz.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

tbl-x-upstream
10.15.208.250:80
date
Sat, 27 Jan 2024 03:24:39 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
1
content-length
132
x-application-context
front-page-event-server:production
x-served-by
cache-lga21982-LGA
server
nginx
x-timer
S1706325880.904523,VS0,VE4
vary
Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
0
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wbz-tavnsz.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:04:47 GMT
x-content-type-options
nosniff
age
76792
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47048
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 06:04:47 GMT
jizfRExUiTo99u79B_mh0OCtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v17/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OCtLQ0Z.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a8635c7077b20e45b38d58f63b6562a47630e137c0e2c68b5b31611a8524a15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wbz-tavnsz.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:03:38 GMT
x-content-type-options
nosniff
age
76861
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29232
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 06:03:38 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wbz-tavnsz.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:57:21 GMT
x-content-type-options
nosniff
age
77238
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 05:57:21 GMT
jizaRExUiTo99u79D0yExdGM.woff2
fonts.gstatic.com/s/ptsans/v17/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0yExdGM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65022d5f76d6e8ca21971c6b00bd7af6533c705aedfbae57a94d44a9f4839e3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wbz-tavnsz.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:54:48 GMT
x-content-type-options
nosniff
age
77391
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26460
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 05:54:48 GMT
js
www.googletagmanager.com/gtag/ 		277 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4SD1QQV4KB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTQ2B72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
21964db47a16930f55f7439b2a9b4e3397898a588e594a4f4acff52d3c0f89a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92848
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 27 Jan 2024 03:24:40 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTQ2B72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 27 Jan 2024 01:51:43 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5577
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 27 Jan 2024 03:51:43 GMT
notify-impression
nr-events.taboola.com/newsroom/1.0/mynetnewtr-mynet/ 		0
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nr-events.taboola.com/newsroom/1.0/mynetnewtr-mynet/notify-impression?page.url=https%3A%2F%2Fwww.mynet.com%2F&view.id=161598184136083957&page.template=home&page.dashboard=home
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-lga21929-LGA
tbl-x-upstream
10.15.208.250:80
date
Sat, 27 Jan 2024 03:24:40 GMT
via
1.1 varnish
server
nginx
x-timer
S1706325880.067570,VS0,VE4
x-cache
MISS
access-control-allow-origin
*
x-envoy-upstream-service-time
1
accept-ranges
bytes
x-application-context
front-page-event-server:production
x-cache-hits
0
pmk-20220605.7.js
pm-widget.taboola.com/mynetnewtr-mynet/ 		102 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/mynetnewtr-mynet/pmk-20220605.7.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/mynetnewtr-mynet/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e5aeadecb57dfeb8fa94fd8fb3b7feda13d73a4c0a7663ca1626cf7e879edd9

Request headers

Referer
https://wbz-tavnsz.net/
Origin
https://wbz-tavnsz.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
afF7YmLUTNtYtYnTk3jvoviw0fkUHU3O
content-encoding
gzip
via
1.1 varnish
date
Sat, 27 Jan 2024 03:24:40 GMT
x-amz-request-id
7QXJA0VTBPMPSR6H
age
1547277
x-cache
HIT
content-length
28796
x-amz-id-2
I3EDaEqOtyCbmGGq3e6jlNbD/+0/uczwPyHlDMVUbJ/w7fBSTF9t8qIP0anVM8Z6bjsX4PwVxOU=
x-served-by
cache-lga21982-LGA
last-modified
Fri, 29 Sep 2023 05:11:03 GMT
server
AmazonS3
x-timer
S1706325880.109310,VS0,VE4
etag
"a0830c1c5ecc64291104d91fb45346a1"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1
MIN-516360.js
apv-launcher.minute.ly/api/launcher/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apv-launcher.minute.ly/api/launcher/MIN-516360.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mynetnewtr-mynet/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.211.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.25.1 /
Resource Hash
628b5c3776a49d80b9e123fb1d7e7be732689c84527ff00e127243830be8166d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 27 Jan 2024 03:02:01 GMT
date
Sat, 27 Jan 2024 03:24:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
none
age
1359
x-cache
HIT, HIT
content-length
16364
x-xss-protection
1; mode=block
x-request-id
89611c7a-382e-4aab-ae49-e68799174640
x-served-by
cache-iad-kjyo7100143-IAD, cache-lga21981-LGA
x-runtime
0.333248
referrer-policy
strict-origin-when-cross-origin
x-debug-req-method
GET
server
nginx/1.25.1
x-timer
S1706325880.196525,VS0,VE1
etag
W/"628b5c3776a49d80b9e123fb1d7e7be7"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-debug-app-get
GET
x-debug-server-name
apv-launcher.minute.ly
access-control-allow-credentials
true
cache-control
max-age=30
accept-ranges
bytes
access-control-allow-headers
APP-GET,Content-Type
x-cache-hits
5, 1
sync
gum.criteo.com/ 		73 B
314 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240125-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3e9e6ce6b6811d6b55c9f92346fec735ac7a61484ebfee63a0e74471312a5a36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:39 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1406390
expires
60
json
trc.taboola.com/mynetnewtr-mynet/trc/3/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/mynetnewtr-mynet/trc/3/json?tim=17%3A24%3A40.141&lti=deflated&data=%7B%22id%22%3A455%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1706187077757%2C%22vi%22%3A1706325880138%2C%22cv%22%3A%2220240125-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.mynet.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwbz-tavnsz.net%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A15175%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Aabp%3D0%22%2C%22uip%22%3A%22Newsroom%22%2C%22orig_uip%22%3A%22Newsroom%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A0%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CNewsroom%3Drbox-tracking%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240125-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c3c7da109b652b5319c51a39037ba1c2c7a8329c1278b6c47d36d1e4e35dbc0f

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
39
date
Sat, 27 Jan 2024 03:24:40 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.28729166666666667
x-fastly-to-nlb-rtt
22337
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-lga21946-LGA
x-log-content-encoding
gzip
server
nginx
x-timer
S1706325880.170706,VS0,VE39
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://wbz-tavnsz.net
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=379957345&t=pageview&_s=1&dl=https%3A%2F%2Fwbz-tavnsz.net%2F&ul=en-us&de=UTF-8&dt=Mynet%20%7C%20Haber%2C%20Oyun%2C%20Video%2C%20Spor%2C%20Bur%C3%A7lar%20ve%20fazlas%C4%B1%20sizin%20i%C3%A7in%20burada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABCAAAACACI~&jid=599760705&gjid=153423467&cid=267516988.1706325880&tid=UA-72961156-1&_gid=534304240.1706325880&_r=1&_slc=1&gtm=45He41o0n81TTQ2B72v76712499&cd8=0&cd11=4&cd14=1&cd15=anasayfa&cd25=0&cd26=0&cd27=0&cd28=0&cd29=0&cd30=homepage&cd31=direct&cd32=&cd34=desktop&cd35=&cd36=&cd37=standard&cd39=%3C500&gcd=11l1l1l1l1&dma=0&z=439778898
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4SD1QQV4KB&gtm=45je41o0v880594548z876712499&_p=1706325878086&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=267516988.1706325880&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706325880&sct=1&seg=0&dl=https%3A%2F%2Fwbz-tavnsz.net%2F&dt=Mynet%20%7C%20Haber%2C%20Oyun%2C%20Video%2C%20Spor%2C%20Bur%C3%A7lar%20ve%20fazlas%C4%B1%20sizin%20i%C3%A7in%20burada&en=page_view&_fv=1&_ss=1&ep.Service=anasayfa&ep.content_id=&ep.content_type=&ep.content_title=&ep.content_tags=&ep.content_created_at=&ep.content_updated_at=&ep.content_level1_category=false&ep.content_level2_category=false&ep.content_author_type=false&ep.content_author_username=false&ep.content_page_type=homepage&ep.visitor_username=&ep.visitor_login=1&ep.visitor_cookie_sizesegment=%3C500&ep.referer_site=direct&ep.content_affiliate=&tfd=3017
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4SD1QQV4KB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4SD1QQV4KB&cid=267516988.1706325880&gtm=45je41o0v880594548z876712499&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4SD1QQV4KB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
distance-from-article.20240125-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20240125-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mynetnewtr-mynet/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1394c05c578e2ce3d2f09e3c335da4e88cc950a2bb93b9db7afa732c4330face

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
f6Ne3YA6YXSfq794AQjwFSz4zWns53fb
content-encoding
gzip
via
1.1 varnish
date
Sat, 27 Jan 2024 03:24:40 GMT
x-amz-request-id
971BNC1DTGVBA9W9
age
148868
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
KIVTQ+3OsrUQkmEvtemFldvRn3z2GUQeFDxTwPS0kC1WyxwG8NalzfRgf4cGBK11/hxiY8ej+7A=
x-served-by
cache-lga21929-LGA
last-modified
Thu, 25 Jan 2024 10:03:28 GMT
server
AmazonS3
x-timer
S1706325880.291169,VS0,VE0
etag
"43720295c09052564738afcf199e4365"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
99
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
128711
article-detection.20240125-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20240125-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mynetnewtr-mynet/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2b51cd55841eb72aa64acbe4be49eb5e2dac7ae75af691c51ed2fa1b5cd0dee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
0797qw5.AKqKOtP8vVGDpOfzgHG1vIjU
content-encoding
gzip
via
1.1 varnish
date
Sat, 27 Jan 2024 03:24:40 GMT
x-amz-request-id
750FG41GYH6EDG6J
age
148848
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
OgbBhDhJKSNANlySjYXPUI/NGVsFPlsrxCpLvGf6c29QynkA/QN+CiHrfASdFPjRc25gylbb/8M=
x-served-by
cache-lga21929-LGA
last-modified
Thu, 25 Jan 2024 10:03:46 GMT
server
AmazonS3
x-timer
S1706325880.291150,VS0,VE0
etag
"d3cd66d9ef04594e0cbbf1864fbfc22d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
69
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
128744
debug
ch-trc-events.taboola.com/mynetnewtr-mynet/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/mynetnewtr-mynet/log/2/debug?tim=17%3A24%3A40.286&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20rbox-tracking&llvl=2&id=2766&cv=20240125-5-RELEASE&lt=deflated&pct=1
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22842
collect
stats.g.doubleclick.net/j/ 		2 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-72961156-1&cid=267516988.1706325880&jid=599760705&gjid=153423467&_gid=534304240.1706325880&_u=YAhAAEAACAAAACACI~&z=1273322690
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 27 Jan 2024 03:24:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
social
ch-trc-events.taboola.com/mynetnewtr-mynet/log/3/ 		0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/mynetnewtr-mynet/log/3/social?route=US:CH:V&tvi50=10882&lti=deflated&ri=a631a4e15512923f0bbc3990ee9b1a43&sd=v2_86ff096d1bf7dffbeab1ca4e70327222_a97e2e8f-df44-4563-ac9f-ac49f65f62eb-tuctcadfcf8_1706325880_1706325880_CIi3jgYQ4d1TGMraysfUMSABKAEw4QE4kaQOQJjyDkjDwNsDUIAEWABgAGibw5uko5yDwdIBcAE&ui=a97e2e8f-df44-4563-ac9f-ac49f65f62eb-tuctcadfcf8&pi=/&wi=648798963375933337&pt=home&vi=1706325880138&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwbz-tavnsz.net%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22MYNET%20-%20T%C3%BCrkiye%27nin%20lider%20-%20haber%20-%20oyun%20-%20spor%20-%20magazin%20-%20sinema%20-%20portal%C4%B1%22%2C%22sec%22%3A%22undefined%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%2F%2Fimg3.mynet.com.tr%2Fmyhm%2Fmynet-fc.gif%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=17%3A24%3A40.324&id=9651&llvl=2&cv=20240125-5-RELEASE&
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:40 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
mi-scraper-1.17.0.99.js
snippet.minute.ly/publishers/516360/ 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.minute.ly/publishers/516360/mi-scraper-1.17.0.99.js
Requested by
Host: apv-launcher.minute.ly
URL: https://apv-launcher.minute.ly/api/launcher/MIN-516360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e25add94195047c4d04eb063f97e308db44b32093cc19010a71e3acb234e81c

Request headers

Referer
https://wbz-tavnsz.net/
Origin
https://wbz-tavnsz.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MHNAXRV6Q9MX8HF8
age
5743856
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-id-2
8quwGDVOuQXiC4uj1H1n1xVdXlXDACAvhqURmxd0mF0iXemEGbUTYcjMJo7TRgWO5PmQ1ZrZzwk=
x-served-by
cache-iad-kjyo7100034-IAD, cache-lga21966-LGA
last-modified
Wed, 27 Sep 2023 09:09:40 GMT
server
cloudflare
x-timer
S1706325880.384136,VS0,VE1
etag
W/"d09be18dff61758c7d0824c4a4092af1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAmWqYogjYT5fQ52ZuSLkbv3JUxtgTn5%2F9bbtGswwx8DsecQCPBfMXal8lrc%2FHavpZqmqnPa%2Fl9t30Cyx4nNoyYBCgBpXybovU%2FqAO1nmn65QC%2BC7ME1GBtGrIfWyN2qE7UZUM%2FIuj08ga0R2P4l"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
84bde2505d6e8c30-EWR
access-control-allow-headers
content-type
x-cache-hits
9977, 1
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-72961156-1&cid=267516988.1706325880&jid=599760705&_u=YAhAAEAACAAAACACI~&z=325383843
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
_.gif
counter.snackly.co/ 		0
38 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.snackly.co/_.gif
Requested by
Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/516360/mi-scraper-1.17.0.99.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84bde250dd91c468-EWR
access-control-allow-headers
Content-Type
content-length
0
expires
Sat, 27 Jan 2024 03:24:40 GMT
_.gif
counter.snackly.co/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.snackly.co/_.gif
Requested by
Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/516360/mi-scraper-1.17.0.99.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84bde250dd8fc468-EWR
access-control-allow-headers
Content-Type
content-length
0
expires
Sat, 27 Jan 2024 03:24:40 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401230101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90762d71f06d1c82e918e159fe30b7cb2ce62451c8ea943943be2ced0b4d884b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12141
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Jan 2024 03:24:40 GMT
img.fetch
udmserve.net/udm/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=14018;tid=1;dt=6;
Requested by
Host: adl.mynetreklam.com
URL: https://adl.mynetreklam.com/mynetads/ads-manager/ads-manager.js?id=51546de0e0db03ea6cd2cf8cc2def63c
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Date
Sat, 27 Jan 2024 03:24:41 GMT
Connection
Keep-Alive
Content-Length
1
Content-Type
application/x-javascript
truncated
/ Frame 56BB 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
430e8ebc98532cfcdb0ce803e7b13bda4617aced1f111443667e0d2e95d23810

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ 		0
29 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQs7UUqVExKBXGrEamJNDvr9MlEez2KVdquqEXqclvxfsqxp48PTUorfsaJo0m1GTXZlA2DkiqAbox5td89tNeWWf_sHdOfTPnuXNurWjWrT6CDs0O0DjNLjlDQcu9Y3PVAJIsEluNUA9LkMk5dQ9mNJGDlVubL5Wyd1Uh_TtOKqKQq6YE1r5yEhlHtJuPSI4ty3Kv4U07URzdF7Gi1n-Up2FelAoUpXrFRBBs_0pU8uB6tSWwrNs93p6LYJ74Ex7M6i1mhvJjWCIWczpAgZqAgrazuCGRJLEYb5X4ISin7_Y6AzmMdYL9_5jBN-cKbYxerL19qIP5_Lvm8HaHt96nBCzonunPkkh8NspLqZml7nrwtNKUYOODewzydMeaCXnFrTxrKsNAaRwxrKD9KZauqHLZZDSRDg7CTtjK3sOg8Z2kXyNbQNAkpSiZUH9Vag&sai=AMfl-YTIyIvgiuhed_Ua7jFeuVCxQOSzBQ7rajKQFYRsm3O4zKSgZvOYWI_jSXw5TGjRKI8YkHjAsHLcJdhTgbxRVwNnPaw8LL-GF6oZNQrb1lpgYtQnSr9mYE8iMicf4Xfo3sgZ_B8rJc7xCu4OOVpO2lc&sig=Cg0ArKJSzLsBdILc_zbhEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=&cachebuster=879366641114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 27 Jan 2024 03:24:40 GMT
img.fetch
udmserve.net/udm/ Frame 48B5 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=14018;tid=1;dt=6;
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Date
Sat, 27 Jan 2024 03:24:41 GMT
Connection
Keep-Alive
Content-Length
1
Content-Type
application/x-javascript
truncated
/ Frame 48B5 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7cf04b80a0ca8f1334f44596a8e59fa721095ad0ca1792a2dc5d3dd6523b50ce

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
container.html
20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0F05 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:39 GMT
expires
Sun, 26 Jan 2025 03:24:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
mynet_22283.js
ads.vidoomy.com/ Frame 9478 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/mynet_22283.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.133.85.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-85-98.us-east-2.compute.amazonaws.com
Software
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
56b5a3daf9fb430cb2e5c37557f22f7f3f58e7cfb66e8d8ad1abcdde03918cd8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 03:24:41 GMT
Server
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
4806
truncated
/ Frame 9478 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1bac21d2a029df774b4b60e379e8b80407a6654038997af8e9fe572ed363e16c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 9478 		0
29 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7gAl2TEDGuKK4UHIJD1ZA-i0gaTLCclnrwiBivQ7RMfZ6RtKIJEM6it1j4xT5SbrDPfmc6KAE8SmxLkZ3CKwTJ0qO91Sw1XkHkq-pQngNHpurRPdkf1JKLqDofZGGIov-8ro1fWysePoc-LQMUNQN2rf2P93r4YYW2uP5e_Yg872qNV0i32W1HcVbtvd122rvPJA9SGmD1Ic8x0KfUkYg24QO8KjQ-spCqm8KJmZZ7ko6_GAtqQkuDiCsOLR_RPkdOjQiKbP1vIQNxUClNldLiRw50ydZXsQtlAI6YRz5D29FSUZlQbl3sVukknV2oXiwKoX1yS-SZUTfwZ5gapIfIkvDjqqcmg70Av6D8mU_Oth-XDO9TZ2xr560LPiw2VqoHHTRrAbRVXj01Gtm9jqC&sai=AMfl-YQMahREGODhSLNRx9KUd9hD2TyoYWFiN4Cj6Zb3aM__5dlTM_OxdxIchmoz1vZHAzxQrDAlokPdfpbfcnIBoItl0iZPB8xfVOu0m5lbqxKfvRv47moiaGoEQVEvp5MMGxopmfTSNis0OwJ8oZpCvgk&sig=Cg0ArKJSzG4LF4G7SiUaEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 27 Jan 2024 03:24:40 GMT
container.html
20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 11C6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:39 GMT
expires
Sun, 26 Jan 2025 03:24:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame F0C7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsviYtJm8UJPK6xWJ0_p-tJvyskyxCh-6SgfEW1LcwLvvSG01yBJ4oCVx323ncF9Iwlmgrjtgtbb3cHhxbyENUfQ58P-YsbU6DRu-ZR2DkGJhYIGJ2pszQ0m6swjOd8jQ6wd49ZJ-2VE8jIOHXDBDowLgrY4msNfd5dAUnAnSmqXvduGmUQg4YI69jEO5OypklZBEDCC8V5xtMuyWKrHLZzbLm_hPil7YeIcf9umkh6397QDGGnxrHW1hwAQ88wSUCHVWW1yUJ92_S5-v6X_NZquwyVSlUihuW36iO5FEFkJ3qKimGErmbn6b26GT2BVDrHBY2f2vP2XVP75sK_uDcZtXpEeonMprBwpb7bjqNzflrFW_Lvvmaqbocweixy8uMHo4zQZBQY&sai=AMfl-YQijDWTWQ58HKCTkbY3NOsFiBANtSjN2E0QNwDFBSuyMJZc9GiHJ0vVbUYBWal5pf-aP7ulVWKV8UPXxppRKLFSWb45YiphCVjKsYgcHYkaqsxbYMkxCXKFaTZmY6XgttB9MRoKNMwD1v3mJ1pgUIc&sig=Cg0ArKJSzH7azcQV10D_EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
t.js
windsplay.com/ Frame F0C7 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=7077411706325880833
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.152.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-152-115.atl58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
41df5d1ca4906b7391e455f7e427b34a0c6d357bcc127a04b31f6f455a502d81

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
aFVPUb5HsFP7GIENHeOqW0tz8H9T5NUt
content-encoding
br
via
1.1 1d00ba7ffc8db277f53e86898830f418.cloudfront.net (CloudFront)
date
Fri, 26 Jan 2024 12:50:41 GMT
last-modified
Mon, 27 Nov 2023 09:47:49 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P3
age
52445
x-amz-server-side-encryption
AES256
etag
W/"89cf844db03dd998a8b7736d2ff0c6e5"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
tBFJfKEDApNNZYkC8l_FsndJdhG2erpu9hOXJFY-xX-yozCiTwj1kQ==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F0C7 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 03:24:40 GMT
img.fetch
udmserve.net/udm/ Frame 0917 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=14018;tid=1;dt=6;
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Date
Sat, 27 Jan 2024 03:24:41 GMT
Connection
Keep-Alive
Content-Length
1
Content-Type
application/x-javascript
truncated
/ Frame 0917 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afba5908ecc55e92c75706cd3c3eddca71cea144f4084a5ab3fd4cdc231ada78

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 0917 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssy7lZolOflTYR7f8ybgX-CuKEZGLRyLk2tVqss421II67tH9fxFSlZhki57CC-bHDR6UcFe4JQLgeMnrKRO0xldgatWX-lHtMy8HL6VeR9B2H8sPiLMmruMVyBuOS5JY3eh3S7sAARhD3rhTs9uIgCxeYTNKbUfSR5NOBw1rJkXiUMzr1VHZyWjNBTfF3k5Qn-MWDfiXGhZUL5Pssod558QoDvTKKC6eozIs4B8X2s1nQoNXmcR3J5szIJsSLR1dIkVDuddwxTess-L7vkM_wdKkXFd0nFuM1mhX4lhn4soFEWoDqUdxe3Qj6hRqE4e8WTtNvSdSjZnrVdP6XQuuezULwxisq7759Is2DexZng9i0SfUCt3sIFf7vM&sai=AMfl-YS9yoxLdyEiUotkW5Wzt6nznPqiENe0gvawbrkYHqBkRUQ8rjfqNegPVS9EwP6kmypfLZrujRUccxYth7cz9eoTHYq2IryEn2Udpujh4lIS1sp1YeWGLLKeuSuq9JYh-bMJ1qCqvP1PD2fzduqoeL0&sig=Cg0ArKJSzHEEpCZabD5VEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
img.fetch
udmserve.net/udm/ Frame E248 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=14018;tid=1;dt=6;
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Date
Sat, 27 Jan 2024 03:24:41 GMT
Connection
Keep-Alive
Content-Length
1
Content-Type
application/x-javascript
truncated
/ Frame E248 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9804cc7a04217d781b77d8b879807e4d013fcbc1681df1fb8c7d1c08a5e31836

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
container.html
20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0829 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:39 GMT
expires
Sun, 26 Jan 2025 03:24:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 568C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:39 GMT
expires
Sun, 26 Jan 2025 03:24:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2121 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:39 GMT
expires
Sun, 26 Jan 2025 03:24:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rciv.js
cdn.tynt.com/ Frame BA0A 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/rciv.js
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8a356ae7ad51af25f41e9529ed11b1da27f59c8de35ba04c7d66aa2146fbdfc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 15:09:06 GMT
server
cloudflare
age
242730
etag
W/"651ed192-6133"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
84bde2544d176a57-EWR
expires
Tue, 30 Jan 2024 03:24:41 GMT
truncated
/ Frame BA0A 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56958d9de87f48a810ddd17a0d5c90af4428637a6dde138d34e9307920fd3891

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame BA0A 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQB_p7xsRSp5YgQe3yFkEVdiUiS6ozp4k_-eV0SmyJSwxksLbD5NxjfOqxQl8z25WVPyJjrEHVXaFMh8Qo8Zj3z5YfAS5aAMEHDFBN8uWjuTyt5859atZS8YWpgRowrWaezmg9ThM0SlhNjfBrp-3pUMG2HBHEbozvULYb3TrgJ5zOyur-87i8XggJGFriyW2VtEzgRUEuaQWH0AmUFwzH9VTzUxAvuiojNAtY9-GlRWU0632tYJ1s9DAVLri7E2aRt3PgrkHDzWzanXuDJzA-YxF63pN79KCt8Bm8kCoKoRYyktsQsRZwy6mdfflzDdbOJC2cPQye2ddJYhEk2fMumG8TBx1bS7eMW3K3UAn9nzKbfSU5iV1grmHqs0Ue22QXAcpJZHhFWGK3Y_oqqdoHwW3yiLgvKU8lNwuX6KNXUqo&sai=AMfl-YS_L7zGScatLIbMvHqHkylSaKKPj6R7SXO_FdP4nV3oNk_YFxetCXpr0CftDd5by5sEGOwmbLbR7JgWUCs3EZ4qNNtgrMVcwD5DpNCLQIfh3GlERya2q2cHkTNe5P_PY9jceJohrDt8zwoP710B4X8&sig=Cg0ArKJSzHmzdo8rLIEXEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012401091919000/ Frame 2F00 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e874111442f36d488f5e4a7f742391a8c02b70c60b333454fe4f85a3b26e3d5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 26 Jan 2024 06:13:08 GMT
age
76293
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56104
x-xss-protection
0
server
sffe
etag
"cf7caf439f3410f8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 25 Jan 2025 06:13:08 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012401091919000/v0/ Frame 2F00 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d79a688e4e23466eeee3ab0d7d3a99a0588b1aa1c7ae0f4fedfbd498c9022eb4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 26 Jan 2024 06:06:13 GMT
age
76708
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5212
x-xss-protection
0
server
sffe
etag
"d5f0e0ea1e5219b8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 25 Jan 2025 06:06:13 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012401091919000/v0/ Frame 2F00 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36726fd194e9e08908bb49a382c3fe0b70ee41d480b09869b5aa70c81fcabe7f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 26 Jan 2024 06:09:30 GMT
age
76511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29119
x-xss-protection
0
server
sffe
etag
"7ed328db9ca95286"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 25 Jan 2025 06:09:30 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012401091919000/v0/ Frame 2F00 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
643fe707091c6e32630daf29adabf146aea6096d30af0367bcddbe54c19bcad0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 26 Jan 2024 05:58:26 GMT
age
77175
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1910
x-xss-protection
0
server
sffe
etag
"b1b3f9c71858a21a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 25 Jan 2025 05:58:26 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012401091919000/v0/ Frame 2F00 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
062e7c29b1c3e36f8684e7e298346efe23cd760daf282103361b0645d843c686
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 26 Jan 2024 05:53:46 GMT
age
77455
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12971
x-xss-protection
0
server
sffe
etag
"0e9793e292f94cd9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 25 Jan 2025 05:53:46 GMT
css
fonts.googleapis.com/ Frame 2F00 		4 KB
751 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 Jan 2024 03:24:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 01:39:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Jan 2024 03:24:40 GMT
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2F00 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 01:37:02 GMT
x-content-type-options
nosniff
server
cafe
age
6458
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3057
x-xss-protection
0
expires
Sun, 28 Jan 2024 01:37:02 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2F00 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 20:03:50 GMT
x-content-type-options
nosniff
server
cafe
age
26450
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sat, 27 Jan 2024 20:03:50 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/6038397779503263174/ Frame 2F00 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6038397779503263174/6592766407814317453
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4bba8870cf94fc31ed157c03fa8f9c13620e2f15cc6a7d26251c8558627441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 24 Jan 2025 20:34:51 GMT
date
Thu, 25 Jan 2024 20:34:51 GMT
x-content-type-options
nosniff
age
110989
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31983
x-xss-protection
0
last-modified
Tue, 29 Aug 2023 11:08:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/18313384183233057358/ Frame 2F00 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18313384183233057358/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
330ac8eedc1311969de6292480e2810d201c8f067b303f19b944ee881eb557c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 25 Jan 2025 06:16:25 GMT
date
Fri, 26 Jan 2024 06:16:25 GMT
x-content-type-options
nosniff
age
76095
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2039
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 16:54:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 2F00 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a8d2582902ec338d24026190d2102df55a577b780a02484f91947daaa6a3040

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1734083426458124&correlator=2483166414304806&eid=21065724&output=ldjh&gdfp_req=1&vrg=202401230101&ptt=17&impl=fifs&iu_parts=28687765%2Cmynet%2Canasayfa%2Ckule_sag_120x600&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=160x600%7C120x600&ifi=23&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D61adaafcd0f89351%3AT%3D1706325879%3ART%3D1706325879%3AS%3DALNI_MYYT4xoHRn0Ew4K67KwwZw9FH7Fug&gpic=UID%3D00000a098b45138c%3AT%3D1706325879%3ART%3D1706325879%3AS%3DALNI_MYyMY7voGEMV7vv6zT_RppnhglA0g&abxe=1&dt=1706325880985&lmt=1706308809&adxs=1440&adys=130&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=n&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwbz-tavnsz.net%2F&vis=1&psz=1600x15291&msz=160x-1&fws=512&ohw=0&psts=AOrYGskWSG0_UpH13ri5HrEBwxNZDee1YuVEUpKCtASd6YvLiV8aSHqbIi3ftPRmC6795XeZZIoHsXeExmLap2l7YwzuYCkKQPTcI3pcQW7IfA%2CAOrYGsnmwQyWtUC-SnJLzF176Bb61wDfFevfrMk8MO8rUlg-84CnAjOwb7cfYriaLo1iwB0AeKFQ_X8LPN3HVGCNBLdBx6wg6PUzrubKZQMAtQ%2CAOrYGsky6LysB6_Kx4_vbkV09qwm6c--DNtCY1aJvYWCe6xnGs7YOFhs6X8q2ImayI0s1BnWEEkjFGwg_MGNq-sb9QoPsFB2bFFvPZpxXOI%2CAOrYGsk1OwIvS9qTdD_2OkiyWLuN44Q1fl8n2LyqFN0CcjpDL6zx3dhRU_JEkif4nIYwgoghDf9xmo1Lrclk30LfyWNumiCIkDapNbBtNqU%2CAOrYGslNGiZUEIvqic2UCSpo7KCqMO0KlhcelXMhiT9XqT_6BwJ_SytAIH8xFNZAIHuIhS__1-6Ttw0G-urAmqM7SFn66KMsdFCJ2c3yE5fPxg%2CAOrYGsnbTt_pOD-Fp6wPoRLbhB2xBkZA_VJooxOvzLnAbSsldKatcpgU_V2k1uPM3L06jvmkuqKuuudO01GpL53nIBWenVFGN001yykQFG4%2CAOrYGslXwrIo_C7KRZtdMZpS7Liw9mPwFqyVAKmFC1mCbyHctmGzISGK6ZbWRFo0hXv9YPqkPN-d0h5YSbR7rOqpobyYLPcj_PY-VWnHLHM%2CAOrYGsmko5cIy9SfTOG2KORiafoh0q0tPBLxUM8luQuTk8oIZTEPPW67DtX8jfl_SsOIVE2Lvzu_4Ha2xqhIntY6mGX__trhu4saH-nWkNI%2CAOrYGsk2IUfb22Y5__4lMbb2vph7mBfNFX2HE1C-r6lp0wuoz0ZBWu4jI_-FL9rpmbYZMnR-iJumLTvmfldpMy-3y_PUy4k_ksbrCUoJ8Gg%2CAOrYGskZE8t4SGOAmH9Gxv26O9qjbf0FB0I1FPsi0Qq_bZnnv2UCpE9QSMDJs4EK9g9kXYUJaq01wOWKOo2PXHZziR4DkE9gt2Iaj9WUnMzDJg%2CAOrYGslJaJYKXG3QOzYMfCIXRt8XFtZ6_Du6vw8yVrh2O6cURf-TkSR-_8ptlGGXwCLeAL1E3vGPSNix3z1ClAFI6yGv0--uAztCI7jaU5I%2CAOrYGskO_C6flClJgW7mlNbR6igiYxHCwVg2tg0KNGktx1NoLy5OOppD2iEboe9RD5Wjv3WzzcuzIbIpwVfhDfoOcdFAsGvoonjgUVh1Nj4%2CAOrYGsmJRUsLa-9oF1ddCeAGuY0WZqo8cPv8EgjgW4dJo2t5drCWOK5lG0x5QUf4UMfgY_gfXhu11gX2W8Oh_HrTz6-q0wm64ZTl6vRKjR8RBQ%2CAOrYGslqT7ZcEkqHyww_TUvwINcZvUa4PQ0pNuTW14j_EWk88Zgj63_K7OwFbhBEqvMlT0IMwZ0lVbpaj5ByDnS9BJih54P9FtSaAHDzwWElLw%2CAOrYGskMmvsBMy9CA8tkYrupUjCnji2KkCFN5gJCu2mE9TmtYqRBohH-xxtppUiEQHgF0cyByP-pkw3_7TJMGDoN8nY1EmJNzFgxYWM-axZ-jw%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslI8TD17AASsFmJuTIuSuZMfyahlU-tcjFujUlxEc75FUg7PNLMnfNYpGTttvcRmJXTi-Cx4YFCtCmE7V1ugHT0RT_30p9SrRmMGsg&ga_vid=267516988.1706325880&ga_sid=1706325880&ga_hid=379957345&ga_fc=true&dlt=1706325877825&idt=506&cust_params=mynet_servis%3Danasayfa%26mynet_kategori%3Ddefault%26keywords%3Dnonloginuser&adks=37718305&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2eec5afb214dfaa8b0d71e0a4f96527842db15f908120e94fe6d74fbb6f3d939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:41 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11422
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2F00 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wbz-tavnsz.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:57:43 GMT
x-content-type-options
nosniff
age
77218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 05:57:43 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2F00 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wbz-tavnsz.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:03:44 GMT
x-content-type-options
nosniff
age
76857
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 06:03:44 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0F05 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:57:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
77232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 25 Jan 2025 05:57:29 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0F05 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 03:24:41 GMT
css
fonts.googleapis.com/ Frame 11C6 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 Jan 2024 03:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 01:39:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Jan 2024 03:24:41 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 11C6 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:53:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
12643
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 23:53:58 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 11C6 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:53:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
12643
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 23:53:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 11C6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:53:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
12643
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 23:53:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 11C6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:53:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
12643
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 23:53:58 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 11C6 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 03:24:41 GMT
5ff8bb2821e31fbf08fa14f5007a6efe.js
www.gstatic.com/mysidia/ Frame 11C6 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:09:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76540
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15476
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 22:40:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 06:09:01 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9F12 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJua-AIQlvKwnAQY7pDZ_QEwAQ&v=APEucNUFng_ErAh0t725F5IgCYX53TWAUukRTU_h4q7cKsdXvOQzj_5gZVdYx3-6u7PLkmKEx-Zwda27B2jja1FN_5j1A8qrAw
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 0829 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
Origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:06:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76715
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 06:06:06 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 0829 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:58:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
77160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 05:58:41 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 0829 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:02:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
76940
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 06:02:21 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0829 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:59:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
77103
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 05:59:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 0829 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:53:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
12643
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 23:53:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 0829 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:53:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
12643
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 23:53:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0829 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CbX-H0k8aYaPJ1Hkq47dQQ8aZaiWWE6dflMHmihs_ISUYio__6J8UA2xEiAzAORbuNYCjfwcUQFjqyB27P1_7qC8ZV4J1gIVxfTOy0fpzXWu8ambU
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0829 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 03:24:41 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A86E 		624 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjK1cjdATAB&v=APEucNU2UDZUVorNtXKr2ICdBV2MAV1J7hOMfYv_m7YVvP4n5xZjzDWNybzOoHCTVAzAIHLm7AWe5CV9Ik9FvWs5rbn3QIoCJQ
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 568C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:02:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
76940
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 06:02:21 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 568C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:58:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
77160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 05:58:41 GMT
view
ad.doubleclick.net/pcs/ Frame 568C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsutHGDLD_LzbakQeqWnWL3mQI3Ra9nTfmyVvKtPM0AHr03Gv6rQoZgNTFT0fEDbFFed_9544c5zDP_npJv_H_Y_y4JZnoVs_fs0lVjwC8fL3rHONe4C94NOrYqjvgnwll3hJbacM_SdBDP8PVVOitmnZZFp69_aeqL-52TJtWhI4HojFKuVUOFPk_9g5waQ5FFQ5CXHYQtYJcSIPhLe25FI7_SyLyAgmqcgStnFYmyoLRoM92Ze_9nT6zeNSF6fn180p7IuUqg3xsJQCRXRqhq3baqP5am2pa0ISOBfQA6Vki9ywjK7FBKPnC1ESc5GwEoxMH1CM62Dkghd7QgZe0K4xXSrJIrxWP2eYZLzWV0PfuuT3Vx7WMswSQUzpxYdrTsEnPmGbiNr24UGrAwBrehfJtRcloY-cg7qsk3pYABxwBIB_LHo77lcJL4t_KYctkHWAjKD866omPG2oF2Sy1x4j8SQM4A2H001rRpUDCNyBKQzxEwOGs_fb0z04oUh5ZnaTXtaZf0nSB3D-hc5UMU1v31OUIhnhASMXRhQCPOP9gBy2FpmP24LYta-8JNwNG_C9NfPda_vrsV-7p0UHFDr2ZRDgVMt6hKZtGxUV0BbPWoZzaDzyuYeOn1BVrqnUaGdcl38LxZnOW7i-bHTKjxAvE_pMmCf-V_9KsI6hf_j5Jr0q3rW1buyMDkbEmMBMdo7pZ22vNh88dCFUifa5_QJfu4JkO4v7NUoWDr2NTvJ5SgsyVEOkU6zsra0z7VPmz-4v3iWk7969eFdUOzbU00snnh_D9YseJ1u4wsBD9F2c3YXxL6LaFUPOxVxzAfaE6k-pM5Ywqau7sY2yYzOQdlvfLais0Xul8jMwW4fRp5-aa0qpfy-Zq9xW-WYS5Ma6ZccVwB8Z07hGkLwlDi6zZVBNMyM93b2Y5HTvBSMEZV3vud6x7UsA1dUTSnxyaHZNuRbGl4Bj_g-BHeR4b4U9gd8yN9T1OKN4N-KbgHTYk6isnDHhHVnPguDl_sU5ShratEsjZ3U9Oyahzxx-bMdnTEe_Di9mCXccbw-MxWxPbLOr7gxgvOit8w-zNhyxw5To7zC2R6O-kiSGfW-y1UWuQFkcwt4UEwZ-qmsL8NhoXKyptCFDkcGjsYL0wOQwycld7xDe3D3dXcW4hXuUCkRFkeo9IToRzyhawj47Y-ZAPjpvH7_GSI6_A-82dO-4SbGKsTuEK1zPaYzkRTzjJYoJTh9yeTm_4lrRF4d5D45g7V9906Vv7uoyqeFJWCU3mT80iak0hpLvTTOzGc9R14fby86UPe0IAbao1kxAdf61JKEEZG3I-6kVyZxEvuj3FYX-ez-bxkfAJ-EANHnqET3pIA&sai=AMfl-YQLwZX3Oan1dkTr5A9XLovfuGXH4g1zkZ0-Ga5DycjuOaiqX7LVvsC99MW89MSDk69QSjORTKTk47sofJ0xC2vKM1vw1RBNancoQulvQqTPGFuMXAA2Vsl4Rj0rrJu7jY-imlqfJdEdCOEjgYIATTmVepv3hAW7Xt4g2dFQ-auM7PTTMeqhVe7TZHOvDh-O5i01Qot0c7_un5VZgTLk41uvcQo3rMi4S-DBjI6JzMga2IFk28xVxdT32KOUsJNxJxTm9GGgmTGCAdYOpvg2QBpyMGSgOaPXowSLhEwV-ktCQK5QfUWOHtm7nCAs0FMHqCZ2ewHBngXx_7gwv23X0tDpyCIbrPAuYxVnT-AkjH_T4vp9kDaAxHEPKJ3jApvldOGBGXiC40bPpgynVzwmKzoLtz0FclOQVyGllOdQyfQG4bp3v5HFNtzMpmver6GJrNl2Lldz9m6Zur9jjUuTEnK5fYq52-RSoxoGR7kZTT9rJ9-9bw-ycIXs8IBedzFz6bg-AQ&sig=Cg0ArKJSzEqC1WuuQ-lzEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9maXZlcnIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240122.77446&arae=0&ftch=1&adurl=
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 27 Jan 2024 03:24:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 568C 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:59:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
77103
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 05:59:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 568C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:53:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
12643
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 23:53:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 568C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:53:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
12643
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 23:53:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 568C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AFB5-8oDxdGLGAyLxJVDoyMPyBGIL_joMaWp6soNyWmt8vV3NwZFbSsTPYH5x-OilbP2ZOAbU_YkIYEwP8SGVy_BzNjBwZ6Nn3PO56TshNxUl0J2I
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 568C 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 03:24:41 GMT
3220453402618369976
s0.2mdn.net/simgad/ Frame 568C 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3220453402618369976
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf3a9acf57d42999f72ea2b8c89fb8f3099e345c722fa6f097b1e07426cd1d5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 25 Jan 2025 06:07:27 GMT
date
Fri, 26 Jan 2024 06:07:27 GMT
x-content-type-options
nosniff
age
76634
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71236
x-xss-protection
0
last-modified
Mon, 30 May 2022 12:30:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2121 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:57:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
77232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 25 Jan 2025 05:57:29 GMT
showad.min.js
static.cdn.pixad.com.tr/showad/ Frame 2121 		68 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cdn.pixad.com.tr/showad/showad.min.js
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:658 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b05c10a4a81f50f8208f2a1c4e540120e49cc08d042a0ec774e6f2890c9a8344

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
718
age
2288
cdn-storageserver
DE-662
cdn-cachedat
01/26/2024 09:42:26
cdn-pullzone
1145655
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 26 Jan 2024 09:39:55 GMT
cdn-proxyver
1.04
cdn-fileserver
567
cdn-requestpullcode
200
server
cloudflare
etag
W/"65b37deb-10e73"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQRRAAfAqrr5BqZGEwlkVaYiFNtkJiqVGiTecbc1lTpsQE81jmzFwTKpl2jhXuMfXwOp%2F48wYmkruppdWevTZimLBJXGUXJwQ%2BBobzoouu9Cm37B5t1v3oqP%2FUiaziY%2FoQvbSbPnUXX6A3GF5wF8qfoE53O2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
e7d0f040-08f3-443e-a640-656beb6c8b3b
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=14400
cdn-requestid
97b83ef31d1205d10b19c03d24ef61ea
cf-ray
84bde255f9518cbf-EWR
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2121 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 03:24:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 14C3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
54138
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 12:22:23 GMT
expires
Sat, 25 Jan 2025 12:22:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A552 		829 B
1000 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a1deaa2463a9b9e2f7fca14eccef98c030b0af2ced39220eceda6fb3654b4b04
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JTz7DmX6CeQCkXuFDBlAMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-JTz7DmX6CeQCkXuFDBlAMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:41 GMT
expires
Sat, 27 Jan 2024 03:24:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
data=n6WM6OQbvEK8TDFSGzSkBDOfC7mo1M8YXFM7z20DeVPQtxp25239ZImpCTqa2udxOWow0ryMqy2re7fMMDQumWhf6vaB4Bdfhskznj7hZ9J6B1TlmXDwIfndPQ
mts0.google.com/vt/ Frame 11C6 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mts0.google.com/vt/data=n6WM6OQbvEK8TDFSGzSkBDOfC7mo1M8YXFM7z20DeVPQtxp25239ZImpCTqa2udxOWow0ryMqy2re7fMMDQumWhf6vaB4Bdfhskznj7hZ9J6B1TlmXDwIfndPQ
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
f51b6be7724eefc74e784dc166d5e38ec28e3638b30aa3f5b2d21dea6c00161e
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
date
Sat, 27 Jan 2024 02:44:25 GMT
x-content-type-options
nosniff
age
2416
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47107
x-xss-protection
0
x-server-version-bin
CggIBBC+v8itBg==
server
scaffolding on HTTPServer2
etag
021e10f95928a2034
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=3590
expires
Sat, 27 Jan 2024 03:44:15 GMT
truncated
/ Frame 11C6 		244 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 11C6 		333 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
yj3ye58j5v2aylbdfaj08.json
windsplay.com/c/ Frame F0C7 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://windsplay.com/c/yj3ye58j5v2aylbdfaj08.json?cb=1706325881254
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=7077411706325880833
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.152.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-152-115.atl58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
674c1c11a195dbdc15f1e67ced3a6f51e0d568403baa7429e18cbfc94cb7745b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
rxeGm1KM2jdfusQPbvwXmLnf.WEZq87h
date
Fri, 26 Jan 2024 04:24:21 GMT
via
1.1 a885eb556f2f9dcdd1db3a1d56512f8c.cloudfront.net (CloudFront)
x-amz-cf-pop
ATL58-P3
age
82821
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1838
last-modified
Wed, 27 Dec 2023 17:39:04 GMT
server
AmazonS3
etag
"e1793ac3aea2ca234315b44c42338cbe"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
2Rvi8ztL3GuoUAcUde5kOx2SUFmOvym6tn1e3Vx0p-IVOqV-lzHftg==
truncated
/ Frame F0C7 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
290f87df1e9a62e2fe6feed98d939d3f5ef0b69ae5f2349391e383c319209df5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame F0C7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGENiMEiJw-3iRdTxNKN-D5LusETB-HyJD7dUC1T5EOhrGGvPvzUiYhLL2vTnOwhpmWnVnEHQvMDEUk1elD3cGko0cgnURvfHMxzoBz_A5wqOCCNtsMt2U5tRKHR_ttxeI0tBif_A8bmwnobz0NqLpEdPySvUGG91HniRC4muQqBI_t-gwSJXieS7EmWZOLUXk8nSvwFM9IsVaRqAQO9-FZlrVjShpqUj7irIjaRbXFx1CNNwPnS0AhtK3achZp-w5aawAKHCT2MeKPcCxsVU0aQ0AGj9pfv3xfoij0Pgx7LkbPTJoipkgumEm38Nfd5D0hZ3EppEdqCfenprPVpYwlc-Fk75JF0maEBkNgb8DVS5AWOMjxnqtSN8_dhSjzOFfeZDNl4-JMQ&sai=AMfl-YSEPJvfM6-6DcpgV_KKznOpcsuKBO_SUbP9fIltOHEpNM4Z8UgDZWetS-_j0vH9DiPUSRrxKsTwh-A4xnUhmZpE-HqvoKTA0uQ283SpTC-DixVEm00B35MPgHf-t53unnVhuLNPWECxTVeMoA7qYlY&sig=Cg0ArKJSzCkLwhl2abIKEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 27 Jan 2024 03:24:41 GMT
view
ad.doubleclick.net/pcs/ Frame 568C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsutHGDLD_LzbakQeqWnWL3mQI3Ra9nTfmyVvKtPM0AHr03Gv6rQoZgNTFT0fEDbFFed_9544c5zDP_npJv_H_Y_y4JZnoVs_fs0lVjwC8fL3rHONe4C94NOrYqjvgnwll3hJbacM_SdBDP8PVVOitmnZZFp69_aeqL-52TJtWhI4HojFKuVUOFPk_9g5waQ5FFQ5CXHYQtYJcSIPhLe25FI7_SyLyAgmqcgStnFYmyoLRoM92Ze_9nT6zeNSF6fn180p7IuUqg3xsJQCRXRqhq3baqP5am2pa0ISOBfQA6Vki9ywjK7FBKPnC1ESc5GwEoxMH1CM62Dkghd7QgZe0K4xXSrJIrxWP2eYZLzWV0PfuuT3Vx7WMswSQUzpxYdrTsEnPmGbiNr24UGrAwBrehfJtRcloY-cg7qsk3pYABxwBIB_LHo77lcJL4t_KYctkHWAjKD866omPG2oF2Sy1x4j8SQM4A2H001rRpUDCNyBKQzxEwOGs_fb0z04oUh5ZnaTXtaZf0nSB3D-hc5UMU1v31OUIhnhASMXRhQCPOP9gBy2FpmP24LYta-8JNwNG_C9NfPda_vrsV-7p0UHFDr2ZRDgVMt6hKZtGxUV0BbPWoZzaDzyuYeOn1BVrqnUaGdcl38LxZnOW7i-bHTKjxAvE_pMmCf-V_9KsI6hf_j5Jr0q3rW1buyMDkbEmMBMdo7pZ22vNh88dCFUifa5_QJfu4JkO4v7NUoWDr2NTvJ5SgsyVEOkU6zsra0z7VPmz-4v3iWk7969eFdUOzbU00snnh_D9YseJ1u4wsBD9F2c3YXxL6LaFUPOxVxzAfaE6k-pM5Ywqau7sY2yYzOQdlvfLais0Xul8jMwW4fRp5-aa0qpfy-Zq9xW-WYS5Ma6ZccVwB8Z07hGkLwlDi6zZVBNMyM93b2Y5HTvBSMEZV3vud6x7UsA1dUTSnxyaHZNuRbGl4Bj_g-BHeR4b4U9gd8yN9T1OKN4N-KbgHTYk6isnDHhHVnPguDl_sU5ShratEsjZ3U9Oyahzxx-bMdnTEe_Di9mCXccbw-MxWxPbLOr7gxgvOit8w-zNhyxw5To7zC2R6O-kiSGfW-y1UWuQFkcwt4UEwZ-qmsL8NhoXKyptCFDkcGjsYL0wOQwycld7xDe3D3dXcW4hXuUCkRFkeo9IToRzyhawj47Y-ZAPjpvH7_GSI6_A-82dO-4SbGKsTuEK1zPaYzkRTzjJYoJTh9yeTm_4lrRF4d5D45g7V9906Vv7uoyqeFJWCU3mT80iak0hpLvTTOzGc9R14fby86UPe0IAbao1kxAdf61JKEEZG3I-6kVyZxEvuj3FYX-ez-bxkfAJ-EANHnqET3pIA&sai=AMfl-YQLwZX3Oan1dkTr5A9XLovfuGXH4g1zkZ0-Ga5DycjuOaiqX7LVvsC99MW89MSDk69QSjORTKTk47sofJ0xC2vKM1vw1RBNancoQulvQqTPGFuMXAA2Vsl4Rj0rrJu7jY-imlqfJdEdCOEjgYIATTmVepv3hAW7Xt4g2dFQ-auM7PTTMeqhVe7TZHOvDh-O5i01Qot0c7_un5VZgTLk41uvcQo3rMi4S-DBjI6JzMga2IFk28xVxdT32KOUsJNxJxTm9GGgmTGCAdYOpvg2QBpyMGSgOaPXowSLhEwV-ktCQK5QfUWOHtm7nCAs0FMHqCZ2ewHBngXx_7gwv23X0tDpyCIbrPAuYxVnT-AkjH_T4vp9kDaAxHEPKJ3jApvldOGBGXiC40bPpgynVzwmKzoLtz0FclOQVyGllOdQyfQG4bp3v5HFNtzMpmver6GJrNl2Lldz9m6Zur9jjUuTEnK5fYq52-RSoxoGR7kZTT9rJ9-9bw-ycIXs8IBedzFz6bg-AQ&sig=Cg0ArKJSzEqC1WuuQ-lzEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9maXZlcnIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=152&vt=11&dtpt=150&dett=2&cstd=0&cisv=r20240122.77446&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ckbqREs5qr54oMaKlgYj8u.js
sc.tynt.com/script/sc/ Frame BA0A 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.tynt.com/script/sc/ckbqREs5qr54oMaKlgYj8u.js
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87301f139a48566970a0a3796f7d58f388a16b35485a324b9dc69c498893fc42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
335617
status
200 OK
x-xss-protection
1; mode=block
x-request-id
bddee357-2f5a-4897-aae7-f3126f5d8aa8
x-runtime
0.002593
x-content-digest
809511492e5d2a4d94fad6c4ad28f9b6d7c9c6fb
last-modified
Sun, 21 Jan 2024 15:05:49 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600, public, s-maxage=172800
cf-ray
84bde256cf9f6a57-EWR
x-rack-cache
fresh
expires
Mon, 22 Jan 2024 11:42:50 GMT
formats.js
ad.lkqd.net/vpaid/ Frame 587C 		118 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.252.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.252.110.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
kRb_6lIM7vGn2mHrF3sz595hzJKQa2LK
via
1.1 google
content-encoding
br
date
Mon, 08 Jan 2024 20:44:55 GMT
x-amz-request-id
MJ0GGGC3BSX03MDP
age
1579186
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33641
x-amz-id-2
uAnE97E3M8/ocBvmMYGFMWNC2OonkdCRaN0Et7nzm/hNddCaqGMbeANgdgfjVlhbS/U2BDW0hPA=
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
server
AmazonS3
etag
W/"286704660baa2c113268f28385080796"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=604800
accept-ranges
none
formats.js
ad.lkqd.net/vpaid/ Frame 1C0E 		118 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.252.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.252.110.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
kRb_6lIM7vGn2mHrF3sz595hzJKQa2LK
via
1.1 google
content-encoding
br
date
Mon, 08 Jan 2024 20:44:55 GMT
x-amz-request-id
MJ0GGGC3BSX03MDP
age
1579186
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33641
x-amz-id-2
uAnE97E3M8/ocBvmMYGFMWNC2OonkdCRaN0Et7nzm/hNddCaqGMbeANgdgfjVlhbS/U2BDW0hPA=
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
server
AmazonS3
etag
W/"286704660baa2c113268f28385080796"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=604800
accept-ranges
none
auto-user-sync
ads.stickyadstv.com/ 		43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 03:24:41 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1706325881622092-86
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=909811&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=909811&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=v...
43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=909811&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1706325881
Protocol
H2
Server
18.160.60.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-60-23.atl59.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:41 GMT
via
1.1 653d84f9cc1169ba3d5e97dfeed6b826.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
ATL59-P1
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
YZYDT0ybqVSAysIjyHowc-X0VOuJ8-0hM5rvWklPpGwIiOXrFmSMkw==

Redirect headers

date
Sat, 27 Jan 2024 03:24:41 GMT
via
1.1 653d84f9cc1169ba3d5e97dfeed6b826.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
ATL59-P1
x-cache
Miss from cloudfront
location
/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=909811&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1706325881
content-length
0
x-amz-cf-id
fhjpS7QA8uw7mIxV_wSjdu6bzJ53k9TCRIATNh8IR06LHKbHdIcpLg==
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=629661031.29650371383184453.35665554
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=629661031.29650371383184453.35665554
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26us...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26us...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=b24fc8fc-8b1d-531b-b0fb-873ed54ff047&ssp=vidoomy&expires=30&user_group=1&gdpr=&gdpr_consent=
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=5520a5b8-4f14-47af-8167-705984949485
43 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=5520a5b8-4f14-47af-8167-705984949485
Protocol
HTTP/1.1
Server
212.36.83.245 Sant Vicenç dels Horts, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb1.vdmy.dtic.es
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:41 GMT
Content-Encoding
none
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
43

Redirect headers

Location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=5520a5b8-4f14-47af-8167-705984949485
Date
Sat, 27 Jan 2024 03:24:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LRVIDF5G-1Y-53O3
43 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LRVIDF5G-1Y-53O3
Protocol
HTTP/1.1
Server
212.36.83.245 Sant Vicenç dels Horts, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb1.vdmy.dtic.es
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:41 GMT
Content-Encoding
none
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LRVIDF5G-1Y-53O3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
Expires
0
rum
dsum-sec.casalemedia.com/ Frame A86E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq_Pr4To7dODnMWl3SC4R8&google_cver=1
43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq_Pr4To7dODnMWl3SC4R8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjK1cjdATAB&v=APEucNU2UDZUVorNtXKr2ICdBV2MAV1J7hOMfYv_m7YVvP4n5xZjzDWNybzOoHCTVAzAIHLm7AWe5CV9Ik9FvWs5rbn3QIoCJQ
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6a8YUBjPyE5pyCFOE7I5Ryl7AEqCMvkWaCUQ%2BG1vRfpLH%2BIRYfZlKem2s22HJihG%2Bty2VGuxPbA%2F3dB%2FfYB1u9l%2Ba3YrfLxm07LjK6%2FZhMzvKCr%2BBEBF5gDFcY17ceWDRLRV4OE1fxJAw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84bde2574f6843bb-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq_Pr4To7dODnMWl3SC4R8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A86E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbR3ecQnBUX4gzpBRIBRpQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq_Pr4To7dODnMWl3SC4R8&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq_Pr4To7dODnMWl3SC4R8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjK1cjdATAB&v=APEucNU2UDZUVorNtXKr2ICdBV2MAV1J7hOMfYv_m7YVvP4n5xZjzDWNybzOoHCTVAzAIHLm7AWe5CV9Ik9FvWs5rbn3QIoCJQ
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJ5Qe478PJCZ6jIpEKVaBAGwTg5HNnNiB%2BckEtz3VZNLSaNyDq6bVlon3Ec8Ub3VB8kMnW0poawBm2JtHn3J7uG8c%2FUUERvfomcLXM%2FLi4RwNZKH8eA0ppA01DzojGiUMHRapdlG68CeNA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84bde257ff4ec47a-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq_Pr4To7dODnMWl3SC4R8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A86E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEL3mBGAjaaRP3SLJZb6k18Q&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEL3mBGAjaaRP3SLJZb6k18Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjK1cjdATAB&v=APEucNU2UDZUVorNtXKr2ICdBV2MAV1J7hOMfYv_m7YVvP4n5xZjzDWNybzOoHCTVAzAIHLm7AWe5CV9Ik9FvWs5rbn3QIoCJQ
Protocol
H2
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:41 GMT
an-x-request-uuid
540de8bf-6531-4973-ab10-65287f0dbaff
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEL3mBGAjaaRP3SLJZb6k18Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A86E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk4NzE0MTY1OTczMTk4MzA%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk4NzE0MTY1OTczMTk4MzA%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjK1cjdATAB&v=APEucNU2UDZUVorNtXKr2ICdBV2MAV1J7hOMfYv_m7YVvP4n5xZjzDWNybzOoHCTVAzAIHLm7AWe5CV9Ik9FvWs5rbn3QIoCJQ
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:41 GMT
an-x-request-uuid
7e90f15e-cd47-4185-b2de-0cee317aa5a6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk4NzE0MTY1OTczMTk4MzA%3D
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9F12
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq_Pr4To7dODnMWl3SC4R8&google_cver=1
43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq_Pr4To7dODnMWl3SC4R8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJua-AIQlvKwnAQY7pDZ_QEwAQ&v=APEucNUFng_ErAh0t725F5IgCYX53TWAUukRTU_h4q7cKsdXvOQzj_5gZVdYx3-6u7PLkmKEx-Zwda27B2jja1FN_5j1A8qrAw
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kxAXP3G7jJyy%2By5XT16I1hjgkqOWabpnIHFRoJzRTRNG3rvGbo%2BUNpYKfKsrgqk5%2BHq3ZLSvVMKMygCLJoU3epomXgJMNl3fpNTxqpftAG3%2BffJN%2BJSLaLDG7RYJljuW43BLL6umdrLrcg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84bde2574f6a43bb-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq_Pr4To7dODnMWl3SC4R8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9F12
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbR3eXl.HFQGCwnPjyN2EgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq_Pr4To7dODnMWl3SC4R8&google_cver=1&google_hm=2
43 B
777 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq_Pr4To7dODnMWl3SC4R8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJua-AIQlvKwnAQY7pDZ_QEwAQ&v=APEucNUFng_ErAh0t725F5IgCYX53TWAUukRTU_h4q7cKsdXvOQzj_5gZVdYx3-6u7PLkmKEx-Zwda27B2jja1FN_5j1A8qrAw
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQyu3JG1P2ZU24T4uMAGkCc%2BaVRBJ30v%2FUB1K%2FpHuBDCNXJOXZ9w7nc7MsBYMVt%2FmuKdauYtIysYfAF84wFHQsDDTGdV%2BvqkXeoCCr%2BHDjOOw7SN1wQDGTtm%2BvvuYf9GN%2B9ky1IvbWoItg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84bde257ff4ac47a-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq_Pr4To7dODnMWl3SC4R8&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 9F12
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEL3mBGAjaaRP3SLJZb6k18Q&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEL3mBGAjaaRP3SLJZb6k18Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJua-AIQlvKwnAQY7pDZ_QEwAQ&v=APEucNUFng_ErAh0t725F5IgCYX53TWAUukRTU_h4q7cKsdXvOQzj_5gZVdYx3-6u7PLkmKEx-Zwda27B2jja1FN_5j1A8qrAw
Protocol
H2
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:41 GMT
an-x-request-uuid
0e3cf1fd-54cb-4f4f-8782-92493522c303
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEL3mBGAjaaRP3SLJZb6k18Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9F12
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU1NDExNDU4NTk3NjI3MTg1MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU1NDExNDU4NTk3NjI3MTg1MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJua-AIQlvKwnAQY7pDZ_QEwAQ&v=APEucNUFng_ErAh0t725F5IgCYX53TWAUukRTU_h4q7cKsdXvOQzj_5gZVdYx3-6u7PLkmKEx-Zwda27B2jja1FN_5j1A8qrAw
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:41 GMT
an-x-request-uuid
b7d0ed4c-a148-4450-bfce-0672c21642da
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU1NDExNDU4NTk3NjI3MTg1MA%3D%3D
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bulk
trc.taboola.com/mynetnewtr-mynet/log/3/ 		0
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/mynetnewtr-mynet/log/3/bulk?tvi50=10882&route=US%3ACH%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240125-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
23
date
Sat, 27 Jan 2024 03:24:41 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
23141
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-lga21946-LGA
pragma
no-cache
server
nginx
x-timer
S1706325881.449183,VS0,VE23
content-type
image/gif
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
p
ic.tynt.com/b/ 		35 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=ckbqREs5qr54oMaKlgYj8u&lm=6&ts=1706325881513&dn=RCIV&iso=0&pu=https%3A%2F%2Fwbz-tavnsz.net%2F&ct=MYNET%20-%20T%C3%BCrkiye%27nin%20lider%20-%20haber%20-%20oyun%20-%20spor%20-%20magazin%20-%20sinema%20-%20portal%C4%B1&t=Mynet%20%7C%20Haber%2C%20Oyun%2C%20Video%2C%20Spor%2C%20Bur%C3%A7lar%20ve%20fazlas%C4%B1%20sizin%20i%C3%A7in%20burada&chmob=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:41 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag
"4bc8846c-23"
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-length
35
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
view
securepubads.g.doubleclick.net/pcs/ Frame 0F05 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9jscBeKXB7swMnA8a3GPgjIHtOG30NQrxNU6VEWvXXeRJRjdTxYUil3V1EYTTqix0pdcuFuBWapKMjtJXWP3fs7RvzhaPcIyY4AJIhyMvIs0zn7H4F-hfegUej59ZPsAChvUNnGKeDS58-cSCgj-6rHRzHENNTfQgtBde1fOACSh6qU8Vy-gX-UvivNB2Bn3KkR9y-hgvRLjm4Z9VBhXG0qWBkhCSrZLepsvAw1EdLorOXGAjVKiZlVDhMuPdM-W1uaQQphkydT67JrgYhIPprd6z_ZwBnpW3kRtzYk-Ki4-XcKPpR7hgE4mE_jAo9_lqJBZPWDYAQjB6osbXp2A35CbdZ3Un37bCnbu7hvce_F-nfkf8B6CpO8F-nCVSLzkV8xO0&sai=AMfl-YRrwt9tz0j3Vr1BuMc1Yf4fbjWZM_iCXPs25seLIHALL9XM_SqZZO4PaMPTg9GDZADVmR_BN8foOurDBRL3JpJN2Ry3SueL1r7dMsqRaCKg2Nby29v90ou-FI2-2q4a7L_-EIPQq1hV13VYrC6jIyc&sig=Cg0ArKJSzMNJZI6wy2SaEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
siab.js
cdn.tynt.com/ Frame 0F05 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/siab.js
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89be99b9f1c2eaf66055e87d96e907811dd2df193fff43ea6ef39d7d52bd8a10

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 15:09:01 GMT
server
cloudflare
age
77709
etag
W/"651ed18d-611d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
84bde257b8716a57-EWR
expires
Tue, 30 Jan 2024 03:24:41 GMT
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2F00 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 01:37:02 GMT
x-content-type-options
nosniff
server
cafe
age
6459
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3057
x-xss-protection
0
expires
Sun, 28 Jan 2024 01:37:02 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2F00 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 20:03:50 GMT
x-content-type-options
nosniff
server
cafe
age
26451
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sat, 27 Jan 2024 20:03:50 GMT
check
ssp-service.pixad.com.tr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ssp-service.pixad.com.tr/check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84bde25888ec43a0-EWR
date
Sat, 27 Jan 2024 03:24:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Smc7Kk1sJml8REn6vD8zREF%2BiXIXWFIfPKRNQhMwTbmyxDwDW5Dw2ghrZRF%2BwlPyHz%2FXomWvEDV9g6CAADQ7DqL28qJYFMkyLAbAvO3sdCQxCQDf0vwe8o9y41WDyYGc8ktpbSpuF1oHsfgtW0a7kaiMMt95aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Access-Control-Request-Headers
working-on
pixad-k8s
view
securepubads.g.doubleclick.net/pcs/ Frame 2121 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRGXfM0j3-f-T2R5t7em00FZXSQLi4XPqrMYYkjxLA3GCmPGtZjeTGg97RFTxT844Zvjqxdm4RvWLFVRL_Dw8U4QgqOF5pynnxuCb74vTElcAEdRDFjL9JxtRrIN9TZ9wLBjYYxrJGVp0IL9hmQfv7baIwMd9jUIOhZU3lvJOSpAtDMuEVaSIfhdyL0vn6bqe8X2MEvMEMu_IrmwZrpQrAWd-4YypyY6u1CBNLFJEml0JDnE-PG_k5SEa13lB4jC1xsB0vHH2Z9ZfXJqhEvI_nk8zlTXpbT1swGJLIkXVx5lGXY3Bcyt6kYwFkh0ymKTFtUU1WxDX_siyUqN8LiTj5ltCBkgMuNVxnMvW_q_QhkQlUXUL79alaEIdscLiuWvnDHTGPGGLB7Ik&sai=AMfl-YSbVPH-wZ_BqtEa18l_dbMLu3Y7Pq0IPxYHlCuPGwAMvF4d9fpIy53vHDRLJEinoc3Rs8kwstxI5k8Y9aomxCgZOUTDKo4jzDrinePAlvT48-e51rTrl2ZKuoN0RedsJDC4V1s2HVi-0i9YcPWStng&sig=Cg0ArKJSzHC2nbm0pj4XEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
URL: https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
check
ssp-service.pixad.com.tr/ Frame 2121 		34 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssp-service.pixad.com.tr/check
Requested by
Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/showad/showad.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / pixad
Resource Hash
47072f1e6ae104c1fb2dcae8da2181b82c9b824902431c117e7c01c392dce774
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

working-on
pixad-k8s
date
Sat, 27 Jan 2024 03:24:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
pixad
etag
W/"88e2-G4Dz7TVU3ggEMbOXbudBhd6jXOk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLVSFxtAT4gCIHmFqO58zMRoqHryLjnrAG%2BtfCsjfwEHe1Xwbs%2BocVP2WzbBDRLEfPeHPqM%2FyNN1pqniPjwOb5wdqbHN5Y1V1sOR9JT2%2BnKmatBgw2tuHA%2BJd5SLIUhwcDDyToQzOvW1ibZeszSQwOv%2FWb%2BlmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
84bde25a5a7e43a0-EWR
alt-svc
h3=":443"; ma=86400
index.html
s0.2mdn.net/sadbundle/2907988793834914221/ Frame CD0E 		141 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2907988793834914221/index.html?e=69&leftOffset=0&topOffset=0&c=9SmZyYCT3C&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b8e5c8a13d677fb6c5065529452663141b011884d341d2ee21114a2c34bac77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:41 GMT
expires
Sun, 26 Jan 2025 03:24:41 GMT
last-modified
Fri, 01 Dec 2023 20:11:07 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 0829 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstOfAjdTKjx5viCT5WgXSdVh8IrIntfkm9dD8MNdDetYALDlMnmt_ljNQ0vrnuNO1U8v0pifP-37xgfQmSz3gT_MZS_AoDW5rlAbbP4GOGRRIwxX_Ff9DzzJTzExBNXnkESg8I3fcKpkHdQ5nIvMDKfBvvNErATdDHQ7QLnsKkZx3g-nQt8cx8sRuhicaTPThSAJYeAlgQQhTDs5lOj0hqrReL4pzxcOA87dKYPq8oO5tvo5uW5WyeJBvgpy7QQYJpouv2XdI8AQ42kCLUlv9TsuAzDkceBuFhPYWHZkhmSGRMscBTqskuLz0LXf0oPLyJCr0nb_GusdM7kzk_IwiKjEdmva1tidwi7VMgUvb0F3koneYY7f3dvT9UNSeRkRgV23neu2G8YLVC4T13QOB1ACL6eqXycIixydxRYMrmJDyeq5Pu28o3fNNwIP1Iyoz9QWq6rpuRnLIQH-agTagrdF76wpal1VLiNWtA1b-wAUVKuIIGFYtx2SM9XD6Uoy-Bs-qDiwS-wb8ROropYNaEOSbZ7VNEuNFG-aDjzdLX3WV-RE-hOYP3vssGAOjDA6h_GETEJczS_2h2cAlMl4agupsymRz7QJC7hKS5CjG5UQnKMDooqGAqxKqWKtT-L8bSwNxJ3HAT6lbaAkb-xq4GeQ91ypCe1ANTGsqrxVggpAZipRoiOzN1heZJcaJjiw_6PPOWgA6i8sgoSQ5nHOEDKoogEvO_Wqalpsox2hGtMbncj--u6QEnTC5Z2c3VQLGF6KDBddJYKiwa8cZlz2M7yn2KrMYdqCD5wPwKMH8Nq2IWBqjnd1H3H0l9t2QkmIDwd6FbhDsGTrcyp1YUFxIBfpmdeImbcJlwkW5ccrgumfo07RPbSwr8STEpEbdTaBKFbIgKwAAnX-yniHD_4t-RXnNDrfqc3S6CAl4n2SblUEAKyJHUcT5sXDVJkks2Wp-cg3C1afCipWeTcVKkmM5KjFp5SQ_aH7E7tzSKJQNDr-F-h7w6CSx2fQsSy5QjOSEOA27kDJsMJO6ldDmiIeC-XgEwUKs-UUclM_IXKrqHtOZAcu2cKhB907OtyoCAgJ9klSaY9ZhatkvOFRpgQ-rQQnut9J0hJvD4GLGtdi6KKwPVOB3ovTYRqwWBF5E-YC3dfRqGlqgvvPQSSuor2_Zt_aDtfCTEiXUOb2Se1cLSgv0aVO3IOoo-pPO2i1zc0p_AYZD1Tw0710G9MpwUzCZymehKX8UAzt8Kx7e_FURAjF65CmzCmP75mTT6XHpFNJJ_R7uIegvP0votePxp55pVeAsJ_w2qfKmSA-Pfsr5OLHUqi22ZnTLxDH9TeQmX9c3wb6dOnzAXjUxJKm5A2fRVw8eFGvzGJbwH8aVLlk9JA&sai=AMfl-YT0pZPVUx-xiyq7aAhhhDhS-fwgkEwChzl-x446NpKMBZynXzLSVdg3GBWbh1HmcDg9oNr3dZEUq1fp7CkggW8iQyy8C9GPV9z9QkiYm4oLwgotIEDvZrWvcS93qtd5eocogrdRugP-ONGzHTgItWzFdhLXXrVxwZb1nhmTgGVjHmTLh32NGHp0cB0ysUJySxe5dDFeUklbHAdO2NaSOG5GLMtuWMBMAzq9o7A3sfUR_wTWcIGXbMhdCysK5aO4MptHVE72VmiZk88YpkcQVt1E36J3Hcy_RDc5xMml3qUxKvZ1SomH_MQF5LzanBCitJQ5RB44NviGj6W4fNk_DPFjSib_8RRnAz4s-t8RH24ReTUZkTlaCo57WfjXNhcLYba2cbUJY9hW2ioSn0Sv_XtHk66n-iHU-huLRx0kSSB6XV1G17UDlDF4sm3J427AuYkgn2KuBM0CKZrkVbbVCh_Ajrsw6_Oh4_4kE7tVRrDVd_crhVpc8MWCWbrLw9Z91b9r_08&sig=Cg0ArKJSzJA_m6UVJN4SEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ldmVyYmFuay5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=475&cbvp=1&cstd=461&cisv=r20240122.22914&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 27 Jan 2024 03:24:41 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 27 Jan 2024 03:24:41 GMT
truncated
/ Frame 11C6 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0ba300e202bc07720b8262d0900fa60fa58b4cd2a61c094fb7a208d9d3f8a57

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012401091919000/ Frame 2308 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e874111442f36d488f5e4a7f742391a8c02b70c60b333454fe4f85a3b26e3d5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 26 Jan 2024 06:13:08 GMT
age
76293
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56104
x-xss-protection
0
server
sffe
etag
"cf7caf439f3410f8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 25 Jan 2025 06:13:08 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012401091919000/v0/ Frame 2308 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d79a688e4e23466eeee3ab0d7d3a99a0588b1aa1c7ae0f4fedfbd498c9022eb4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 26 Jan 2024 06:06:13 GMT
age
76708
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5212
x-xss-protection
0
server
sffe
etag
"d5f0e0ea1e5219b8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 25 Jan 2025 06:06:13 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012401091919000/v0/ Frame 2308 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36726fd194e9e08908bb49a382c3fe0b70ee41d480b09869b5aa70c81fcabe7f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 26 Jan 2024 06:09:30 GMT
age
76511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29119
x-xss-protection
0
server
sffe
etag
"7ed328db9ca95286"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 25 Jan 2025 06:09:30 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012401091919000/v0/ Frame 2308 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
643fe707091c6e32630daf29adabf146aea6096d30af0367bcddbe54c19bcad0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 26 Jan 2024 05:58:26 GMT
age
77175
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1910
x-xss-protection
0
server
sffe
etag
"b1b3f9c71858a21a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 25 Jan 2025 05:58:26 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012401091919000/v0/ Frame 2308 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
062e7c29b1c3e36f8684e7e298346efe23cd760daf282103361b0645d843c686
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 26 Jan 2024 05:53:46 GMT
age
77455
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12971
x-xss-protection
0
server
sffe
etag
"0e9793e292f94cd9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 25 Jan 2025 05:53:46 GMT
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2308 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 01:37:02 GMT
x-content-type-options
nosniff
server
cafe
age
6459
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3057
x-xss-protection
0
expires
Sun, 28 Jan 2024 01:37:02 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2308 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 20:03:50 GMT
x-content-type-options
nosniff
server
cafe
age
26451
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sat, 27 Jan 2024 20:03:50 GMT
truncated
/ Frame 2308 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5019e7824540e0911d52b32986b1e7a3758ba10122dca001b6404644e3782321

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
14050040951069834307
tpc.googlesyndication.com/simgad/ Frame 2308 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14050040951069834307?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmF9yRVmxHoADa2g1Yqh8rfBuFbig
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71aa7fcb701f7091226fb8638d1cf37f693ba4a749b89d70590933a31b577a79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:11:29 GMT
x-content-type-options
nosniff
age
76392
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23678
x-xss-protection
0
last-modified
Sat, 02 Dec 2023 00:36:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 25 Jan 2025 06:11:29 GMT
l
www.google.com/ads/measurement/ Frame 2308 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRe5bT8H71ei8qkaSSvUJE4P4qDHEWtDYCy1DWPQTCYd1JEnFa8f4DIrbgsiW54SPRSVTDclzcOLYURFnVcAQxSt7YeJQ
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
truncated
/ Frame 0829 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b791e33c6f800838e1a44adedd2b4de995daa09e7088e06d706ea2ecfe394fce

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 3E6E 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
76820
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 06:04:21 GMT
expires
Sat, 25 Jan 2025 06:04:21 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 2E13 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
76820
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 06:04:21 GMT
expires
Sat, 25 Jan 2025 06:04:21 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 568C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34763cea16553d52221f7a1fd359da3dd9794ac0c4a728af6ab053eb8e2f5275

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
/
s.richaudience.com/ex/ Frame F0C7 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=7077411706325880833
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.24.174 Washington, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
174-24-31-64.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
17a3413d639a5a535f4d66dd33249f5e286177e086e752eed8222f10cc809569

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:41 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
v2
de.tynt.com/deb/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=ckbqREs5qr54oMaKlgYj8u&dn=RCIV&cc=1&chmob=0&r=&pu=https%3A%2F%2Fwbz-tavnsz.net%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
d4848c50ab9d9657b83ba377e848e7485bc1f65a6dc7340b2f53692f16832c88

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Sat, 27 Jan 2024 03:24:41 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1347
expires
Sat, 26 Jul 1997 05:00:00 GMT
sic.js
cdn-sic.33across.com/1/javascripts/ Frame BA0A 		450 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-sic.33across.com/1/javascripts/sic.js
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Love
Resource Hash
c2a8f2e8029ca54c97e80477dcc7c884ed775613c42c1e5ed93479b7531ed28c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 Nov 2023 18:46:30 GMT
server
cloudflare
age
111146
etag
W/"65551206-707dd"
x-powered-by
Love
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
84bde25a7b6443ad-EWR
expires
Sat, 27 Jan 2024 04:24:41 GMT
v2
de.tynt.com/deb/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&id=ckbqREs5qr54oMaKlgYj8u&dn=RCIV&cc=1&chmob=0&r=&pu=https%3A%2F%2Fwbz-tavnsz.net%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
fb60e2977a05927766b7552bb7a37e5ae72e1c61112245138cd740c56c022b5c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Sat, 27 Jan 2024 03:24:41 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1321
expires
Sat, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A552 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401230101&jk=1734083426458124&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
usync.html
ad.lkqd.net/cookie-sync/ Frame A6D3 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.252.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.252.110.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
age
286600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=604800
content-encoding
br
content-length
1772
content-type
text/html
date
Tue, 23 Jan 2024 19:48:01 GMT
etag
W/"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 google
x-amz-id-2
sCWvnSYg4bDxSQ/ozzifZS1yXV/JBCe+c8U13WYV7hhm3WBxdsdGlOXHGSuCoW+Lo8dWca8/O7I=
x-amz-replication-status
COMPLETED
x-amz-request-id
HZKS495YFJ7ZTW7E
x-amz-version-id
NI253OTV2M5oCpTwsHBLVZgCVbG2a6IX
ad
v.lkqd.net/ Frame 1C0E 		180 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1181912&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C64027%2C1%2C&c4=true&c5=&c6=64027&c10=&c11=true&c12=&c13=true&c14=&c15=true&rnd=15609678&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
usync.html
ad.lkqd.net/cookie-sync/ Frame 2BF2 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.252.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.252.110.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
age
286600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=604800
content-encoding
br
content-length
1772
content-type
text/html
date
Tue, 23 Jan 2024 19:48:01 GMT
etag
W/"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 google
x-amz-id-2
sCWvnSYg4bDxSQ/ozzifZS1yXV/JBCe+c8U13WYV7hhm3WBxdsdGlOXHGSuCoW+Lo8dWca8/O7I=
x-amz-replication-status
COMPLETED
x-amz-request-id
HZKS495YFJ7ZTW7E
x-amz-version-id
NI253OTV2M5oCpTwsHBLVZgCVbG2a6IX
ad
v.lkqd.net/ Frame 587C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1181913&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C64027%2C1%2C&c4=true&c5=&c6=64027&c10=&c11=true&c12=&c13=true&c14=&c15=true&rnd=19474958&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
d498232b7db07e6e7480e1e67483e011207c96039ca5ffdf118242a4b321aa60

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1447
Enabler_01_250.js
s0.2mdn.net/879366/ Frame CD0E 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2907988793834914221/index.html?e=69&leftOffset=0&topOffset=0&c=9SmZyYCT3C&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2907988793834914221/index.html?e=69&leftOffset=0&topOffset=0&c=9SmZyYCT3C&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:51:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38017
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 16:51:05 GMT
truncated
/ Frame 0F05 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6937f4ccde7684dfa45c6a3910b867e0b20b11f43b11b149d6c057e84e6237ba

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
aRHxF0aQyr6jvzaKlId8sQ.js
sc.tynt.com/script/sc/ Frame 0F05 		1003 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.tynt.com/script/sc/aRHxF0aQyr6jvzaKlId8sQ.js
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/siab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24d69ea234223aad8f23712bc26cce41772e17c19f1fa149fc625f20cf0dc3d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
43627
status
200 OK
x-xss-protection
1; mode=block
x-request-id
df172d62-c051-4587-912a-33770b2d2c63
x-runtime
0.004644
x-content-digest
2662fd1a560055af13a8045afafc4f93d07713b0
last-modified
Wed, 17 Jan 2024 15:07:28 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600, public, s-maxage=172800
cf-ray
84bde25afbd66a57-EWR
x-rack-cache
fresh
expires
Fri, 26 Jan 2024 14:58:59 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 27 Jan 2024 03:24:42 GMT
server
nginx
t
t.lkqd.net/ Frame 4D85 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:42 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 27 Jan 2024 03:24:42 GMT
server
nginx
t
t.lkqd.net/ Frame 75EB 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:42 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame 7E51 		230 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.252.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.252.110.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
IktgKK_KJgLxSedeIEpHPiaaFUcsadbM
via
1.1 google
content-encoding
br
date
Thu, 04 Jan 2024 19:10:42 GMT
x-amz-request-id
476APBNJQQ3R1V1M
age
1930440
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57258
x-amz-id-2
p3uC/AaM/o90zq9/Clng77lZLO0wcy/XWxS2Fx8u8Yrk7UVdUreAvZTrRcul3C5YH6YyDFyDly4=
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
server
AmazonS3
etag
W/"88ca76abee51b1544e17b021f04aaaed"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=604800
accept-ranges
none
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 11C6 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:53:12 GMT
x-content-type-options
nosniff
age
77490
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 05:53:12 GMT
truncated
/ Frame 2121 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d9f75c5b16017512bc908c460ab81f74855b621f8baf46968d86382a6ecd54a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 2121 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8ELFRSTckbse1Ltvv7273y7y0tnTGohC_aDUKF7sf0UN493Imy_q3hVyhz5yK-dSSY8VPH7LE3E9I6SWQhYz52Qp4d4T21Gchjmnhz0VaHDj4CwS4uYNAJ4qjKat-rzc2Zcpcm9rWhoh1VpLwHP5RkT35ChlLRiTrDa4SIYeZ-hKCCG-uO3WbzoYCo0qi09OwOmJH3qO5CT43_4xXxVTnvFAVDMzxpwy75J2ngG8Az538H6tWsYrILe3iwafq_1rJdpO5a4lLrvw2P1hTcBxQjJMMVL6RrztUE6fdk5nwfAChLBAywxH7bzp4Y2_cyJ3V5Na7kiK5R95K2h_pXwXHXFoUrm8WrPnlYOk6clsoITdkkrb4xPQOlg8SjxxABkrXVnaF0Iwn2ftijA&sai=AMfl-YTmkC-0KCKKJVBV9YNCCZwKvUOX4Yiq7i8EkSQyoOx_cWU_Osn3jHu2UJv-eBt-xiZpAQkC3IWYx3BYTYvkvAl_HEJW1e9MWVZw-V0VBhtLHlImIvcbgbXq9j2KDjcVj00QwvZllulzTl-9YeM0kjQ&sig=Cg0ArKJSzA_p7_2290y-EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 27 Jan 2024 03:24:42 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 14C3 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:50:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
77623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 05:50:59 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2F00 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C0_D5d3e0Zc6jO5fFjvQPufiLoAG5qpGTdfbXuOKBEtvZHhABINCAvx5gycapi8Ck2A-gAZHNtL4DyAEJ4AIAqAMByAMKqgT3AU_QKJftKkermHdyYKjXdy9OGELCaIULrczcxiZtWJIiqeCywh_ovJqfTh15gxS5zn3FfncPbLirH29iXW2vbbNwqOInD_LlUvO4W23xVqkmAZJr6HvQkypUR8sNM5qTjcLlBVO0FIN3EGgkFei6NeUPKXgKh93w85mVNl0E9-ADwCFvkYACuAsxC5FDz6_T76b-Bkiw4DViPbt6Ks5bXz2v2z8CQWBqtHOyXH3l0c1Unp686MYnQ1_Fvr9RxxRxdcZcQx_8hAFdnpMaJLK_6UWg9K6VJbooLmo-mDHBjpU1KicAY6Rv4rq_nY23pRPt3eGlS2Q_5HDABLnP7oy-BOAEAYgFrrDhyk2SBQQIBBgBkgUECAUYBKAGLoAH17LLQagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEJn7CtIIHwiAYRABGB0yAooCOgSAQIBASL39wTpY_Iq-n8_8gwOaCStodHRwczovL3d3dy5kaWFscGFkLmNvbS9haS1sYWJzL2RpYWxwYWQtZ3B0gAoDyAsB2gwRCgsQkL_4u4zow_DSARICAQPiDRMI85u_n8_8gwMVl6KDCB05_AIUuBPkA9gTCtAVAZgWAYAXAbIXHgocCAASFHB1Yi01MzYzMjMwMDc1NjMwODQ1GP2BFw&sigh=cMluD2g51-Y&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgAvHhf_KP2lFn4MzH27V0bBldNjdCXRR9r_-VEdpewbjtFfb41TcbP1L358c5JzHRHLl9RkodG68pD7wz9kkwp30j8Ajiqj3XiA861h_RgB&template_id=484&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CxpFTd3e0ZcSjO5fFjvQPufiLoAG-qN2zdcn6gqv2EWQQASDQgL8eYMnGqYvApNgPoAHx6pmaA8gBCeACAKgDAcgDywSqBIACT9AGowc_CA7oBTCRmwOErhcuvglK4gbaOxsES6frD9WwyrwGic6F8evuvG_8ehcyW1ugnDhKVCOnRzEEmfZdxUgCUP87BGTWpL29NA5q2odva1G3AcLJ-1uWtu9Ye4c8HtyFEA5onqq4QTyXWAwz5_WK_yjXmv3cQHZIKVEV2bdi12yEYQYCBBgTHNghW2ZspOssosk7BwFIClDw2FX9D69ayFEtIHxKlVJEr9b-aJYTcHrvFXyRiNPAwRv_WjIq1cRy0SfTcKeJkdxoTlfPNflElD6EAtpJbpCBBmsOY0NAhmiH7wh6VJjHY7DOEJAiYLwzGAWSirDnxF50b0bv4sAE3YuigL4E4AQBiAWqvaTlTZIFBAgEGAGSBQQIBRgEoAYugAf3lOZlqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQktMD0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlj8ir6fz_yDA5oJeGh0dHBzOi8vd3d3LnNtb290aGlla2luZy5jb20vP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09cGVyZm9ybWFuY2VtYXgmdXRtX2NhbXBhaWduPXNrX25tZl8yMDIzJnV0bV9jb250ZW50PWV2ZXJncmVlboAKA8gLAZgM3LH86ugE2gwQCgoQsP3H6ofS2qUXEgIBA-INEwjpm7-fz_yDAxWXooMIHTn8AhS4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTUzNjMyMzAwNzU2MzA4NDUY_YEX&sigh=pciK7OdqBl8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_KP2lFn4MzH27V0bBldNjdCXRR9r_-VEdpewbjtFfb41TcbP1L358c5JzHRHLl9RkodG68pD7wz9kkwp30j8Ajiqj3XiA861h_RgB&template_id=515&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 27 Jan 2024 03:24:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 11C6
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CxpFTd3e0ZcSjO5fFjvQPufiLoAG-qN2zdcn6gqv2EWQQASDQgL8eYMnGqYvApNgPoAHx6pmaA8gBCeACAKgDAcgDywSqBIACT9AGowc_CA7oBTCRmwOErhcuvglK4gbaOxsES6frD9Ww...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x85d2849efb6c32450000000000000000%22,%222%22:%220xef06d91d3381c7a10000000000000000%22,%223%22:%220xf6389f...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x85d2849efb6c32450000000000000000%22,%222%22:%220xef06d91d3381c7a10000000000000000%22,%223%22:%220xf6389f02fd02625f0000000000000000%22,%224%22:%220x8245bc9bd4a869400000000000000000%22,%225%22:%220xa9e78a5b66b8162e0000000000000000%22},%22debug_key%22:%222205185644205554017%22,%22debug_reporting%22:true,%22destination%22:%22https://smoothieking.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22860255601%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212895154647319302001%22}&andc=true
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x85d2849efb6c32450000000000000000","2":"0xef06d91d3381c7a10000000000000000","3":"0xf6389f02fd02625f0000000000000000","4":"0x8245bc9bd4a869400000000000000000","5":"0xa9e78a5b66b8162e0000000000000000"},"debug_key":"2205185644205554017","debug_reporting":true,"destination":"https://smoothieking.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["860255601"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"12895154647319302001"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 27 Jan 2024 03:24:42 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 27 Jan 2024 03:24:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x85d2849efb6c32450000000000000000","2":"0xef06d91d3381c7a10000000000000000","3":"0xf6389f02fd02625f0000000000000000","4":"0x8245bc9bd4a869400000000000000000","5":"0xa9e78a5b66b8162e0000000000000000"},"debug_key":"2205185644205554017","debug_reporting":true,"destination":"https://smoothieking.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["860255601"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"12895154647319302001"}&andc=true
access-control-allow-origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
prebid7.19.0.js
hb.adpone.com/ Frame 002F 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DCTPM4KW109WZH50
age
2323
x-amz-server-side-encryption
AES256
x-amz-id-2
NNoV2JA6Sniicyl2YxAGzDvLg8R82MKNYoJxz2RZNnJb2j9cYE+52WF6aeAIaWgc8Kr0rGmh33XJJo0JwprI9w==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=axND7LqFNs5QeAX41%2F0BKprzWJzLXNxdvFpo6%2F9ZSWs1gNm8orZS1OJnl%2BhVRUJ9xUWtVVH5VX5Tk12RziWmEDi%2FweBNy%2FdyD34DlrcxQrwixTmsjs8Qu3xNvVcXwijDdpbSnOmA78fhLqA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84bde25c5ac98c17-EWR
p.html
windsplay.com/r/ Frame 1FD8 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windsplay.com/r/p.html?f=ijqdwgate&e=1981144949990
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=7077411706325880833
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.152.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-152-115.atl58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
367ad7f3579c263a3474b190cf27adecf9b82dcbc668b8960e0f80fba8c6509b

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
38850
content-encoding
br
content-type
text/html
date
Fri, 26 Jan 2024 16:37:13 GMT
etag
W/"b7e402d582ad9bfabc2e648affbcd1af"
last-modified
Thu, 16 Nov 2023 08:55:21 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 1d00ba7ffc8db277f53e86898830f418.cloudfront.net (CloudFront)
x-amz-cf-id
yn69FwrRzD6m3EWzb4Dv-8TPoMCmpzHTC2Di1AHlwTIumpjODaOilw==
x-amz-cf-pop
ATL58-P3
x-amz-server-side-encryption
AES256
x-amz-version-id
4xUzCs9h5pj6rVXNGGB.BwnkM5amVlqP
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame F0C7 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=7077411706325880833
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.24.174 Washington, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
174-24-31-64.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
732a107498a381e9b30fb2fa33571b8b33c7fe8ad8b644615c57d35035b3cf30

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:42 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
p.html
windsplay.com/r/ Frame AB4D 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windsplay.com/r/p.html?f=jaurxik&e=1981144949990
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=7077411706325880833
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.152.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-152-115.atl58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
367ad7f3579c263a3474b190cf27adecf9b82dcbc668b8960e0f80fba8c6509b

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
38850
content-encoding
br
content-type
text/html
date
Fri, 26 Jan 2024 16:37:13 GMT
etag
W/"b7e402d582ad9bfabc2e648affbcd1af"
last-modified
Thu, 16 Nov 2023 08:55:21 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 1d00ba7ffc8db277f53e86898830f418.cloudfront.net (CloudFront)
x-amz-cf-id
pCfLSIkNUPed_GzjvmeFbO7ysZ1YknR0rFymXCDq0wDT3Ln8HPQ-Jg==
x-amz-cf-pop
ATL58-P3
x-amz-server-side-encryption
AES256
x-amz-version-id
4xUzCs9h5pj6rVXNGGB.BwnkM5amVlqP
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame F0C7 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=7077411706325880833
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.24.174 Washington, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
174-24-31-64.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
9dcfb04f8d33520607b73740a1ed3c05c423d8334fd8735a5febbd44e76a2b01

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:42 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
p.html
windsplay.com/r/ Frame 372A 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windsplay.com/r/p.html?f=pboxdtxo&e=1981144949990
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=7077411706325880833
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.152.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-152-115.atl58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
367ad7f3579c263a3474b190cf27adecf9b82dcbc668b8960e0f80fba8c6509b

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
38850
content-encoding
br
content-type
text/html
date
Fri, 26 Jan 2024 16:37:13 GMT
etag
W/"b7e402d582ad9bfabc2e648affbcd1af"
last-modified
Thu, 16 Nov 2023 08:55:21 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 1d00ba7ffc8db277f53e86898830f418.cloudfront.net (CloudFront)
x-amz-cf-id
xfb9hIeHuBfAWNseGHxtHrvmymXjJO2tGUGG68u-aJmBNux6bsseDA==
x-amz-cf-pop
ATL58-P3
x-amz-server-side-encryption
AES256
x-amz-version-id
4xUzCs9h5pj6rVXNGGB.BwnkM5amVlqP
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame F0C7 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=7077411706325880833
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.24.174 Washington, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
174-24-31-64.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
a856541f12215fa454ac10c3acbf85cfce706e43f07cd020277c472ebb59bed4

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:42 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
p.html
windsplay.com/r/ Frame C240 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windsplay.com/r/p.html?f=tgxtthnd&e=1981144949990
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=7077411706325880833
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.152.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-152-115.atl58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
367ad7f3579c263a3474b190cf27adecf9b82dcbc668b8960e0f80fba8c6509b

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
38850
content-encoding
br
content-type
text/html
date
Fri, 26 Jan 2024 16:37:13 GMT
etag
W/"b7e402d582ad9bfabc2e648affbcd1af"
last-modified
Thu, 16 Nov 2023 08:55:21 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 1d00ba7ffc8db277f53e86898830f418.cloudfront.net (CloudFront)
x-amz-cf-id
G1-8Dq2dMeqnDaYWF1XF634fA2ZdTK48yx1DgdZez-aOIrHDzR3Ubg==
x-amz-cf-pop
ATL58-P3
x-amz-server-side-encryption
AES256
x-amz-version-id
4xUzCs9h5pj6rVXNGGB.BwnkM5amVlqP
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame F0C7 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=7077411706325880833
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.24.174 Washington, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
174-24-31-64.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
053af35daeecf01efcd97a28c8db7ead089ef31131786d4af3c23ee4dd5dd338

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:42 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
p.html
windsplay.com/r/ Frame 2407 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windsplay.com/r/p.html?f=itwreqsy&e=1981144949990
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=7077411706325880833
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.152.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-152-115.atl58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
367ad7f3579c263a3474b190cf27adecf9b82dcbc668b8960e0f80fba8c6509b

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
38850
content-encoding
br
content-type
text/html
date
Fri, 26 Jan 2024 16:37:13 GMT
etag
W/"b7e402d582ad9bfabc2e648affbcd1af"
last-modified
Thu, 16 Nov 2023 08:55:21 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 1d00ba7ffc8db277f53e86898830f418.cloudfront.net (CloudFront)
x-amz-cf-id
VRAUqHD3dDMFy2gqjSwtEWcFqvM0kPySwbBiYhefOBDvg3aAG7ukkw==
x-amz-cf-pop
ATL58-P3
x-amz-server-side-encryption
AES256
x-amz-version-id
4xUzCs9h5pj6rVXNGGB.BwnkM5amVlqP
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame F0C7 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=7077411706325880833
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.24.174 Washington, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
174-24-31-64.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
7bd76a0a3b4639c022b49b3081648b9264bd31d574b8569935c0c7340c316dd6

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:42 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
p.html
windsplay.com/r/ Frame CE29 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windsplay.com/r/p.html?f=wxjerejyq&e=1981144949990
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=7077411706325880833
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.152.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-152-115.atl58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
367ad7f3579c263a3474b190cf27adecf9b82dcbc668b8960e0f80fba8c6509b

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
38850
content-encoding
br
content-type
text/html
date
Fri, 26 Jan 2024 16:37:13 GMT
etag
W/"b7e402d582ad9bfabc2e648affbcd1af"
last-modified
Thu, 16 Nov 2023 08:55:21 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 1d00ba7ffc8db277f53e86898830f418.cloudfront.net (CloudFront)
x-amz-cf-id
e5OiSqSq8LwoDTr24fO_4vdCYYn-WcKVLZwDGAP9AMjFe2zPKSlCWQ==
x-amz-cf-pop
ATL58-P3
x-amz-server-side-encryption
AES256
x-amz-version-id
4xUzCs9h5pj6rVXNGGB.BwnkM5amVlqP
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame F0C7 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=7077411706325880833
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.24.174 Washington, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
174-24-31-64.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
978a6720c46899319bcaf543b4a88ca153ce91f224a3392ee23a4de7bad7aafe

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:42 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
p.html
windsplay.com/r/ Frame 9243 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windsplay.com/r/p.html?f=eyjzkkxfzf&e=1981144949990
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=7077411706325880833
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.152.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-152-115.atl58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
367ad7f3579c263a3474b190cf27adecf9b82dcbc668b8960e0f80fba8c6509b

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
38850
content-encoding
br
content-type
text/html
date
Fri, 26 Jan 2024 16:37:13 GMT
etag
W/"b7e402d582ad9bfabc2e648affbcd1af"
last-modified
Thu, 16 Nov 2023 08:55:21 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 1d00ba7ffc8db277f53e86898830f418.cloudfront.net (CloudFront)
x-amz-cf-id
FKyLAVVXJzicvfgDLp9N6t-qEQr1-HFh_kWHBoguu-tuGWhuqBw0OQ==
x-amz-cf-pop
ATL58-P3
x-amz-server-side-encryption
AES256
x-amz-version-id
4xUzCs9h5pj6rVXNGGB.BwnkM5amVlqP
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame F0C7 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=7077411706325880833
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.24.174 Washington, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
174-24-31-64.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
8f37ef9f928013256f418451c4748f0c5b245fc1c6d945aecc291545754ccd21

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:42 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
p.html
windsplay.com/r/ Frame AD95 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windsplay.com/r/p.html?f=xxxkvszg&e=1981144949990
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=7077411706325880833
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.152.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-152-115.atl58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
367ad7f3579c263a3474b190cf27adecf9b82dcbc668b8960e0f80fba8c6509b

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
38850
content-encoding
br
content-type
text/html
date
Fri, 26 Jan 2024 16:37:13 GMT
etag
W/"b7e402d582ad9bfabc2e648affbcd1af"
last-modified
Thu, 16 Nov 2023 08:55:21 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 1d00ba7ffc8db277f53e86898830f418.cloudfront.net (CloudFront)
x-amz-cf-id
EJKcQlL06SzLbV4G8fulP8hhbf3VcyBzA-UJ1khqvf_Yw3aIp-eh0w==
x-amz-cf-pop
ATL58-P3
x-amz-server-side-encryption
AES256
x-amz-version-id
4xUzCs9h5pj6rVXNGGB.BwnkM5amVlqP
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame F0C7 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=7077411706325880833
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.24.174 Washington, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
174-24-31-64.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
6cf4db24bc73d881b3d5396b4322430b21f907a3cf9bc96285a14b6e6044ef23

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:42 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
p.html
windsplay.com/r/ Frame 6B72 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windsplay.com/r/p.html?f=dhgwfr&e=1981144949990
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=7077411706325880833
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.152.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-152-115.atl58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
367ad7f3579c263a3474b190cf27adecf9b82dcbc668b8960e0f80fba8c6509b

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
38850
content-encoding
br
content-type
text/html
date
Fri, 26 Jan 2024 16:37:13 GMT
etag
W/"b7e402d582ad9bfabc2e648affbcd1af"
last-modified
Thu, 16 Nov 2023 08:55:21 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 1d00ba7ffc8db277f53e86898830f418.cloudfront.net (CloudFront)
x-amz-cf-id
n0wI_fVy_O8jP3kr_SJ6zHhlu7QvtNlQLHBRum6-j7fevGV7Fn2c-w==
x-amz-cf-pop
ATL58-P3
x-amz-server-side-encryption
AES256
x-amz-version-id
4xUzCs9h5pj6rVXNGGB.BwnkM5amVlqP
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame F0C7 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=7077411706325880833
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.24.174 Washington, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
174-24-31-64.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
adfa9ed6cab5b45f73b544c5566a733903eb4c073325c8c1746f34f4d2ca9c06

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:42 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
p.html
windsplay.com/r/ Frame E845 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windsplay.com/r/p.html?f=ozurmjyis&e=1981144949990
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=7077411706325880833
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.152.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-152-115.atl58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
367ad7f3579c263a3474b190cf27adecf9b82dcbc668b8960e0f80fba8c6509b

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
38850
content-encoding
br
content-type
text/html
date
Fri, 26 Jan 2024 16:37:13 GMT
etag
W/"b7e402d582ad9bfabc2e648affbcd1af"
last-modified
Thu, 16 Nov 2023 08:55:21 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 1d00ba7ffc8db277f53e86898830f418.cloudfront.net (CloudFront)
x-amz-cf-id
WtEL1EYxNQF4M33e-GYEazMYc7p7c9t_qoC86XqBLIH8P8THMwpnbQ==
x-amz-cf-pop
ATL58-P3
x-amz-server-side-encryption
AES256
x-amz-version-id
4xUzCs9h5pj6rVXNGGB.BwnkM5amVlqP
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame F0C7 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=7077411706325880833
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.24.174 Washington, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
174-24-31-64.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
140568a4319a4d3668bde04f2c02dd99e614d94606e7805bdd22b04cee0025f5

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:42 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
27519
tags.bluekai.com/site/ Frame D047
Redirect Chain
  • https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1706325881929.6
  • https://tags.bluekai.com/site/27519?id=212458785817304&ret=html&random=1706325882
71 B
553 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.bluekai.com/site/27519?id=212458785817304&ret=html&random=1706325882
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=ckbqREs5qr54oMaKlgYj8u&dn=RCIV&cc=1&chmob=0&r=&pu=https%3A%2F%2Fwbz-tavnsz.net%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.105.110 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-105-110.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

bk-server
a175
content-length
71
content-type
text/html
date
Sat, 27 Jan 2024 03:24:42 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Sat, 27 Jan 2024 03:24:42 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://tags.bluekai.com/site/27519?id=212458785817304&ret=html&random=1706325882
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP006
x-33x-status
400000000040080C
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1706325881929.1
  • https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&us_privacy=&random=1706325881929.1
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjJZVlpjdWV1cDBlV1dES1ptenFhbnd6YXF2dU9fZ2FFT0xNWVZnTllVMnM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEEbrZObH5-9OGriMhzucH2I&google_cver=1
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEEbrZObH5-9OGriMhzucH2I&google_cver=1
Protocol
HTTP/1.1
Server
18.214.54.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-54-215.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sat, 27 Jan 2024 03:24:42 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEEbrZObH5-9OGriMhzucH2I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWW0d3lnEWOeDWTzAg%3D%3D&us_privacy=&_rand=1706325881929.2
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWW0d3lnEWOeDWTzAg%3D%3D&us_privacy=&_rand=1706325881929.2&expected_cookie=bcfd732b-b564-4b60-8804-acba379c52d9
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWW0d3lnEWOeDWTzAg%3D%3D&us_privacy=&_rand=1706325881929.2&expected_cookie=bcfd732b-b564-4b60-8804-acba379c52d9
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 018B7AD1B1204F9CBA40B38834D4BC17 Ref B: EWR30EDGE1608 Ref C: 2024-01-27T03:24:42Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYP5PQbdfKdZkaJaexudw==

Redirect headers

date
Sat, 27 Jan 2024 03:24:41 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 21151B97277F4E46B9D8F6724353419A Ref B: EWR30EDGE1608 Ref C: 2024-01-27T03:24:42Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
/db_sync?pid=15927&puuid=CoIKSWW0d3lnEWOeDWTzAg%3D%3D&us_privacy=&_rand=1706325881929.2&expected_cookie=bcfd732b-b564-4b60-8804-acba379c52d9
x-li-proto
http/2
content-length
0
x-li-uuid
AAYP5PQZw0ebTqfyUEx7ww==
ea18b846-2890-45b5-bb97-1db97e1acc8a
map.go.affec.tv/map/ttd/
Redirect Chain
  • https://map.go.affec.tv/map/3a/?pid=CoIKSWW0d3lnEWOeDWTzAg%3D%3D&us_privacy=&ts=1706325881929.3
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D65b4777a4c66c10001d8bb8b%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
  • https://map.go.affec.tv/map/an/5554114585976271850?ch=65b4777a4c66c10001d8bb8b&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://map.go.affec.tv/map/ttd/ea18b846-2890-45b5-bb97-1db97e1acc8a?ttd_puid=&gdpr=0&gdpr_consent=
0
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://map.go.affec.tv/map/ttd/ea18b846-2890-45b5-bb97-1db97e1acc8a?ttd_puid=&gdpr=0&gdpr_consent=
Protocol
H2
Server
52.71.187.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-187-23.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
content-encoding
gzip
vary
Accept-Encoding

Redirect headers

location
https://map.go.affec.tv/map/ttd/ea18b846-2890-45b5-bb97-1db97e1acc8a?ttd_puid=&gdpr=0&gdpr_consent=
date
Sat, 27 Jan 2024 03:24:42 GMT
server
Kestrel
content-length
229
usermatch.gif
beacon.krxd.net/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSWW0d3lnEWOeDWTzAg%3D%3D&us_privacy=&random=1706325881929.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKSWW0d3lnEWOeDWTzAg%3D%3D&us_privacy=&random=1706325881929.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=7c557dde-d608-4ba1-a19b-be5a365c1632%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=7c557dde-d608-4ba1-a19b-be5a365c1632%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ea18b846-2890-45b5-bb97-1db97e1acc8a&ttd_puid=7c557dde-d608-4ba1-a19b-be5a365c1632%2Chttps%253A%252F%252Fusermatch.krxd.n...
  • https://usermatch.krxd.net/um/v2?partner=tapad
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Protocol
H2
Server
54.83.168.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-168-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
beacon-n008-ash-prod.krxd.net
date
Sat, 27 Jan 2024 03:24:42 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1706325882
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
date
Sat, 27 Jan 2024 03:24:42 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a014-ash-prod.krxd.net
405716.gif
idsync.rlcdn.com/
Redirect Chain
  • https://dp2.33across.com/ps/?pid=1205&rand=1706325881929.5
  • https://idsync.rlcdn.com/405716.gif?partner_uid=212437783677323
42 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/405716.gif?partner_uid=212437783677323
Protocol
H2
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:42 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
4000000000004000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://idsync.rlcdn.com/405716.gif?partner_uid=212437783677323
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
mapuid
secure.adnxs.com/
Redirect Chain
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKSWW0d3lnEWOeDWTzAg%3D%3D&us_privacy=&random=1706325881929.7&pu=https%3A%2F%2Fwbz-tavnsz.net%2F
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212436263600266&seg_code=33x&random=1706325882
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212436263600266&seg_code=33x&random=1706325882
Protocol
H2
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:42 GMT
an-x-request-uuid
2575c77c-fcbd-4051-b767-0d431dcee34e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:42 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
402044000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212436263600266&seg_code=33x&random=1706325882
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cs
cs.lkqd.net/ Frame A6D3
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=306b5649-1e77-4371-b2e5-386788abd9cb
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=306b5649-1e77-4371-b2e5-386788abd9cb
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=306b5649-1e77-4371-b2e5-386788abd9cb
date
Sat, 27 Jan 2024 03:24:42 GMT
server
_
content-length
0
lkqd
event.clientgear.com/cookie/ Frame A6D3
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=TK3fIZEzRKA
0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=TK3fIZEzRKA
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
47.252.78.131 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

date
Sat, 27 Jan 2024 03:24:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=TK3fIZEzRKA
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame A6D3
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=TK3fIZEzRKA&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=4d7615b4-be95-5d57-b504-b94b8d751387
43 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=4d7615b4-be95-5d57-b504-b94b8d751387
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 03:24:42 GMT
Server
nginx
Location
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=4d7615b4-be95-5d57-b504-b94b8d751387
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
cs
cs.lkqd.net/ Frame A6D3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7830607249730030491
43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7830607249730030491
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7830607249730030491
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:41 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame A6D3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=2w51-qyfWF5reWb4xqKsmAW16oU
43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=2w51-qyfWF5reWb4xqKsmAW16oU
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=2w51-qyfWF5reWb4xqKsmAW16oU
Date
Sat, 27 Jan 2024 03:24:42 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
cs
cs.lkqd.net/ Frame 2BF2
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f13ff11e-70c9-48d5-9f0d-aff05ede43a5
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f13ff11e-70c9-48d5-9f0d-aff05ede43a5
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f13ff11e-70c9-48d5-9f0d-aff05ede43a5
date
Sat, 27 Jan 2024 03:24:42 GMT
server
_
content-length
0
lkqd
event.clientgear.com/cookie/ Frame 2BF2
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=TK3fIZEzRKA
0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=TK3fIZEzRKA
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
47.252.78.131 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

date
Sat, 27 Jan 2024 03:24:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=TK3fIZEzRKA
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame 2BF2
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=TK3fIZEzRKA&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=43f0b14c-94f8-5f2d-a463-f84ac04fbf2a
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=43f0b14c-94f8-5f2d-a463-f84ac04fbf2a
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 03:24:42 GMT
Server
nginx
Location
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=43f0b14c-94f8-5f2d-a463-f84ac04fbf2a
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
cs
cs.lkqd.net/ Frame 2BF2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7758549655692102555
43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7758549655692102555
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7758549655692102555
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:41 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 2BF2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=2w51-qyfWF5reWb4xqKsmAW16oU
43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=2w51-qyfWF5reWb4xqKsmAW16oU
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=2w51-qyfWF5reWb4xqKsmAW16oU
Date
Sat, 27 Jan 2024 03:24:42 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 3E6E 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:50:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
77623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 05:50:59 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 2E13 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:50:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
77623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 05:50:59 GMT
WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js
pagead2.googlesyndication.com/bg/ Frame 77C7 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:53:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
77458
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19644
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 05:53:44 GMT
usync.html
eus.rubiconproject.com/ Frame 3A1F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&id=ckbqREs5qr54oMaKlgYj8u&dn=RCIV&cc=1&chmob=0&r=&pu=https%3A%2F%2Fwbz-tavnsz.net%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 27 Jan 2024 03:24:42 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 27 Jan 2024 03:24:42 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
match
events-ssc.33across.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=the33across
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=2w51-qyfWF5reWb4xqKsmAW16oU&user_group=1&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=5520a5b8-4f14-47af-8167-705984949485
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=5520a5b8-4f14-47af-8167-705984949485&ts=1706325882&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=5520a5b8-4f14-47af-8167-705984949485&ts=1706325882&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:42 GMT
referrer-policy
unsafe-url
server
33XP018
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=5520a5b8-4f14-47af-8167-705984949485&ts=1706325882&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706325881946.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=3a8765b4-777a-4700-b6f1-8334dac4d9f0
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=3a8765b4-777a-4700-b6f1-8334dac4d9f0
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Sat, 27 Jan 2024 03:24:42 GMT
Server
MT3 1451 1934b03 master ord ord-pixel-x2 config_version:"539"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=3a8765b4-777a-4700-b6f1-8334dac4d9f0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 27 Jan 2024 03:24:41 GMT
match
events-ssc.33across.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true&verify=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-mBwtZ3VE2uH41PFivdrrNkRFi8ZcOjZw~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-mBwtZ3VE2uH41PFivdrrNkRFi8ZcOjZw%7EA&ts=1706325882&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-mBwtZ3VE2uH41PFivdrrNkRFi8ZcOjZw%7EA&ts=1706325882&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:42 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-mBwtZ3VE2uH41PFivdrrNkRFi8ZcOjZw%7EA&ts=1706325882&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=593c3a791cc906e0&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAACcU3Po9IQEwNAdjKFAAAAAAA&expiration=1706412282&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAACcU3Po9IQEwNAdjKFAAAAAAA&ts=1706325882&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAACcU3Po9IQEwNAdjKFAAAAAAA&ts=1706325882&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:42 GMT
referrer-policy
unsafe-url
server
33XP008
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAACcU3Po9IQEwNAdjKFAAAAAAA&ts=1706325882&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2664641436242888384639
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2664641436242888384639&ts=1706325882&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2664641436242888384639&ts=1706325882&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:42 GMT
referrer-policy
unsafe-url
server
33XP008
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2664641436242888384639&ts=1706325882&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x85d2849efb6c32450000000000000000%22,%222%22:%220xef06d91d3381c7a10000000000000000%22,%223%22:%220xf6389f02fd02625f0000000000000000%22,%224%22:%220x8245bc9bd4a869400000000000000000%22,%225%22:%220xa9e78a5b66b8162e0000000000000000%22},%22debug_key%22:%222205185644205554017%22,%22debug_reporting%22:true,%22destination%22:%22https://smoothieking.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22860255601%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212895154647319302001%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 27 Jan 2024 03:24:42 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2308
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol
H2
Server
2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date
Sat, 27 Jan 2024 03:24:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sic.css
cdn-sic.33across.com/1/stylesheets/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-sic.33across.com/1/stylesheets/sic.css
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Love
Resource Hash
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 Nov 2023 18:46:30 GMT
server
cloudflare
age
337050
etag
W/"65551206-1c90"
x-powered-by
Love
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3600
cf-ray
84bde25eff8643ad-EWR
expires
Sat, 27 Jan 2024 04:24:42 GMT
ast.js
acdn.adnxs.com/ast/ Frame F698 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ast/ast.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9db9ff5cf7743937b33d2929fbceccfe44e696bef7c79255c7c15faaf76d17ff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires
Fri, 15 Dec 2023 19:26:18 GMT
Date
Sat, 27 Jan 2024 03:24:42 GMT
Content-Encoding
gzip
Via
1.1 varnish
Age
28568
X-Cache
HIT
Connection
keep-alive
Content-Length
39617
X-Served-By
cache-lga21924-LGA
Last-Modified
Thu, 14 Dec 2023 19:22:30 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1706325883.843141,VS0,VE0
ETag
W/"657b55f6-1d04c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
5564
apstag.js
c.amazon-adsystem.com/aax2/ Frame 0917 		283 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.83.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-83-5.atl59.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:20:55 GMT
content-encoding
gzip
via
1.1 23c9ec01b6f4151f654547c0190aeebe.cloudfront.net (CloudFront), 1.1 3ec7e9c692b1d4a7242f8470f755efa8.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 20:58:08 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, ATL59-P2
age
228
x-amz-server-side-encryption
AES256
etag
W/"40d0d68b26a97aab8ab324d2c4d4ad42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
NPgYd2qCg4dAiwXjnUi20V7iidR_zqLiSuU4zKLv32M63GJkdI454g==
authorize
sic.33across.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sic.33across.com/authorize?usPrivacy=&gpp=&gppSid=&version=3.28.0&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&product=inview&userId=&lexId=&sessionId=&publisherURL=https%3A%2F%2Fwbz-tavnsz.net%2F&referrerURL=&publisherId=ckbqREs5qr54oMaKlgYj8u&publisher=mynet.com&maxTouchPoints=0&navigatorPropsCount=64&viewportWidth=1600&viewportHeight=1200&screenWidth=1600&screenHeight=1200&screenAvailHeight=1200&devicePixelRatio=1&scrollX=0&scrollY=0&pageVisibility=visible&pageWidth=1600&pageHeight=15291&_=1706325882740&callback=_tynt_jp.aimnwdeo5
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
/ Love
Resource Hash
45b201b8ec9c7d89bc9bf573b6f8f99c2eea9a1c3da43b111d4d8ba439111a2d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Love
etag
W/"6c1-BIRUXxNx+Ua5b6xmYajzT8La9qg"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/javascript; charset=utf-8
status
200 OK
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Authorization
prebid8.25.0.js
static.cdn.pixad.com.tr/dist/ Frame 2121 		439 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Requested by
Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/showad/showad.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:658 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94f151a7964f65d87bcaf4b5758d541c80a8fba0bb34d8ddc5ab9f8f4122f7c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
1067
age
2093
cdn-storageserver
DE-588
cdn-cachedat
01/26/2024 09:42:50
cdn-pullzone
1145655
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 27 Nov 2023 09:51:01 GMT
cdn-proxyver
1.04
cdn-fileserver
742
cdn-requestpullcode
200
server
cloudflare
etag
W/"65646685-6dae9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1OnI1dI5ePUBBlfhZpnL2sfBNQVRzNVMnyANBoaJoeeLjqbD5A%2B%2BT9Ei8nMFr0DZWwR0Gjhgme0SVu3AB0Q4EBngNZ9eC670%2Bijl3r9jpf8ByizRH1H1Ws1DkeONNqqWIRxQEAJ8WbXCOyT0Hd%2BYUgO7quX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
e7d0f040-08f3-443e-a640-656beb6c8b3b
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=14400
cdn-requestid
41d92c643ce7204dad887afcbfc5b1b3
cf-ray
84bde25f3bc18cbf-EWR
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
usync.html
ad.lkqd.net/cookie-sync/ Frame 2FDA 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.252.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.252.110.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
age
1815668
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=604800
content-encoding
br
content-length
1772
content-type
text/html
date
Sat, 06 Jan 2024 03:03:34 GMT
etag
W/"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 google
x-amz-id-2
L3LOmaJJVga2tk2X9AQfAwESA6eToYnwJFCBmMthhEVtyMCD8U/aFqIdkihDt7AooPQAoioCsVU=
x-amz-replication-status
COMPLETED
x-amz-request-id
CD9K3YB2GTBF13FA
x-amz-version-id
NI253OTV2M5oCpTwsHBLVZgCVbG2a6IX
ad
v.lkqd.net/ Frame 7E51 		45 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1181913&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C64027%2C1%2C&c4=true&c5=&c6=64027&c10=&c11=true&c12=&c13=true&c14=&c15=true&rnd=19474958&m=&rtv=1&thost=wbz-tavnsz.net
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
21c4a40c93e36ba2a5e2a2150ad3e2c1284c46800ff323ae3d7de67736f8c4e9

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
5204
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
14050040951069834307
tpc.googlesyndication.com/simgad/ Frame 2308 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14050040951069834307?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmF9yRVmxHoADa2g1Yqh8rfBuFbig
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71aa7fcb701f7091226fb8638d1cf37f693ba4a749b89d70590933a31b577a79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:11:29 GMT
x-content-type-options
nosniff
age
76393
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23678
x-xss-protection
0
last-modified
Sat, 02 Dec 2023 00:36:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 25 Jan 2025 06:11:29 GMT
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2308 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 01:37:02 GMT
x-content-type-options
nosniff
server
cafe
age
6460
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3057
x-xss-protection
0
expires
Sun, 28 Jan 2024 01:37:02 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2308 		344 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 20:03:50 GMT
x-content-type-options
nosniff
server
cafe
age
26452
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sat, 27 Jan 2024 20:03:50 GMT
evertypebold.otf
s0.2mdn.net/sadbundle/2907988793834914221/ Frame CD0E 		31 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2907988793834914221/evertypebold.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2907988793834914221/index.html?e=69&leftOffset=0&topOffset=0&c=9SmZyYCT3C&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
895e3da892c21ab130ea76b5988939aa656bbeb9d3a49808dab87903e5e2aad8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/2907988793834914221/index.html?e=69&leftOffset=0&topOffset=0&c=9SmZyYCT3C&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 25 Jan 2025 06:07:00 GMT
date
Fri, 26 Jan 2024 06:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76662
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21607
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 20:11:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
evertyperegular.otf
s0.2mdn.net/sadbundle/2907988793834914221/ Frame CD0E 		30 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2907988793834914221/evertyperegular.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2907988793834914221/index.html?e=69&leftOffset=0&topOffset=0&c=9SmZyYCT3C&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9848fc39945bf074c77566678cfc3f849b7ea17e99ed408a6951a69d656d897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/2907988793834914221/index.html?e=69&leftOffset=0&topOffset=0&c=9SmZyYCT3C&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 25 Jan 2025 06:15:07 GMT
date
Fri, 26 Jan 2024 06:15:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76175
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20701
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 20:11:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1181913&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C64027%2C1%2C&c4=true&c5=&c6=64027&c10=&c11=true&c12=&c13=true&c14=&c15=true&rnd=19474958&m=&rtv=1&thost=wbz-tavnsz.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Sat, 27 Jan 2024 03:24:42 GMT
server
nginx
view
securepubads.g.doubleclick.net/pcs/ Frame 0F05 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhdtOY9po9aqbqUdWp_UjbroHkNNDE1lY3DgjgknwSUlyHNTTzb-RUXThdboIYpLXToKunZZLQbWGKX-FaLhxYhWNNalIF3sTws7RQ38l95ei4FFuemcQ2W0lXtYQ0qFHj2cHkVbIag9MYkd1tr13oMGAfZqvH7ckLR6bUAoHu2txFBUuoK95eizk3oSl6AiRDfWduosWVnIMg01Gz2ZqEKgVmM4RDcXKO2AlOkub_EJGkqnc7T23BwVn4ukOI9pYPNCPm2fl4NCunMuVeBw-JZV8-mNRzPFClH8ucucmLh6bgtg6VOxeEgturZZrPI-MA39J4vbAv3zDEytjS9RDxKjOnQQvl5GcXHas7GuTSS7Csk6IL5I8kQIB5JpbNtfB_d-nJjsA&sai=AMfl-YTqdbcxzV3RE00Ms7LIlWNa7z43r7zv6U-Scn_C_X0NItPLulUYkZVGRnlOwiIPybOsJ26mqP6lwquTiMt_rZF40wrRrK2GYlx2iMYruhMiHCHugQR8HJ2OFXrihpMjrJGTsSq4DUM15MJeYKCH8CQ&sig=Cg0ArKJSzGywSk_fEY9XEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 27 Jan 2024 03:24:42 GMT
view
ad.doubleclick.net/pcs/ Frame 0829 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstOfAjdTKjx5viCT5WgXSdVh8IrIntfkm9dD8MNdDetYALDlMnmt_ljNQ0vrnuNO1U8v0pifP-37xgfQmSz3gT_MZS_AoDW5rlAbbP4GOGRRIwxX_Ff9DzzJTzExBNXnkESg8I3fcKpkHdQ5nIvMDKfBvvNErATdDHQ7QLnsKkZx3g-nQt8cx8sRuhicaTPThSAJYeAlgQQhTDs5lOj0hqrReL4pzxcOA87dKYPq8oO5tvo5uW5WyeJBvgpy7QQYJpouv2XdI8AQ42kCLUlv9TsuAzDkceBuFhPYWHZkhmSGRMscBTqskuLz0LXf0oPLyJCr0nb_GusdM7kzk_IwiKjEdmva1tidwi7VMgUvb0F3koneYY7f3dvT9UNSeRkRgV23neu2G8YLVC4T13QOB1ACL6eqXycIixydxRYMrmJDyeq5Pu28o3fNNwIP1Iyoz9QWq6rpuRnLIQH-agTagrdF76wpal1VLiNWtA1b-wAUVKuIIGFYtx2SM9XD6Uoy-Bs-qDiwS-wb8ROropYNaEOSbZ7VNEuNFG-aDjzdLX3WV-RE-hOYP3vssGAOjDA6h_GETEJczS_2h2cAlMl4agupsymRz7QJC7hKS5CjG5UQnKMDooqGAqxKqWKtT-L8bSwNxJ3HAT6lbaAkb-xq4GeQ91ypCe1ANTGsqrxVggpAZipRoiOzN1heZJcaJjiw_6PPOWgA6i8sgoSQ5nHOEDKoogEvO_Wqalpsox2hGtMbncj--u6QEnTC5Z2c3VQLGF6KDBddJYKiwa8cZlz2M7yn2KrMYdqCD5wPwKMH8Nq2IWBqjnd1H3H0l9t2QkmIDwd6FbhDsGTrcyp1YUFxIBfpmdeImbcJlwkW5ccrgumfo07RPbSwr8STEpEbdTaBKFbIgKwAAnX-yniHD_4t-RXnNDrfqc3S6CAl4n2SblUEAKyJHUcT5sXDVJkks2Wp-cg3C1afCipWeTcVKkmM5KjFp5SQ_aH7E7tzSKJQNDr-F-h7w6CSx2fQsSy5QjOSEOA27kDJsMJO6ldDmiIeC-XgEwUKs-UUclM_IXKrqHtOZAcu2cKhB907OtyoCAgJ9klSaY9ZhatkvOFRpgQ-rQQnut9J0hJvD4GLGtdi6KKwPVOB3ovTYRqwWBF5E-YC3dfRqGlqgvvPQSSuor2_Zt_aDtfCTEiXUOb2Se1cLSgv0aVO3IOoo-pPO2i1zc0p_AYZD1Tw0710G9MpwUzCZymehKX8UAzt8Kx7e_FURAjF65CmzCmP75mTT6XHpFNJJ_R7uIegvP0votePxp55pVeAsJ_w2qfKmSA-Pfsr5OLHUqi22ZnTLxDH9TeQmX9c3wb6dOnzAXjUxJKm5A2fRVw8eFGvzGJbwH8aVLlk9JA&sai=AMfl-YT0pZPVUx-xiyq7aAhhhDhS-fwgkEwChzl-x446NpKMBZynXzLSVdg3GBWbh1HmcDg9oNr3dZEUq1fp7CkggW8iQyy8C9GPV9z9QkiYm4oLwgotIEDvZrWvcS93qtd5eocogrdRugP-ONGzHTgItWzFdhLXXrVxwZb1nhmTgGVjHmTLh32NGHp0cB0ysUJySxe5dDFeUklbHAdO2NaSOG5GLMtuWMBMAzq9o7A3sfUR_wTWcIGXbMhdCysK5aO4MptHVE72VmiZk88YpkcQVt1E36J3Hcy_RDc5xMml3qUxKvZ1SomH_MQF5LzanBCitJQ5RB44NviGj6W4fNk_DPFjSib_8RRnAz4s-t8RH24ReTUZkTlaCo57WfjXNhcLYba2cbUJY9hW2ioSn0Sv_XtHk66n-iHU-huLRx0kSSB6XV1G17UDlDF4sm3J427AuYkgn2KuBM0CKZrkVbbVCh_Ajrsw6_Oh4_4kE7tVRrDVd_crhVpc8MWCWbrLw9Z91b9r_08&sig=Cg0ArKJSzJA_m6UVJN4SEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ldmVyYmFuay5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1754&vt=11&dtpt=1279&dett=3&cstd=461&cisv=r20240122.22914&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 568C 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVD1dVGrTBCfQP_exBLkVRR_rxIwDT6aqa7qqldY8_WTjv4ACnTUErSN-edWIDqFtfso9crvzAgP3X_CngvFj0WL4WPhjWcUs3Po-0CPoqssDQARs-TQSuLaw1BYrc0TgxX-UqD9fTtrabBZd_tLImxOKS&sai=AMfl-YQWbQKY_rnJ1CssLHMtBSx8-0AHWFZGSLIZGzEN86RDJFyjt1yxWFL5lsV4oy8Q1dcMTuJyUQAgENR1he4n-LEQrienfkVXFAo5No3mcnq9lclEILKbL07GussJuGNNtYCu25blLwjtYAOfERw3&sig=Cg0ArKJSzDtRPyr3hgitEAE&cid=CAQSTgAvHhf_KP2lFn4MzH27V0bBldNjdCXRR9r_-VEdpewbjtFfb41TcbP1L358c5JzHRHLl9RkodG68pD7wz9kkwp30j8Ajiqj3XiA861h_RgB&id=lidar2&mcvt=1102&p=600,0,1200,160&mtos=1102,1102,1102,1102,1102&tos=1102,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1756351970&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170632588100&rst=1706325880893&rpt=951&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0829 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskl4TiS9kNoK0Tk4RtCQoBTezsW-fioVVM4DxHr6lxKgWR7i959WMSDQEuOvom0beH8rAphMohtZNvghB9lNnecqQsWVb1SxkYQNaFj8ms16AZQy1AnMRAFtC2082eNsa3-2frlJKvCP6CJLthz6q8YIv5&sai=AMfl-YSQGoYjEy3PSQndBiklndTIKGLsJJfLXu8bD1ZGCAANaxYFndQABgFVPwrtuAnUaCb9RrrtbrBMciY7JOm2mEdZ3_z-XtYVaP5BvWxLNWvK0_xDaXxsuwoxWOXjPGjGJ2vbBeOXQhPZiSLmx9JV&sig=Cg0ArKJSzFfiBaSTxaLWEAE&cid=CAQSTgAvHhf_KP2lFn4MzH27V0bBldNjdCXRR9r_-VEdpewbjtFfb41TcbP1L358c5JzHRHLl9RkodG68pD7wz9kkwp30j8Ajiqj3XiA861h_RgB&id=lidar2&mcvt=1107&p=208,315,458,1285&mtos=1107,1107,1107,1107,1107&tos=1107,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=583505459&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170632588100&rst=1706325880878&rpt=908&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame CD0E 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5591dba835b0de0e764ff94ad8aa2afd3905e71f935afbe374849727f010e5b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5835
x-xss-protection
0
cs
cs.lkqd.net/ Frame 7E51
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f13ff11e-70c9-48d5-9f0d-aff05ede43a5
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f13ff11e-70c9-48d5-9f0d-aff05ede43a5
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f13ff11e-70c9-48d5-9f0d-aff05ede43a5
date
Sat, 27 Jan 2024 03:24:43 GMT
server
_
content-length
0
CookieSyncLKQD
rtb.adentifi.com/ Frame 7E51 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncLKQD
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.96.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-96-255.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
cs
cs.lkqd.net/ Frame 7E51
Redirect Chain
  • https://sync.1rx.io/usersync2/lkqd
  • https://sync.1rx.io/usersync2/lkqd?zcc=1&cb=1706325883286
  • https://ad.turn.com/r/cs?pid=45&rndcb=1594602095
  • https://sync.1rx.io/usersync/turn/7830607249730030491?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D7%26partnerUserId%3DRX-6db02d9c-30dd-4c5d-9287-813b93805c...
  • https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005
date
Sat, 27 Jan 2024 03:24:43 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX6db02d9c30dd4c5d9287813b93805cd3005
content-type
text/html
cs
cs.lkqd.net/ Frame 7E51
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=lkqd
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=lkqd&ssp_user_id=5520a5b8-4f14-47af-8167-705984949485&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-lcqacoRE2pl6a96giA5Cw1qaMRVuYBCxYpJuww--~A&expires=5&ssp=lkqd
  • https://cs.lkqd.net/cs?partnerId=12&partnerUserId=5520a5b8-4f14-47af-8167-705984949485&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3D5520a5b8-4f14-47af-8167-705984949485%26redi...
  • https://cs.lkqd.net/cs?partnerId=43&partnerUserId=5520a5b8-4f14-47af-8167-705984949485&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3D5520a5b8-4f14-47af-8167-705984949485
  • https://cs.lkqd.net/cs?partnerId=46&partnerUserId=5520a5b8-4f14-47af-8167-705984949485
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=46&partnerUserId=5520a5b8-4f14-47af-8167-705984949485
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Sat, 27 Jan 2024 03:24:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
//cs.lkqd.net/cs?partnerId=46&partnerUserId=5520a5b8-4f14-47af-8167-705984949485
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame 7E51
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D13%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=13&partnerUserId=f13ff11e-70c9-48d5-9f0d-aff05ede43a5
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=13&partnerUserId=f13ff11e-70c9-48d5-9f0d-aff05ede43a5
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=13&partnerUserId=f13ff11e-70c9-48d5-9f0d-aff05ede43a5
date
Sat, 27 Jan 2024 03:24:43 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 7E51
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1
  • https://cs.lkqd.net/cs?partnerId=22&partnerUserId=ea18b846-2890-45b5-bb97-1db97e1acc8a
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=ea18b846-2890-45b5-bb97-1db97e1acc8a
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=ea18b846-2890-45b5-bb97-1db97e1acc8a
date
Sat, 27 Jan 2024 03:24:43 GMT
server
Kestrel
content-length
203
genericusersync.ashx
sync.tidaltv.com/ Frame 7E51 		0
0
us.php
gu.dyntrk.com/adx/lkqd/ Frame 7E51 		0
0
cs
cs.lkqd.net/ Frame 7E51
Redirect Chain
  • https://media.sabio.us/imp_pixel?invsrc=11&secure=1
  • https://cs.lkqd.net/cs?partnerId=39&partnerUserId=7290042619747241509
43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=7290042619747241509
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=7290042619747241509
date
Sat, 27 Jan 2024 03:24:43 GMT
server
Apache/2.4.23 (Unix)
content-length
257
content-type
text/html; charset=iso-8859-1
genericusersync.ashx
sync.tidaltv.com/ Frame 7E51 		0
0
cs
cs.lkqd.net/ Frame 7E51
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D&_test=ZbR3ewAAX5lxcQBK
  • https://cs.lkqd.net/cs?partnerId=52&partnerUserId=ZbR3ewAAX5lxcQBK&_test=ZbR3ewAAX5lxcQBK
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=ZbR3ewAAX5lxcQBK&_test=ZbR3ewAAX5lxcQBK
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

x-served-by
cache-lga21970-LGA
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
via
1.1 varnish
server
Varnish
x-timer
S1706325883.285892,VS0,VE0
x-cache
HIT
location
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=ZbR3ewAAX5lxcQBK&_test=ZbR3ewAAX5lxcQBK
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
cs
cs.lkqd.net/ Frame 7E51
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25
  • https://cs.lkqd.net/cs?partnerId=53&partnerUserId=CxTYaqsNLmpX&ev=1&pid=561322
43 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=CxTYaqsNLmpX&ev=1&pid=561322
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=CxTYaqsNLmpX&ev=1&pid=561322
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-c7l2w
expires
-1
464986.gif
idsync.rlcdn.com/ Frame 7E51 		42 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/464986.gif?partner_uid=TK3fIZEzRKA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cs
cs.lkqd.net/ Frame 7E51
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=VEszZklaRXpSS0E
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEECs5P1_GZI5BvvvQ1zbK6k&google_cver=1
43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEECs5P1_GZI5BvvvQ1zbK6k&google_cver=1
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEECs5P1_GZI5BvvvQ1zbK6k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.lkqd.net/ Frame 7E51
Redirect Chain
  • https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
  • https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=v-_lWb7tsA-k7rIJuuuqXLDpsgmk6L5cuOuWxMOs
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=v-_lWb7tsA-k7rIJuuuqXLDpsgmk6L5cuOuWxMOs
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=v-_lWb7tsA-k7rIJuuuqXLDpsgmk6L5cuOuWxMOs
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cs
cs.lkqd.net/ Frame 7E51
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/lkq
  • https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1
  • https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAG88U7LaO8AABO1UKlYcA
43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAG88U7LaO8AABO1UKlYcA
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAG88U7LaO8AABO1UKlYcA
Date
Sat, 27 Jan 2024 03:24:43 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cs
cs.lkqd.net/ Frame 7E51
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b30&u=TK3fIZEzRKA&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24
  • https://s.tribalfusion.com/z/i.match?p=b30&u=TK3fIZEzRKA&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24
  • https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662067896561467
43 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662067896561467
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
3450
content-type
text/html
location
https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662067896561467
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
84bde2636f6f42ab-EWR
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
cm
p.rfihub.com/ Frame 7E51 		42 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.38.167.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sat, 27 Jan 2024 03:24:43 GMT
Cache-Control
no-cache
Server
Jetty(9.4.51.v20230217)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cs
cs.lkqd.net/ Frame 7E51
Redirect Chain
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_ecdcfb41-5f05-4835-a680-1212fdf19aad
43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_ecdcfb41-5f05-4835-a680-1212fdf19aad
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_ecdcfb41-5f05-4835-a680-1212fdf19aad
date
Sat, 27 Jan 2024 03:24:43 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.lkqd.net/ Frame 7E51
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=118
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=118
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0a28d24a-cf74-430f-bb09-6fcd90d36213-65b4777b-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0a28d24a-cf74-430f-bb09-6fcd90d36213-65b4777b-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=0a28d24a-cf74-430f-bb09-6fcd90d36213-65b4777b-5553&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUser...
  • https://cs.lkqd.net/cs?partnerId=97&partnerUserId=0a28d24a-cf74-430f-bb09-6fcd90d36213-65b4777b-5553
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=97&partnerUserId=0a28d24a-cf74-430f-bb09-6fcd90d36213-65b4777b-5553
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Sat, 27 Jan 2024 03:24:43 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://cs.lkqd.net/cs?partnerId=97&partnerUserId=0a28d24a-cf74-430f-bb09-6fcd90d36213-65b4777b-5553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
s.ad.smaato.net/c/ Frame 7E51 		0
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269e:ec00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:22 GMT
via
1.1 b0d9885fa66f307673d2636510f36b60.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ATL58-P7
age
21
x-cache
Hit from cloudfront
cache-control
no-cache, must-revalidate
x-amz-cf-id
dPrujP3jtw83xcu9-KV6fNM_rJfb4hfOckL8zc7Yv9Ts8gXcJ5jBzA==
usync.js
eus.rubiconproject.com/ Frame 3A1F 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5cfa4afdbef4f9b5d33790abf8244348412a27e7c166328b50fc5e7f5e8bdceb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:43 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Jan 2024 02:57:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84727
Connection
keep-alive
Content-Length
10901
Expires
Sun, 28 Jan 2024 02:56:50 GMT
/
shb.richaudience.com/hb/ Frame 002F 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://wbz-tavnsz.net
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 002F 		333 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2128490&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,edcd024148e896f656d9,1,,,&rf=mynet.com&kw=mynet%2Cmynethaber%2Coyun%2Calt%C4%B1nfiyatlar%C4%B1%2Cyemektarifleri%2Cseyahat%2Csa%C4%9Fl%C4%B1k%2Chavadurumu%2Ckad%C4%B1n%2Csinema&tg_i.page=https%3A%2F%2Fwww.mynet.com%2F&tg_i.domain=mynet.com&tg_i.pbadslot=adpn-adtag-1706325882247&tk_flint=pbjs_lite_v7.19.0&x_source.tid=df3cd234-555c-439d-b549-ccb68343e55a&l_pb_bid_id=409c198d60f26c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9571413074730892
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2b68f66c6ab686c34982023db84e89448ef7263afc42aa9e24d9df37ed964e89

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 002F 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=20290843216&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:42 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
ap.lijit.com/rtb/ Frame 002F 		24 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.147.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-147-123.compute-1.amazonaws.com
Software
/
Resource Hash
d1d1548403513a9dfac12d19482f0b6f353080ca42562c0030c2387da87e48a0

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://wbz-tavnsz.net
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
translator
hbopenbid.pubmatic.com/ Frame 002F 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 002F 		139 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
71c406b841dba79e6a1723744ba4fec0d6324a292bab2c2336e69a1d4d3c958a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
an-x-request-uuid
80db0fbc-9bfe-49b3-bacd-0410fe0f6815
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx2.adform.net/adx/ Frame 002F 		0
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame 002F 		837 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.119.115 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip115.ip-147-135-119.us
Software
/
Resource Hash
feae0140363329b375a93e08c4fe572f5d87132eb2efba26fd424bc60d321fcc

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wbz-tavnsz.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 002F 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:43 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
adjson
ads.betweendigital.com/ Frame 002F 		2 B
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
t
t.lkqd.net/ Frame 4536 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:43 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CD0E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Jan 2024 03:24:43 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 27 Jan 2024 03:24:43 GMT
server
nginx
33787225
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 9478 		788 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/33787225?schain=1.0%2C1%21vidoomy.com%2C64027%2C1%2C12334563945127824410076659639,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
24ddcbd452f49bcf5352c50cdd7cb55e451741b97da80ef6463dbad2db99de0f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 03:24:43 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://wbz-tavnsz.net
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1706325883255054-140
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 9478 		28 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473012&zone_id=2804598&size_id=203&p_aso.video.protocols=2,5,3,6,7,8,11,12&p_aso.video.maxduration=250&p_aso.video.mimes=%22application/javascript%22,%22video/3gpp%22,%22video/mp4%22,%22video/webm%22,%22video/x-flv%22&p_aso.video.playbackmethod=2&p_aso.video.api=2,7,8,9&rp_schain=1.0,1!vidoomy.com,64001,1,[CACHEBUSTER],,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.228.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-228-57.compute-1.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
d06c733ba42b81cd66c7fcaabc75b51c59292cdbccdcfb6a88bf2b57d262047b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 9478 		802 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C64027%2C1%2C5127824410076659639631891641%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
8c48b299f78411314bd8799bd1459c5591ffef8067eb075aede8bb8694963259

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 03:24:43 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://wbz-tavnsz.net
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1706325883274023-1179
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwbz-tavnsz.net%2F&domain=wbz-tavnsz.net&bundle=qOKN6V9TMmVDQXpNQVg5Z3A4Y1QlMkZ2VzFFdkthNEtWMTVMUkdZRFc3RTVEeGZteDV4eHBzeFVvUnJpdlF...
  • https://mug.criteo.com/sid?cpp=tLhxtHxOWVhJQnRMSDlzRGk3Tk5DOWNUckxEODIwaSswc1FjdVRYRHlTSVV1Z1ltVmx3UDY2dTV1TGVvM29BR3RhVHZ1Wlg4SlhueW1CUlpVZ1BwQnMvUzNoVkRVQ3ZlT1NVbWtDRW9vQjY3eXh2NVh1cDh1Sy9iTTNvU1...
450 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=tLhxtHxOWVhJQnRMSDlzRGk3Tk5DOWNUckxEODIwaSswc1FjdVRYRHlTSVV1Z1ltVmx3UDY2dTV1TGVvM29BR3RhVHZ1Wlg4SlhueW1CUlpVZ1BwQnMvUzNoVkRVQ3ZlT1NVbWtDRW9vQjY3eXh2NVh1cDh1Sy9iTTNvU1Q1UENCV3dtNXJXWW0rc2kreW4wT1pZcTl6SlZCS214U05NMFZjM3p2MnZMbWZZMWxDbGREbVJCTnpvVEFsb3JDWnFIb1pxdDRwb0RFSmtJMkZDNXFuRDVZTVEwY1g5c1R1eU1FdGlzN3ArMU8zN0U3TnVqMnZEaXZpdFJJQzBqMWM4cGdiemxJUFNDNnMwaVNpd0dKMU5TTU9xelU3SERZV2dXWkt6a3RqU1hVM2ZmNnNmZz18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
32b8fd285a050ceafc09d599dd63d9ac7c813a67ba5e5f07b3a28e861d05124c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
914215
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://wbz-tavnsz.net
location
https://mug.criteo.com/sid?cpp=tLhxtHxOWVhJQnRMSDlzRGk3Tk5DOWNUckxEODIwaSswc1FjdVRYRHlTSVV1Z1ltVmx3UDY2dTV1TGVvM29BR3RhVHZ1Wlg4SlhueW1CUlpVZ1BwQnMvUzNoVkRVQ3ZlT1NVbWtDRW9vQjY3eXh2NVh1cDh1Sy9iTTNvU1Q1UENCV3dtNXJXWW0rc2kreW4wT1pZcTl6SlZCS214U05NMFZjM3p2MnZMbWZZMWxDbGREbVJCTnpvVEFsb3JDWnFIb1pxdDRwb0RFSmtJMkZDNXFuRDVZTVEwY1g5c1R1eU1FdGlzN3ArMU8zN0U3TnVqMnZEaXZpdFJJQzBqMWM4cGdiemxJUFNDNnMwaVNpd0dKMU5TTU9xelU3SERZV2dXWkt6a3RqU1hVM2ZmNnNmZz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
328900
content-length
0
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwbz-tavnsz.net%2F&domain=wbz-tavnsz.net&bundle=qOKN6V9TMmVDQXpNQVg5Z3A4Y1QlMkZ2VzFFdkthNEtWMTVMUkdZRFc3RTVEeGZteDV4eHBzeFVvUnJpdlFXZTNqdnp0SUpjQ3FDVVlLN0xlOGxzNDRGN1JrUTFBS2lyVUpBSWdFTVlhaFZDSkFMN0hHUjVUcDJjbmxVS3c4SVdHaG5CMVhJcGpVd1J1JTJGRnQwUmw0ZkFDSiUyQlhIdEElM0QlM0Q&cw=1&pbt=1&lsw=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 27 Jan 2024 03:24:42 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
411098
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
prebid7.19.0.js
hb.adpone.com/ Frame 1FD8 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=ijqdwgate&e=1981144949990
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DCTPM4KW109WZH50
age
2324
x-amz-server-side-encryption
AES256
x-amz-id-2
NNoV2JA6Sniicyl2YxAGzDvLg8R82MKNYoJxz2RZNnJb2j9cYE+52WF6aeAIaWgc8Kr0rGmh33XJJo0JwprI9w==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2F5f3WVxgMwXrf%2BdJRMsUSw%2BPMt9itZXqBYWiJubMWszMdSTHl0MmlgZV6xE8L6d0mqYYs1orACiHELU%2BSArP0rQXLjJaUfdStoGNFtjCcjmr8t8Ejs43El73eZynDSSA1RyU75VJpLzhWU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84bde262aaf28c17-EWR
prebid7.19.0.js
hb.adpone.com/ Frame AB4D 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=jaurxik&e=1981144949990
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DCTPM4KW109WZH50
age
2324
x-amz-server-side-encryption
AES256
x-amz-id-2
NNoV2JA6Sniicyl2YxAGzDvLg8R82MKNYoJxz2RZNnJb2j9cYE+52WF6aeAIaWgc8Kr0rGmh33XJJo0JwprI9w==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UdgI1gD9FLpDevUoKxu09Q%2BCr16WDsgm1GwOgKhoZYSYHS9hB%2Bi7lcbSbGF4%2BomJFYnZ0TgesR4QF%2FGQnqLHasWB%2BCF4DsiWGL1cVWf%2FX7UpfDw7rSfgxmlTM7O4ZJrFwZVYb97AXtEcwaA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84bde262aaff8c17-EWR
prebid7.19.0.js
hb.adpone.com/ Frame 372A 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=pboxdtxo&e=1981144949990
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DCTPM4KW109WZH50
age
2324
x-amz-server-side-encryption
AES256
x-amz-id-2
NNoV2JA6Sniicyl2YxAGzDvLg8R82MKNYoJxz2RZNnJb2j9cYE+52WF6aeAIaWgc8Kr0rGmh33XJJo0JwprI9w==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQQUD7WQZDB5%2F%2FjnyJz6KMY9vExpLYcIv4O2jm5D66GNqD6OFOLXP6Mb1e%2BmjFTgEnYfvtnRwSpWjl1OSGm2kFSxwOudTQPXGDnw%2FSWKU%2F1BToknWPUQWTDBMhWrWbOJmk5C4jwCyH5dCbk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84bde262bb0f8c17-EWR
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 4DC0 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7afe1a64b661e16a5bfb3cd4737e7f272c65268bdd2a19b937e6e833ea6f7915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29375
x-xss-protection
0
server
cafe
etag
652 / 19749 / m202401230101 / config-hash: 16415232170016434785
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 03:24:43 GMT
exchange
ssc.33across.com/api/ 		141 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/exchange
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
0baf7a1da813741aa38fdb6d0b3acdfef3cf087257e94c92b2837fea94089f96

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://wbz-tavnsz.net
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid7.19.0.js
hb.adpone.com/ Frame C240 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=tgxtthnd&e=1981144949990
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DCTPM4KW109WZH50
age
2324
x-amz-server-side-encryption
AES256
x-amz-id-2
NNoV2JA6Sniicyl2YxAGzDvLg8R82MKNYoJxz2RZNnJb2j9cYE+52WF6aeAIaWgc8Kr0rGmh33XJJo0JwprI9w==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SzqJNHOseyQ34zeNZBwuTfD6spsz5xK7HU88Aa%2BYTySoiz2oiKTlUepI70%2BLTwHLlTNIi3y6rTq9BiQTNCwXqZOvnQkmdOvTDh%2F9JXieZHnml1sKG8EY6cpItstgja26TFvZ1VF2dq8HnjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84bde2630b638c17-EWR
prebid7.19.0.js
hb.adpone.com/ Frame 2407 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=itwreqsy&e=1981144949990
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DCTPM4KW109WZH50
age
2324
x-amz-server-side-encryption
AES256
x-amz-id-2
NNoV2JA6Sniicyl2YxAGzDvLg8R82MKNYoJxz2RZNnJb2j9cYE+52WF6aeAIaWgc8Kr0rGmh33XJJo0JwprI9w==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5fL5BGFQocFIBRssUNA9aPg4nBsKqNv1OPS%2FU1Dx6qshxO3FrDxhpoTUCEbIMmEYKxqtr8D2vLQoCaiPjDsDneta%2BZqTmU1m4zWaZbn7ULr4Hfvs8dfpBzBEHbMkdPLhJ5n8bZNl3PT3p8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84bde2630b658c17-EWR
prebid7.19.0.js
hb.adpone.com/ Frame CE29 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=wxjerejyq&e=1981144949990
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DCTPM4KW109WZH50
age
2324
x-amz-server-side-encryption
AES256
x-amz-id-2
NNoV2JA6Sniicyl2YxAGzDvLg8R82MKNYoJxz2RZNnJb2j9cYE+52WF6aeAIaWgc8Kr0rGmh33XJJo0JwprI9w==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FywqYohhiAPzOoJesWNdUn4MlTd%2FaA%2FYgj0iVjQzO8w26gOziWgnfnfI%2F69rxWtNSPufHeIp8qFBK%2FRLTVjwt9l5KH13LO04OqfYSWGOmK9gp4jQ7m0fRy8l0YeWKNcJVMHQYalqtmlmf64%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84bde2630b678c17-EWR
prebid7.19.0.js
hb.adpone.com/ Frame 9243 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=eyjzkkxfzf&e=1981144949990
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DCTPM4KW109WZH50
age
2324
x-amz-server-side-encryption
AES256
x-amz-id-2
NNoV2JA6Sniicyl2YxAGzDvLg8R82MKNYoJxz2RZNnJb2j9cYE+52WF6aeAIaWgc8Kr0rGmh33XJJo0JwprI9w==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20rrdwnHZjnZopk%2FERe%2FH1MKZQO0yfrruNFS%2Br8e%2FfRJN4fjkKPRakBZOhW%2FBlzZueqCpZpk9Ey5e0os9fv2RZ7XFrpXM%2FWkn3QpenhlMiFmTtgenKovY7a7%2B3tgS60biSzNXbYyjkQtFVc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84bde2632b868c17-EWR
prebid7.19.0.js
hb.adpone.com/ Frame AD95 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=xxxkvszg&e=1981144949990
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DCTPM4KW109WZH50
age
2324
x-amz-server-side-encryption
AES256
x-amz-id-2
NNoV2JA6Sniicyl2YxAGzDvLg8R82MKNYoJxz2RZNnJb2j9cYE+52WF6aeAIaWgc8Kr0rGmh33XJJo0JwprI9w==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aArehyw%2ByEp33EB%2BYQ0oY7xbW6Y01Zc%2Fc%2BabCA%2B2i89fGt0b1p5wNZVGfUkEAWjJ7xs3DzsHfSu0Yp3s3lg1BAz391YvAd5IZzxpfjjX2Qw0tEzCUQuZ813bT6bYCFJFlH2tgpCF5XgCX0Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84bde2633b938c17-EWR
prebid7.19.0.js
hb.adpone.com/ Frame 6B72 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=dhgwfr&e=1981144949990
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DCTPM4KW109WZH50
age
2324
x-amz-server-side-encryption
AES256
x-amz-id-2
NNoV2JA6Sniicyl2YxAGzDvLg8R82MKNYoJxz2RZNnJb2j9cYE+52WF6aeAIaWgc8Kr0rGmh33XJJo0JwprI9w==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcixtcxJXdM0caMsJ0tLpVI3PXz5oD9Vmn4MJMwtQTprkrPUHl2LXeI0sW94n43869KdrzJPzgA4taO%2F%2Bykw6zKRc%2BY%2FJe7ytIghKHPIgqEKBj5SKx97wHJqu65RNc%2BD%2BKZw%2BmccOm2sMxc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84bde2633b9d8c17-EWR
prebid7.19.0.js
hb.adpone.com/ Frame E845 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=ozurmjyis&e=1981144949990
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DCTPM4KW109WZH50
age
2324
x-amz-server-side-encryption
AES256
x-amz-id-2
NNoV2JA6Sniicyl2YxAGzDvLg8R82MKNYoJxz2RZNnJb2j9cYE+52WF6aeAIaWgc8Kr0rGmh33XJJo0JwprI9w==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPnz9ZYzIHj7moxlBpve%2BxDHdt6TBSr01e5Q9bQsBzjfDygxe57AQmwFUnqv8ZKJUUxe75%2B7ZwGo%2B1Z5D2A02XiHrQ1Mw9gZc3HTbJJ2mJrkdcEW9Q7qdcEwGEbadlCAmVWGvCyTlZfQ3Lc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84bde2634ba88c17-EWR
prebid
ib.adnxs.com/ut/v3/ Frame F698 		292 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
470cd2732c986b47395462f0b80a05f88b944f7a3a921e97cb6c006a6fbcb206
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
an-x-request-uuid
34721711-e35b-4770-9699-574eb075c85b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
292
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame F698 		296 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
44f3ede27c619ceefd34f1ee6504ab56af27947aa9ae09c3235f55c4f10acf57
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
an-x-request-uuid
20bc98be-6658-47dd-bb45-2858a5b34153
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
296
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame F698 		296 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
7f051859d3a393b3f69af3f11a3975bf14c66567311e2e7b1544165a923c5685
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
an-x-request-uuid
0821810d-f3a9-4de0-b0cd-b145322b6c0b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
296
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 2121 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240126
Requested by
Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2de6e01fba69a95d6526545d083344d7aea6e005e7ce4b0d84f1d084cb1857af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 27 Jan 2024 03:24:43 GMT
x-content-type-options
nosniff
content-encoding
br
age
41036
x-jsd-version
1.0.1947
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
856
x-served-by
cache-fra-eddf8230103-FRA, cache-lga21978-LGA
x-jsd-version-type
version
etag
W/"640-DiiDHGb+Vr0X7toB6rrhALpVr0s"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 2121 		0
226 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
date
Sat, 27 Jan 2024 03:24:43 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 2121 		0
242 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.25.0&cb=86124774403&lsavail=1
Requested by
Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
date
Sat, 27 Jan 2024 03:24:42 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 2121 		706 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
1fb5461062b4e4a15fe380e40e97be274d1f0ae71e111cafce959a9412b796bd

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.8.0
Content-Type
application/json
access-control-allow-origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
305
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2121 		459 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25100&site_id=458252&zone_id=2685414&size_id=15&rp_schain=1.0,1!pixad.com.tr,px-pub-6428723939,1,,,&eid_pubcid.org=04580388-4cba-4c62-9169-9f019b2b2d4d%5E1&rf=https%3A%2F%2Fwbz-tavnsz.net%2F&tg_i.domain=wbz-tavnsz.net&tg_i.page=https%3A%2F%2Fwbz-tavnsz.net%2F&tg_i.name=https%3A%2F%2F20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com&tg_i.pbadslot=desktop-standard&tk_flint=px_pbjs_lite_v8.25.0&l_pb_bid_id=12f2f2ed90f0326&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=desktop-standard&m_ch_mobile=%3F0&slots=1&rand=0.31367233792637017
Requested by
Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
93bb7fa4a1cdfea8182c76cbb1a1932d37d9b0b1fb59ba861b128849d204eca1

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
459
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb
cpm.programattik.com/ Frame 2121 		206 B
413 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=920&v=1.6
Requested by
Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash
a6200a85ae167495981cef97ab78e244b0b5e410e834bdbfb929a7bd0fb5cbea

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
date
Sat, 27 Jan 2024 03:24:43 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
content-length
206
content-type
application/json; charset=utf-8
hb
cpm.programattik.com/ Frame 2121 		206 B
412 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=921&v=1.6
Requested by
Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash
35953b4bac82e85cb8906b0cc4c3c01d457109a9ba529a2fe0439418780c14c9

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
date
Sat, 27 Jan 2024 03:24:43 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
content-length
206
content-type
application/json; charset=utf-8
hb
cpm.programattik.com/ Frame 2121 		206 B
412 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=924&v=1.6
Requested by
Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash
5e56911ff61cf32ab1f834569af30ae29454fd68d7493a330371e0be1cc90991

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
date
Sat, 27 Jan 2024 03:24:43 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
content-length
206
content-type
application/json; charset=utf-8
2591347
bs.yandex.ru/prebid/ Frame 2121 		27 B
518 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2591347?imp-id=1&target-ref=wbz-tavnsz.net&ssp-id=10500&ssp-cur=TRY
Requested by
Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
content-encoding
gzip
last-modified
Sat, 27 Jan 2024 03:24:43 GMT
x-yandex-req-id
1706325883808057-1813533360673158919200320-production-app-host-vla-pcode-317
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
content-type
text/html; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Sat, 27 Jan 2024 03:24:43 GMT
2591347
bs.yandex.ru/prebid/ Frame 2121 		27 B
221 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2591347?imp-id=2&target-ref=wbz-tavnsz.net&ssp-id=10500&ssp-cur=TRY
Requested by
Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
content-encoding
gzip
last-modified
Sat, 27 Jan 2024 03:24:43 GMT
x-yandex-req-id
1706325883809685-67609290034580428200271-production-app-host-sas-pcode-153
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
content-type
text/html; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Sat, 27 Jan 2024 03:24:43 GMT
pb
mediazone.rtb.pixad.com.tr/ Frame 2121 		0
0
openrtb
adx.adform.net/adx/ Frame 2121 		0
566 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.230 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
hb
rt.marphezis.com/ Frame 2121 		0
276 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/hb
Requested by
Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
cache-control
no-store
access-control-allow-credentials
true
vary
Origin
expires
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 0917 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.83.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-83-5.atl59.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:44 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 6065fa4dfa87d92a6009e7fe74c3def0.cloudfront.net (CloudFront)
x-amz-cf-pop
ATL59-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
WlEGUILKhDg35pHuS3fZnQHYjuCTyMkotl-NjZV0uDx9i2MW9mjLEg==
adview
securepubads.g.doubleclick.net/pagead/ Frame 2308 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C7f19eXe0Zeq_A7DnjvQPgPOJ6Ay5qpGTdYfR44uBEtvZHhABINCAvx5gycapi8Ck2A-gAZHNtL4DyAEC4AIAqAMByAMIqgT9AU_QzsiQJkknGytjk0mUeYlYmg9TxJyBJeaX13F2eMO5L26syPFz6umgIP4Qj2MypgSsoFkHP6QWPoPOwncD_3DLsiZkQUGq-wwa22Dgcep08vG5HLkeQVuwvEEhFT3X7swq4n__rSNo69Mq8kCCF0vL8a7Ns7M37uCvK9Y9SSnJcgcerPLUdKmlv-oztHmvNXsdMpv9aFD725MJZgOd5TJrGFYmAQdJNXa4twqb-K0vbDGif49FgEWG23LCbHauKB3nyoljZo2-1trTdWnyfzqUOSKDD52ArJ6zfD1KXCNSkNwtaOHFULDIYtMReeOeb60VATbU0bH43_fO5mjABLnP7oy-BOAEAYgFrrDhyk2SBQQIBBgBkgUECAUYBKAGAoAH17LLQagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEN2TC9IIHwiAYRABGB0yAooCOgSAQIBASL39wTpYlZ-JoM_8gwOaCTZodHRwczovL3d3dy5kaWFscGFkLmNvbS9kcC9yZWFsLXRpbWUtYWktdHJhbnNjcmlwdGlvbi-ACgPICwHaDBAKChCg2rXhkbyN2RESAgED4g0TCN3diaDP_IMDFbCzgwgdgHkCzdgTCtAVAZgWAYAXAbIXHgocCAASFHB1Yi01MzYzMjMwMDc1NjMwODQ1GP2BFw&sigh=cNLWwPPHFv8&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSOwAvHhf_g0_ByO5UL9S9GEI_GC4TjHhbRqiapsSmQdI-7QcWflbHtB7dRza1KaDx3o1aMXZECbU2hdImGAE&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
13061_20231003115626751_everbank.svg
s0.2mdn.net/ads/richmedia/studio/13061/ Frame CD0E 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/13061/13061_20231003115626751_everbank.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
045888aa0edf3fa12417fb977511f0f5e36b2242aab412075c7d745d747712fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2907988793834914221/index.html?e=69&leftOffset=0&topOffset=0&c=9SmZyYCT3C&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 22:39:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17133
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1464
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 18:56:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 22:39:10 GMT
13061_20231003115636757_fdic.svg
s0.2mdn.net/ads/richmedia/studio/13061/ Frame CD0E 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/13061/13061_20231003115636757_fdic.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f7c4eab2553dbf1bfc43da6223b5d1417242b7f4e428c41659b4dfa6bb09eb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2907988793834914221/index.html?e=69&leftOffset=0&topOffset=0&c=9SmZyYCT3C&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:59:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77135
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5121
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 18:56:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 05:59:08 GMT
CTA.png
s0.2mdn.net/sadbundle/2907988793834914221/ Frame CD0E 		710 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2907988793834914221/CTA.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1811c8ec160bac8bb528eedae97a1299c2c59cc4aaae38b237f9b755e8f98bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2907988793834914221/index.html?e=69&leftOffset=0&topOffset=0&c=9SmZyYCT3C&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 25 Jan 2025 06:07:01 GMT
date
Fri, 26 Jan 2024 06:07:01 GMT
x-content-type-options
nosniff
age
76662
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
710
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 20:11:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
13061_20231102072945920_evermark-perf_light.svg
s0.2mdn.net/ads/richmedia/studio/13061/ Frame CD0E 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/13061/13061_20231102072945920_evermark-perf_light.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ba4dd27cff7711073ca3f538abadcc4e358b3936f2d8f9cb75d24093caaa739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2907988793834914221/index.html?e=69&leftOffset=0&topOffset=0&c=9SmZyYCT3C&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76662
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2812
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 14:29:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 06:07:01 GMT
13061_20231016114936335_manwithglasses_970x250.png
s0.2mdn.net/ads/richmedia/studio/13061/ Frame CD0E 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/13061/13061_20231016114936335_manwithglasses_970x250.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3aca747cbfd2fa0187d75195723930af56197fae8532a785a6b3f86b35e6e91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2907988793834914221/index.html?e=69&leftOffset=0&topOffset=0&c=9SmZyYCT3C&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:15:08 GMT
x-content-type-options
nosniff
age
76175
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71848
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 18:49:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 06:15:08 GMT
graphics.png
s0.2mdn.net/sadbundle/2907988793834914221/ Frame CD0E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2907988793834914221/graphics.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ad13dda96d8f3e800f880920650dbeaacf1f80d43056707e983390882b97ce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2907988793834914221/index.html?e=69&leftOffset=0&topOffset=0&c=9SmZyYCT3C&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 25 Jan 2025 06:07:01 GMT
date
Fri, 26 Jan 2024 06:07:01 GMT
x-content-type-options
nosniff
age
76662
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4247
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 20:11:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
bg.png
s0.2mdn.net/sadbundle/2907988793834914221/ Frame CD0E 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2907988793834914221/bg.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2216586c8870f29a5ba1deb47870c08ac2faca02b9465fa789ee8c23dfb0f69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2907988793834914221/index.html?e=69&leftOffset=0&topOffset=0&c=9SmZyYCT3C&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 25 Jan 2025 05:59:08 GMT
date
Fri, 26 Jan 2024 05:59:08 GMT
x-content-type-options
nosniff
age
77135
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30181
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 20:11:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
activeview
pagead2.googlesyndication.com/pcs/ Frame 2F00 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuT5_SkdNqvC1qKfbEGUx_deX_a9o6Wf7q4q7_r1OFHdadbOaG8ygyFIZyJ3YpoQl6Iyr3Ey9YgqB6qHlJEO_y817FW1NzK34pN6Kc0qCZ1he3ibeFDTJFqnh0RBqq5bEGH5L211mAU29cOmsAm_6D662wg&sai=AMfl-YQLhJck31IsVq90W2azGFQoskPbAP51uBGKIULMMXy7-h5V5ZkicRQjn7bWyOEIZ0rYnZpQ9qjLFERhOyMYqxXAWcuqNCiCM7LB-vsU6VCOaKbkU0ELFLEz3E40E3yd5bDOYQcHOe25zZFCMGhb&sig=Cg0ArKJSzHvhGMeIU7jiEAE&cid=CAQSTgAvHhf_KP2lFn4MzH27V0bBldNjdCXRR9r_-VEdpewbjtFfb41TcbP1L358c5JzHRHLl9RkodG68pD7wz9kkwp30j8Ajiqj3XiA861h_RgB&id=ampim&o=315,924&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1218&mtos=0,0,1218,1218,1218&tos=0,0,1218,0,0&tfs=1122&tls=2340&g=99.44444298744202&h=99.44444298744202&tt=2340&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=tLhxtHxOWVhJQnRMSDlzRGk3Tk5DOWNUckxEODIwaSswc1FjdVRYRHlTSVV1Z1ltVmx3UDY2dTV1TGVvM29BR3RhVHZ1Wlg4SlhueW1CUlpVZ1BwQnMvUzNoVkRVQ3ZlT1NVbWtDRW9vQjY3eXh2NVh1cDh1Sy9iTTNvU1Q1UENCV3dtNXJXWW0rc2kreW4wT1pZcTl6SlZCS214U05NMFZjM3p2MnZMbWZZMWxDbGREbVJCTnpvVEFsb3JDWnFIb1pxdDRwb0RFSmtJMkZDNXFuRDVZTVEwY1g5c1R1eU1FdGlzN3ArMU8zN0U3TnVqMnZEaXZpdFJJQzBqMWM4cGdiemxJUFNDNnMwaVNpd0dKMU5TTU9xelU3SERZV2dXWkt6a3RqU1hVM2ZmNnNmZz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 27 Jan 2024 03:24:43 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
427974
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 11C6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMwIcp3vzPRzASFPfLlbzjVE_BM8LmsLtub8FpkjY85JMi6FhqNxVqIBU0-lxSDBmY4rFpQ7f7wW81-kEqvzjgCO3OBKxqVfkzbqBhUxtJpbaPvLfKERUHgmlJE-c4lpr2KZ3znAKdK7uD1DYsWC_RMcSQ37qTJNFXqX1QQbBHnZjBY6Gd9bR1-OJSEFrRa7bxe2zkZpW6ugqPoNVwB0OhtU8wAEvbVIdapotPC9CQWC_06JBqrUmxZ4VFK9PcPD4-eH7J02861reAYuQSGTL7NWmYLb5bMZ7HPi7RFvbhlSmsrQ1Q_CMjgTjM9ScnBrs3WAI4-37FttbvC-5a2mOL4K4nEH-gsyCN-zAwu_zVIiZGDErfu1PYjtX03gODuaoK072W59kymGKFVt5_Dl-Qc9uivxgNQKs0_jCIpcJOENOiK0r2m2O2nPr6_4vqNM6d6PCsWdkRa-mg1hFDa7FnJAv2SZflfSrcK0aZdIhocwO7-1w0WfKu8msHZynbrLgNA160FiebjGsUzagS3Ds9kf5zMI2Ue5OGG_9Ci1RvRaLmf-l_zprZH42zoWRl_HhWfxUa3amvKqg9via1byrMPeCXc0RluaeJ9RSSTlX8ROVn13quk1bObvbEcZ6QUo_Y9qjU70MCnz25uQ6q466aus5y4LU1a7RBcQNkmB5uWPb4F2PZQ_QOaJKPXVYTW5v6kRGNNZWC7gbe29GTVVT16UgP26Z4ZGPYru1QAxaAnhvyWH9ygjRfWfdNeuf52Eq5lidnkycPBTdQTvBK6tlsDYY3A88vJzoeZxGjb1Ipk_JD-vaQq3GRUotThsly8Z8T38jqRFQTzz5-L2jHbc6cLbboLbXKWQAomnxBnT27U1IIc_aWnB2h_IY15fEQwx9jJJGDQPXlVBqnXBtpdkLiGWuNY4lrJX8FAtGKfgvhBEBRzQ9d1hOG2kB1sv-67Ccgl_1qlS9HToMpSjO9x6EJ2VBQ0-21oUc2wB5zl0euf729LodP9j1J54f34UL5y-SbbJTdHsVtfxFWq15ix4t7kuAPrvbHuDO-J_sMxliOISsmhggTUGTt2ageb9C_QgCB8UdFldVJaV9tR_XqvCXLWjcWbuo1oSApKi6r4Eg0RC0AvfOsTJJv9bj9nMKTGffFZqdr_CsGFoybvNXmykrB0sfwAoG9jjNnDZMnvLmQCb-OLjoZIqyvwuFocdJNo5VSKq6RTFl79we6vXy-ZLnQqTMl3STIS7zShqQK47-GpD9kgimz0zppgWHhULxi2pP7Knnc0cWjSwEnUWmHfO7UZXxPwMMlqjd7m3es8Cub-yIdERRtzLgWA4xuWK0tohu0vdk0p5pSHH7bzUH7lJ418SGmHGVCeJZbzlTcVLZtd9tU9oIFqevXk5Lxqgh0YENWAdiB3F65qctml9FJIWg76rFzv5wX_Mds5_0V5EtQx0GIm4pCW9bvEgo&sai=AMfl-YQwh1V1xJ1ftxXbrGV0i0k8NZV93SLFB25lm3BZAIlTcb9THG7ON1pd9_vegqH9GbLNxZe_ue1EGydlsIt51ft-lywdpwPggE6c5hJJdqdaEpXrqRKDK24g0a1WO3EJWP_ssEm8zMcFMZnWDuN-pjDcwME-i9KB6kYH9A&sig=Cg0ArKJSzAZBauIHtG1NEAE&cid=CAQSTgAvHhf_KP2lFn4MzH27V0bBldNjdCXRR9r_-VEdpewbjtFfb41TcbP1L358c5JzHRHLl9RkodG68pD7wz9kkwp30j8Ajiqj3XiA861h_RgB&id=lidar2&mcvt=1134&p=1033,979,1283,1279&mtos=0,0,1134,1134,1134&tos=0,0,1134,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=0.66&if=1&vu=1&app=0&itpl=22&adk=926693769&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170632588100&rst=1706325880811&rpt=1411&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pb
mediazone.rtb.pixad.com.tr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mediazone.rtb.pixad.com.tr/pb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:658 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Pixad-k8s
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
POST
access-control-allow-origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84bde264cee58c69-EWR
date
Sat, 27 Jan 2024 03:24:43 GMT
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9EA6Guii0MPA7CG3d26OdJiRn91B9Ahd2LLI0ueWaV7iSW5YMSWtv4rRtPqAFBrauFuN73J3yC4WaILS2Bpypm71ELLNEx5dAoAniOQkj%2FZkTSFeOMQfXGt3jqzFJD52A2OBtyGl%2Fnb6YflaAnUW13AVZCNnpC%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
working-on
pixad-k8s
x-powered-by
Pixad-k8s
khaos.json
token.rubiconproject.com/ Frame 3A1F 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
Expires
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 27 Jan 2024 03:24:43 GMT
server
nginx
t
t.lkqd.net/ Frame 4536 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:43 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid_ef07200f.js
vpaid.springserve.com/production/ Frame CAA3 		530 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_ef07200f.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24d7:ee00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0483daadda3d2e4c229fdce8d1f649cf6ad4176299867d4e66d4748ed7513bac

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:08:40 GMT
content-encoding
gzip
via
1.1 a598fd731d305353a077e1766dac2884.cloudfront.net (CloudFront)
last-modified
Thu, 26 Oct 2023 22:19:09 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P3
age
526564
x-amz-server-side-encryption
AES256
etag
W/"bcb9a826fdf2c845d2e7400c960d5f69"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2678400
x-amz-cf-id
SGIxQdy_BlDxnCEa8UfJ-KTIqHFiWjoSd1f49u6LmAl-zhsLB6pJRw==
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
728x90.png
redcarpat.com/a/ Frame DB6A 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redcarpat.com/a/728x90.png
Requested by
Host: wbz-tavnsz.net
URL: https://wbz-tavnsz.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.137.45.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-216-137-45-118.atl56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a11a7698898cba7edb4737e2d1d556b10ab052aca9365ef0b462bf78f3c9920

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
WwIpDV_THpmhOWIOgeg7VsMLk6b5x1Xa
date
Fri, 26 Jan 2024 10:15:28 GMT
via
1.1 57e717fbe2ffca026b70977395ee5b3c.cloudfront.net (CloudFront)
last-modified
Fri, 11 Feb 2022 16:12:31 GMT
server
AmazonS3
x-amz-cf-pop
ATL56-C2
age
61782
etag
"cba20ee20997190b39756c05abd61f7f"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
36623
x-amz-cf-id
rb2E_m-2m3o3F39U0LtiBaFiJng8zxQONunpTd8kIX58G4-CIvm4mQ==
t
t.lkqd.net/ Frame 4536 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:43 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 27 Jan 2024 03:24:43 GMT
server
nginx
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 32E9 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:50:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
77624
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 05:50:59 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/ Frame 4DC0 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56ab6b29646315f6b094297b45752ae23fe18430c8eb531edaa6297d917eb5f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:29:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
39306
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138344
x-xss-protection
0
server
cafe
etag
11931332024773231753
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 25 Jan 2025 16:29:37 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 4DC0 		59 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=wbz-tavnsz.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d62470abcbb79765f7d5451ba0bbc27696e360ef607e3e1a31ef24e94e85b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
x-xss-protection
0
expires
Sat, 27 Jan 2024 03:24:43 GMT
match
events-ssc.33across.com/ Frame 3A1F
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LRVIDF5G-1Y-53O3
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LRVIDF5G-1Y-53O3
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LRVIDF5G-1Y-53O3&ts=1706325884&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LRVIDF5G-1Y-53O3&ts=1706325884&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:44 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
referrer-policy
unsafe-url
server
33XP006
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LRVIDF5G-1Y-53O3&ts=1706325884&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
bid
ap.lijit.com/rtb/ Frame AB4D 		24 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.147.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-147-123.compute-1.amazonaws.com
Software
/
Resource Hash
9cd0eab5265791d8f79794da7b8ae4395a75fffc9be55e243e26f9945aadbac0

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 27 Jan 2024 03:24:44 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://windsplay.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame AB4D 		339 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2128490&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,edcd024148e896f656d9,1,,,&rf=mynet.com&tg_i.page=https%3A%2F%2Fwbz-tavnsz.net%2F&tg_i.domain=wbz-tavnsz.net&tg_i.pbadslot=adpn-adtag-1706325883301&tk_flint=pbjs_lite_v7.19.0&x_source.tid=114939f3-7553-41f8-aba6-f944ae196073&l_pb_bid_id=45f975ec0d5b04&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4811549536395259
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
886401e74470d23fa8155b4c2676154e88095a72fd673f2105c10bf638cde39c

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
339
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame AB4D 		138 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
a19c80b98875cef753f597118bdb5bd92fb9382fb12ade47aadcf316e50dac82
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
an-x-request-uuid
e27c7bde-d864-4e6a-8c1e-fb09611181e0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx2.adform.net/adx/ Frame AB4D 		0
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
adjson
ads.betweendigital.com/ Frame AB4D 		2 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
v1
prg.smartadserver.com/prebid/ Frame AB4D 		991 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.119.115 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip115.ip-147-135-119.us
Software
/
Resource Hash
1ab7836fb485ac3e6c58b81a8a0fa51bcc68f25da92b87885ea77898a3669a03

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://windsplay.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame AB4D 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame AB4D 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:44 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame AB4D 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=1175060886&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:43 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
adjson
ads.betweendigital.com/ Frame 9243 		2 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 9243 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:44 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 9243 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=13277028841&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:43 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ Frame 9243 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
575be3ca740bf0086c64dab7fdbcd22bb7bc5b731a735ec17ab6371c8d4f4e95
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
gzip
an-x-request-uuid
793276c0-61dd-41c6-a272-5c4fff4626ce
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 9243 		339 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2128490&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,edcd024148e896f656d9,1,,,&rf=mynet.com&tg_i.page=https%3A%2F%2Fwbz-tavnsz.net%2F&tg_i.domain=wbz-tavnsz.net&tg_i.pbadslot=adpn-adtag-1706325883379&tk_flint=pbjs_lite_v7.19.0&x_source.tid=e4aa484f-10bd-40a4-85b0-1d184a456cc0&l_pb_bid_id=10d27126ad54cac&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5777080835889499
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a3b16936a8c1ffbb61115d3d13c880421ba0b8decd62290b9924b7acfd9eccbe

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
339
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 9243 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
openrtb
adx2.adform.net/adx/ Frame 9243 		0
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame 9243 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.119.115 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip115.ip-147-135-119.us
Software
/
Resource Hash
92489ab0e3f21bb382c0ecfb44824c8800232f0d82adf1efe3e5d6091be11b74

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://windsplay.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 9243 		23 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.147.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-147-123.compute-1.amazonaws.com
Software
/
Resource Hash
d283b225c3577a200e3e049ff1484ba8b8b772981be6c53cd916099d5c9eaf00

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 27 Jan 2024 03:24:44 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://windsplay.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
23
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C240 		339 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2128490&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,edcd024148e896f656d9,1,,,&rf=mynet.com&tg_i.page=https%3A%2F%2Fwbz-tavnsz.net%2F&tg_i.domain=wbz-tavnsz.net&tg_i.pbadslot=adpn-adtag-1706325883352&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5d421c5a-d8e7-4434-b402-3714d25eb62a&l_pb_bid_id=226f37ab6f546f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4408999118066874
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
efa4c9a1505ecdc023d44710c0d75f8ecb819d7cbc797d0cfebe34584c36cc65

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
339
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame C240 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:44 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame C240 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=25744561926&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:44 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
openrtb
adx2.adform.net/adx/ Frame C240 		0
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
translator
hbopenbid.pubmatic.com/ Frame C240 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame C240 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4698a5587efd1f3544a044f47d5730376e448834c1c7912a52d2a3960ff2e8ed
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
gzip
an-x-request-uuid
85e8012f-b772-4c1c-8ede-392907ddec90
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ Frame C240 		2 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bid
ap.lijit.com/rtb/ Frame C240 		24 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.147.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-147-123.compute-1.amazonaws.com
Software
/
Resource Hash
73dbbef2ed15d2b8e95bdf001ffb624b678b2cc42840e51e0db228dd056dc0f5

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 27 Jan 2024 03:24:44 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://windsplay.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
v1
prg.smartadserver.com/prebid/ Frame C240 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.119.115 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip115.ip-147-135-119.us
Software
/
Resource Hash
94a728d8edf2cb13e5d4996c6b1fe79d34b6a349808ee87a0a7bc61c59029e12

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://windsplay.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 1FD8 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e7a8e0f3dd4712276e0efd1bc02bf9973215776867311ffc1acd88ab9b74481c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
gzip
an-x-request-uuid
cd707af5-a20b-44ae-bdea-120730b0b502
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx2.adform.net/adx/ Frame 1FD8 		0
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 1FD8 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:44 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 1FD8 		339 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2128490&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,edcd024148e896f656d9,1,,,&rf=mynet.com&tg_i.page=https%3A%2F%2Fwbz-tavnsz.net%2F&tg_i.domain=wbz-tavnsz.net&tg_i.pbadslot=adpn-adtag-1706325883298&tk_flint=pbjs_lite_v7.19.0&x_source.tid=a02d77ad-324c-4d9c-be3c-0a76d6677fbf&l_pb_bid_id=8d894c7c8040c3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.26812860176937936
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f0bfc081bebdda05a4db8a05f4b7eb31ac5890ccbf1a1121fef6aac78cf3a427

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
339
expires
Wed, 17 Sep 1975 21:32:10 GMT
adjson
ads.betweendigital.com/ Frame 1FD8 		2 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bid
ap.lijit.com/rtb/ Frame 1FD8 		24 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.147.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-147-123.compute-1.amazonaws.com
Software
/
Resource Hash
4f23b8d6f510707d4e05c9620c881857e254f729caefddab6bc914b5504eba99

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 27 Jan 2024 03:24:44 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://windsplay.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
v1
prg.smartadserver.com/prebid/ Frame 1FD8 		929 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.119.115 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip115.ip-147-135-119.us
Software
/
Resource Hash
a7c5d71830d0eddd0c9df6bc17a13081a845a9ee419a89e0df7324462c632fb6

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://windsplay.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 1FD8 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 1FD8 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=96546725997&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:43 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
cdb
bidder.criteo.com/ Frame E845 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=53210440663&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:43 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame E845 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
adjson
ads.betweendigital.com/ Frame E845 		2 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E845 		339 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2128490&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,edcd024148e896f656d9,1,,,&rf=mynet.com&tg_i.page=https%3A%2F%2Fwbz-tavnsz.net%2F&tg_i.domain=wbz-tavnsz.net&tg_i.pbadslot=adpn-adtag-1706325883395&tk_flint=pbjs_lite_v7.19.0&x_source.tid=72a74f20-4039-445f-bceb-b11c72a334c1&l_pb_bid_id=8fcf77f0655da8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5216959849728806
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ba9e25e37254ff1bb724c334aaba8f4fc4fb0fbfa382d20d36703312bb144012

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
339
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame E845 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:44 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ap.lijit.com/rtb/ Frame E845 		24 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.147.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-147-123.compute-1.amazonaws.com
Software
/
Resource Hash
f032bd7ae7af56c63d7a9440e95a957b0d413619794e09ca663f9120f0d5189e

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 27 Jan 2024 03:24:44 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://windsplay.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
v1
prg.smartadserver.com/prebid/ Frame E845 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.119.115 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip115.ip-147-135-119.us
Software
/
Resource Hash
c18f41156c4dfe104b965dd56955733fa021c3e37be0b359bfcea9f51559e213

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://windsplay.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame E845 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
9bae3be0d6aecb8eca72cd54447304386c1e739a6bf78ca354a86a0290685af6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
gzip
an-x-request-uuid
9513ecaf-d632-4ed2-8ca9-d33ae450429e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx2.adform.net/adx/ Frame E845 		0
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame AD95 		138 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
b9bb737b195f440f7eee2c9d7116ed0326a43da4390b4863d5aba3b8970031ac
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
an-x-request-uuid
98e038a2-0d21-48a3-997a-60adff1de764
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame AD95 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
openrtb
adx2.adform.net/adx/ Frame AD95 		0
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame AD95 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=25322232803&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:43 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame AD95 		339 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2128490&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,edcd024148e896f656d9,1,,,&rf=mynet.com&tg_i.page=https%3A%2F%2Fwbz-tavnsz.net%2F&tg_i.domain=wbz-tavnsz.net&tg_i.pbadslot=adpn-adtag-1706325883384&tk_flint=pbjs_lite_v7.19.0&x_source.tid=be369be8-fbc0-46c3-8fa5-5717504ed1c3&l_pb_bid_id=1015ef5758ce66c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.16450682500851288
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ba25789ed63bf87b60e08cd803b89a0966a2847a3b5f3e867c5b418ce8d5882c

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
339
expires
Wed, 17 Sep 1975 21:32:10 GMT
adjson
ads.betweendigital.com/ Frame AD95 		2 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
v1
prg.smartadserver.com/prebid/ Frame AD95 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.119.115 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip115.ip-147-135-119.us
Software
/
Resource Hash
3a3c74e0cf785a90f1d62b2e6750d04c8f1bc2e94c56bc31ba67d20b71b5fd46

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://windsplay.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame AD95 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:44 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ap.lijit.com/rtb/ Frame AD95 		24 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.147.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-147-123.compute-1.amazonaws.com
Software
/
Resource Hash
08aa3dda4bcfb433e10503b42f453a34aa9cf7328a03bae21986343bd4a93fcd

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 27 Jan 2024 03:24:44 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://windsplay.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
cdb
bidder.criteo.com/ Frame CE29 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=61058706196&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:43 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame CE29 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame CE29 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
3a43a7741c56562fc85455affa72d65903fa9944fae349c61d0fc6cfefc7b9c0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
gzip
an-x-request-uuid
553da6e1-a960-4782-9496-9f2cf84c8e07
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame CE29 		24 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.147.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-147-123.compute-1.amazonaws.com
Software
/
Resource Hash
681d84804a45210f24dfc092854b38cd245bc1cc5cc7eb3c16f17a87bc3a1dd9

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 27 Jan 2024 03:24:44 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://windsplay.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
adjson
ads.betweendigital.com/ Frame CE29 		2 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame CE29 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:44 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
openrtb
adx2.adform.net/adx/ Frame CE29 		0
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame CE29 		339 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2128490&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,edcd024148e896f656d9,1,,,&rf=mynet.com&tg_i.page=https%3A%2F%2Fwbz-tavnsz.net%2F&tg_i.domain=wbz-tavnsz.net&tg_i.pbadslot=adpn-adtag-1706325883362&tk_flint=pbjs_lite_v7.19.0&x_source.tid=040bf08d-79f6-46f2-929d-79aec0f8b38b&l_pb_bid_id=16e17b64088294f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.0871267407315568
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f938e477475e150ae0f1dcccd684ff3433289e1dd36a9b7c21217aafad000b9c

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
339
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame CE29 		902 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.119.115 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip115.ip-147-135-119.us
Software
/
Resource Hash
a2a8fdc243cb6032b4a84073845fe8847041d44e02925c7c906156b08882ed7f

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://windsplay.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
openrtb
adx2.adform.net/adx/ Frame 372A 		0
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bid
ap.lijit.com/rtb/ Frame 372A 		24 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.147.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-147-123.compute-1.amazonaws.com
Software
/
Resource Hash
80ad7da0d1b996b68fe3e4c851fe2a75282238da481e6b7a3aed4605d498f8d4

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 27 Jan 2024 03:24:44 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://windsplay.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 372A 		339 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2128490&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,edcd024148e896f656d9,1,,,&rf=mynet.com&tg_i.page=https%3A%2F%2Fwbz-tavnsz.net%2F&tg_i.domain=wbz-tavnsz.net&tg_i.pbadslot=adpn-adtag-1706325883306&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5ecce179-5298-4b72-a49c-772578c94f25&l_pb_bid_id=639b6c9fa3663e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9226111769172036
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
395006755e7f8a9f68f93120ae12fcd995ab523d9e0bd2eb775a66d63092c8e7

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
339
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 372A 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
5eeb0a78ac81ce525947382bec81d5e37cd8f80b73537378faa4dba2013303fb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
gzip
an-x-request-uuid
d3b04957-01ef-4784-badc-96d593174caf
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 372A 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.119.115 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip115.ip-147-135-119.us
Software
/
Resource Hash
99c1685c3ff410b61b002ea6a9b0027441ce0192218fb8cdd6c04741c44d3410

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://windsplay.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 372A 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=74422461566&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:43 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame 372A 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 372A 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:44 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
adjson
ads.betweendigital.com/ Frame 372A 		2 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
cdb
bidder.criteo.com/ Frame 2407 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=92729718045&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:43 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2407 		339 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2128490&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,edcd024148e896f656d9,1,,,&rf=mynet.com&tg_i.page=https%3A%2F%2Fwbz-tavnsz.net%2F&tg_i.domain=wbz-tavnsz.net&tg_i.pbadslot=adpn-adtag-1706325883357&tk_flint=pbjs_lite_v7.19.0&x_source.tid=fc8aceb7-b149-48d9-bb03-99cf8d90531e&l_pb_bid_id=4aedc2af4baabc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5356040249405825
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a54397e21e3e0b7c6fb2d9f89f891cf57710b1786aa74c9cedb257006d85cdf6

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
339
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 2407 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
fcfa1695ee31c550ed74be2842429e7c53df6657534dce28c7e4beba6d1c59e3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
gzip
an-x-request-uuid
315e19bc-1fe5-4e97-ad4d-61ff94c77e6a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 2407 		24 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.147.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-147-123.compute-1.amazonaws.com
Software
/
Resource Hash
c17d601c3937af2adc326571b230ca4e56e04cee88d9cead9237737c9a1249f7

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 27 Jan 2024 03:24:44 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://windsplay.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
v1
prg.smartadserver.com/prebid/ Frame 2407 		925 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.119.115 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip115.ip-147-135-119.us
Software
/
Resource Hash
cc23b4fef892485b4da35faecdabd6b5ec5f364a3e4172f44e966cfc07c96c22

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://windsplay.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 2407 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:44 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ Frame 2407 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
openrtb
adx2.adform.net/adx/ Frame 2407 		0
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
adjson
ads.betweendigital.com/ Frame 2407 		2 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
v1
prg.smartadserver.com/prebid/ Frame 6B72 		967 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.119.115 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip115.ip-147-135-119.us
Software
/
Resource Hash
161a31dcb0aeb9a6e179b5d22e783590e948a918e580a50e6c83f7652c0d6c23

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://windsplay.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 6B72 		24 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.147.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-147-123.compute-1.amazonaws.com
Software
/
Resource Hash
36dd646710632215e5d0645f2e3d6f56f7e0a19ef5d68b7d236dcda7168679af

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 27 Jan 2024 03:24:44 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://windsplay.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
translator
hbopenbid.pubmatic.com/ Frame 6B72 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 6B72 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:44 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
adjson
ads.betweendigital.com/ Frame 6B72 		2 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 6B72 		339 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2128490&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,edcd024148e896f656d9,1,,,&rf=mynet.com&tg_i.page=https%3A%2F%2Fwbz-tavnsz.net%2F&tg_i.domain=wbz-tavnsz.net&tg_i.pbadslot=adpn-adtag-1706325883389&tk_flint=pbjs_lite_v7.19.0&x_source.tid=a2f98a0a-b410-4a59-ad92-5e737e386c32&l_pb_bid_id=12a4e18658a4e4d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2354726302267427
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
273bd41dde068f207f6496bf08063353f3728e08f0f1cb4f149c5bcf020aa9f6

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
339
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 6B72 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=55044220028&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Sat, 27 Jan 2024 03:24:43 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
openrtb
adx2.adform.net/adx/ Frame 6B72 		0
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame 6B72 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
18abd7644b1f571904abefaa48a1b70e44fc18cd99cf278056a6b24c762a3a99
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
gzip
an-x-request-uuid
2f006a6d-c8bf-4932-837b-d64017f41efb
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 14C3 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-HqYqw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 3A1F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&gdpr_consent=&expires=30
42 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&gdpr_consent=&expires=30
date
Sat, 27 Jan 2024 03:24:44 GMT
server
Kestrel
content-length
289
pixel
cm.g.doubleclick.net/ Frame 3A1F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJWSURGNUctMVktNTNPMw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECr-mgr1DAz8gVx8JmaVktc&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJWSURGNUctMVktNTNPMw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJWSURGNUctMVktNTNPMw==&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJWSURGNUctMVktNTNPMw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
Expires
0
setuid
px.ads.linkedin.com/ Frame 3A1F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRVIDF5G-1Y-53O3
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRVIDF5G-1Y-53O3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:43 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 6E26A7BC236D4D2FB4DB44F98A8F8451 Ref B: EWR30EDGE1608 Ref C: 2024-01-27T03:24:44Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYP5PQ0l3629+yGQF84aA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRVIDF5G-1Y-53O3
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 3A1F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG28mOAITGQrfDYQ7mD6ad4&google_cver=1
42 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG28mOAITGQrfDYQ7mD6ad4&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG28mOAITGQrfDYQ7mD6ad4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 3A1F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WqA_5ISbRImB4UAIaRdroQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WqA_5ISbRImB4UAIaRdroQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WqA_5ISbRImB4UAIaRdroQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 03:24:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GTNSTXV2VZK8JD7Y380V
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WqA_5ISbRImB4UAIaRdroQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 3A1F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/qfYetX4_4Ldi12mC5otX0Mn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-6hcdDctE2oLgCEsIRwagKs1kPyzmiIwG5G5oWw--~A
42 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-6hcdDctE2oLgCEsIRwagKs1kPyzmiIwG5G5oWw--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 27 Jan 2024 03:24:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-6hcdDctE2oLgCEsIRwagKs1kPyzmiIwG5G5oWw--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3A1F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDdkOWMzZDg4MDdlYjU0OWFkODc2MmM5NmE3ZmFhYzA3NmE1OTgxZQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDdkOWMzZDg4MDdlYjU0OWFkODc2MmM5NmE3ZmFhYzA3NmE1OTgxZQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDdkOWMzZDg4MDdlYjU0OWFkODc2MmM5NmE3ZmFhYzA3NmE1OTgxZQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 3A1F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LRVIDF5G-1Y-53O3&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LRVIDF5G-1Y-53O3&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 03:24:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CVMCD96YJ01N73VVBP5A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LRVIDF5G-1Y-53O3&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3A1F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=phgrMhscQ8q6Li8eZcULlA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=phgrMhscQ8q6Li8eZcULlA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=phgrMhscQ8q6Li8eZcULlA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 03:24:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J4P5X3DT1R7BZVMYRDXY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=phgrMhscQ8q6Li8eZcULlA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 3A1F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAG88U7LaO8AABO1UKlYcA&expires=30
42 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAG88U7LaO8AABO1UKlYcA&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAG88U7LaO8AABO1UKlYcA&expires=30
Date
Sat, 27 Jan 2024 03:24:44 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
v1
match.sharethrough.com/sync/ Frame 3A1F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRVIDF5G-1Y-53O3
68 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRVIDF5G-1Y-53O3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Server
50.19.82.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-82-102.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:44 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRVIDF5G-1Y-53O3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 3A1F
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9937cf25-d733-49e9-a224-fe71af373a0d&expires=30
42 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9937cf25-d733-49e9-a224-fe71af373a0d&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9937cf25-d733-49e9-a224-fe71af373a0d&expires=30
Date
Sat, 27 Jan 2024 03:24:44 GMT
Connection
keep-alive
X-CI-RTID
714c7a95-4b25-4b40-8837-3f6ede3220eb
Content-Length
144
Content-Type
text/html; charset=utf-8
pixel
capi.connatix.com/us/ Frame 3A1F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LRVIDF5G-1Y-53O3&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LRVIDF5G-1Y-53O3&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LRVIDF5G-1Y-53O3&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84bde26b790cc45c-EWR
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 27 Jan 2024 03:24:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LRVIDF5G-1Y-53O3&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84bde26b184dc45c-EWR
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
setuid
ib.adnxs.com/prebid/ Frame 3A1F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRVIDF5G-1Y-53O3
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRVIDF5G-1Y-53O3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
an-x-request-uuid
e89bea72-cbff-4a29-9bbd-53d6b16da3af
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRVIDF5G-1Y-53O3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 3A1F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRVIDF5G-1Y-53O3
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRVIDF5G-1Y-53O3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:44 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRVIDF5G-1Y-53O3
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
magnite
prebid.a-mo.net/setuid/ Frame 3A1F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LRVIDF5G-1Y-53O3
0
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LRVIDF5G-1Y-53O3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:44 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LRVIDF5G-1Y-53O3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
Expires
0
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame CAA3 		964 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
730cc6d288c0b65181df2ed1b8f0facd0093c6a978f1d46a29906316dd515dea

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
600
expires
Sat, 27 Jan 2024 03:24:44 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame CAA3 		979 B
844 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325882847,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
54c14772f5457443acfa70c0d63054297d423c343ea265f213a7306f20f244ad

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
608
expires
Sat, 27 Jan 2024 03:24:44 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2308 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvL70ZhBoZk7p_4dRElP-7NQst5dQvEt1GhxwhNT-EO1HqCS53RnTM65QGjOMu3QbsBg2D7h-IJwgimz0K7vWlkQfKIo7HxoceNVeOqcra8ZRwpJ1DMmkvQpDnbtvs8rCBkJJbitnQfnTpNzQbik4XLaM8f&sai=AMfl-YQhUZlMNazyXhllxr6J4XgoerPfO20w7plGou-O1hJtXeCw7rFZtKahjIyhfZDgLeKfqQHtkSPuDX7huWIcD749veKXGZqBVEoRFvrGbAkIZeuATdlMEIqeTe8&sig=Cg0ArKJSzDJWchYnAMSSEAE&cid=CAQSOwAvHhf_g0_ByO5UL9S9GEI_GC4TjHhbRqiapsSmQdI-7QcWflbHtB7dRza1KaDx3o1aMXZECbU2hdImGAE&id=ampim&o=1440,130&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1109&mtos=0,0,1109,1109,1109&tos=0,0,1109,0,0&tfs=1490&tls=2599&g=100&h=100&tt=2600&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E13 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BY3YZd3e0ZcKjO5fFjvQPufiLoAEAAAAAOAHgBAI&bg=!6Oul66TNAAa8BdJLnAU7ADQBe5WfOIRJF4gHhrdsqT8KH5cgM_htdvMABKlnagOR3QMGi2u9ZBm52zZn7uE-CDioFNvtAgAABUNSAAAABGgBB5kDBrzft6dy0s_ek8OYfUgwC5EbvcQLsTOazy0T_elmo0CEQy9j2ct7bSNdytMdv_M8YmvdF3k0KQJB3JBtiIhwu4zFirPu1ed2dt-GcJtxuYSTFdXAboguv1vTfttruRo_fOKbsplJlILEBLVyrF5xPRIKe3uhBWn2lN-IyOvELfWaSE7qq8yEcQGYRuLuHzKwxLK0z3kZe7zgYMxV4hEOozrBI5okRjNStXHrYN2cy1iOJJYxiQgexM69CdFpyImS5Xw5o_dpmCLfC6c6lo5oXxOcRzDE8P4sfz2KsQ024lNMyJYU5OOLvzn5QLgu9yEez2Y16VQdnmjFjmFXDsgWb06hRerISLhtjjX885pFTl0-Zo4VncbBuchN1oJnFLGcvDz15JhT2e_lGsYg4NPloMZX56ABA-AL5BwK4psBy7itAUxU93N6SAVTDhHZIozDMv1Q7zCChzr2fR4qAxbfOVwpfN3Z8ZFCJRZhTbydAjGL4j7ibKCrVIMcX1Ek-l-_b8jS_94M0wZk_mKt_lGiYW6hb4n7yXR6UQ5LLlBq71o0BDrPRGpm6x4ochUKnf1fL1gDWPcVMC9kDqArCsvz9JErbtgNpx-omZVDi6Q5IGkPFL0kC79pnPQbB0p_7sQ2knHKpbMG1xQApTgdc-yrS1nm4r3ZM3nfdWyB-uo3D39W7tk7sr_O6JZ-qkRkvH012Fxs9vIP7o9W597XSasyZL8eElxUHfklTo1rWabbtsvOmHXr5tSOqfZhXVC0mIs57CRBXgMnLD7im8dOcTT02xiFRYaxGpi0uCAeg73Cdblca8chlsnRPGABY5ZUx7kizA6blQXCSzKpC0rXphnMffLgCpBInUm9FNiFwuDf6m6iBL1qpmj4BjhzDkLB29T5rIL1fsotM2cQO7jJF23FMi8ilFpmvhonMo7icezXp2vbbFLOo2uLggHUlB0MPUj_BQhPOv4jrK_j5JATiUtjHNY8IEmvVVweO7CwOrNbbHCKAsQhTss_igsY0wNOy4KiglMrp7fbfg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E6E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B1nUgd3e0ZcGjO5fFjvQPufiLoAEAAAAAOAHgBAI&bg=!cHOlczzNAAa8BdJLnAU7ADQBe5WfOEMK1hEjKCRPiWQgi9EQlWLNC3vV151xFn9SWg3UZy0S63ie3qUsc-yt8DYCM7_sAgAABYZSAAAAAmgBB5kDD7G5cM0ODsbUWfj5xvd2cO_RrtdGbbTCOHF1gr8rY-xgGYveaJCRQbSTKEJAeIMZ3bJBLndZsx05m14CpNgfA2Yxq4ImKXar5sj3Nz2J687qIX1rr6pX0Fq6jQKxHaGbFWFml_HbRBK4vEK5rsN5YGmfPT_l3QYMe2og04_ZZRHfRPSZrCkeRLjKs5g152S7jAuM9fH5cBVMMkcG12TnRwjrP90dQbIJhxZXuE1LZ42FU5XQngnJXBefisf-bqnAR9d1tSUqrIVnH2IH_ZntlyLXnev3_Xoivedm84i36dc5lJEQ3oD5mne5p0S8wIoQZc5FSk0ZAHvPveNZy_hdLt1811K_m5im2mMt8C1Ao_GedO1KAzfzdM7Mm5jZwS_oOPuXN7ah4EkZu6SxUbv6v_WTaTFJT7-8RjIjyXeBY8yewUe29yK8oFojUWR2rtd4XWMn_vtxMTKgZ4_hDNp8k-ZpUZ5d3Z8TuFhqNC8VvHfhTQAufcR9FZXG7tcXpi8u0UeJCDJzspiylWETwKLyp8U7TylKxxxTJ_aKk9ZuQ-HTHGwaAmCrneBSxRi2XEEDBr1R_FypAkZjka5aFPkKPGbpoR9tTy9j3zEoWtNvitxH_kfKE6v16HuOr3RFIX6RVMuxmBSx56l_mFqNgXevQQb20Ct3409L-zA75BWLd8Y_2_Dl0xLQahRAhOo752lbkaU7xPMR9fRK46hzy7-TNoi-llEZMVvYI-15LHph3Wb80M4TLmGJIrqHHi5Ns7SY-1Mxa71mKKxY9o54EoBbK8hWScKIooavcbypdL61XHDyLA6g-DxZxE_s-C2EhS1604ZEsr60ZlG1ToK7NbfExE_BbOkH7zDdTdCDpxTVZN3bZds-42nPCq1epzXLbdOZB-IbbRBJA_zRdxwF7sR6v5hYxhx8voQ9U_0K_C8l5K1qptByxQ80ePhKnZ4-_5mA-O4BO8adFBHrUWpwQWvphWP-rrO2yAFnOrX9Pan57WP4KWrdIiNYqTFDVGDrZRTC2NUH6YfBJILI1SjpzrsGWw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
ssp-service.pixad.com.tr/impression/ Frame 2121 		1 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-service.pixad.com.tr/impression/all?data=eyJyZXF1ZXN0Ijp7ImN1cnJlbmN5IjoiVFJZIiwic2l6ZXMiOltbMzAwLDI1MF1dLCJwdWJsaXNoZXJOYW1lIjoiMjBjZmVlNjg5NTJhZDE4NTQ2NThkNmY3MGY5ZTc1MDIuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbSIsImJpZGRlcnMiOlsiMCIsIjEiLCIyIiwiMyIsIjQiLCI1IiwiNiIsIjciLCI4Il0sIm1lZGlhVHlwZXMiOlsiYmFubmVyIl0sImFkVW5pdHMiOlsiZGVza3RvcC1zdGFuZGFyZCJdLCJwdWJJZCI6IjY0Mjg3MjM5MzkiLCJ0b2tlbiI6Imlucy1mZDNlOTkyNC1hYTk4LTVkMjQtODlkYy02MzhhZTExNDVhZTUifSwicmVzcG9uc2UiOltdfQ==
Requested by
Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/showad/showad.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / pixad
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

working-on
pixad-k8s
date
Sat, 27 Jan 2024 03:24:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
pixad
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKG93lr1AZgk5remnvSxm9EALfro2rhMkcMMT9y0EHiwYKrykRo7nWX5O1kwyLfUwooRGcnIr402qIwuDaFNhQ%2B1MJtqr4cCPHUz%2FEHjDzRf5qYOs5emM0U%2BReFvSKfchF%2BLqCUzaiVuZVgWeaaZfaPM3QCT4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cf-ray
84bde26a0a038cad-EWR
alt-svc
h3=":443"; ma=86400
sid
mug.criteo.com/ Frame 2121
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwbz-tavnsz.net%2F&domain=20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=U2nVP3xadjJRRUprRHZUZTJOT2NRakpKVGVGZVdMVXBZcUlRUlJKQXlRN1dMNWhmN09mTnJjU3B1QTRza1JmUTV5UDZzbnlLTEtOZUZGNWZ3ZGVkbEkxV0w5LzhTcjRQTVhGWCtKaDE0MlZZUm41UjQ1cnNwL3NwZG9LMn...
463 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=U2nVP3xadjJRRUprRHZUZTJOT2NRakpKVGVGZVdMVXBZcUlRUlJKQXlRN1dMNWhmN09mTnJjU3B1QTRza1JmUTV5UDZzbnlLTEtOZUZGNWZ3ZGVkbEkxV0w5LzhTcjRQTVhGWCtKaDE0MlZZUm41UjQ1cnNwL3NwZG9LMnNWbXdlbm5EWXNSODE3KzBvMmkzWmRaZXp2TVpmOUJKYVVCd0VXYWs5QXlVQU5wY05vYTY5Tjl0SFBuM3hHekxCTUZPUjhXK2RxS0k5V043N0F4ZnQ4OGtVZ3cxdm1QL3ZyV0IvalovNTZEN2tLZHBYTC8vazRXYSt4Wm5ocFQ3c1QzOTk5b2NmTVlZZ2hMSW1Odlh2ZnhvUGg2ZXEyQzArMGZ5cWtwTVJpN0N0bHAvRnhBdDZ2djlYQjUrZ0JFSnhyZHNZZnBLR1FDUnkwRmtiTHVBd0pUR2QrMXR5YWtsUU1mZFVja2F6SWhvYjVYK2N6Tis0cUxmSlJHLzlJamJlVDNqbDZiZkl8&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c052f5fdfa421272dd54e7c69d5f71a80e0de7037376170dadcaa151a214fdc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1450074
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:43 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
location
https://mug.criteo.com/sid?cpp=U2nVP3xadjJRRUprRHZUZTJOT2NRakpKVGVGZVdMVXBZcUlRUlJKQXlRN1dMNWhmN09mTnJjU3B1QTRza1JmUTV5UDZzbnlLTEtOZUZGNWZ3ZGVkbEkxV0w5LzhTcjRQTVhGWCtKaDE0MlZZUm41UjQ1cnNwL3NwZG9LMnNWbXdlbm5EWXNSODE3KzBvMmkzWmRaZXp2TVpmOUJKYVVCd0VXYWs5QXlVQU5wY05vYTY5Tjl0SFBuM3hHekxCTUZPUjhXK2RxS0k5V043N0F4ZnQ4OGtVZ3cxdm1QL3ZyV0IvalovNTZEN2tLZHBYTC8vazRXYSt4Wm5ocFQ3c1QzOTk5b2NmTVlZZ2hMSW1Odlh2ZnhvUGg2ZXEyQzArMGZ5cWtwTVJpN0N0bHAvRnhBdDZ2djlYQjUrZ0JFSnhyZHNZZnBLR1FDUnkwRmtiTHVBd0pUR2QrMXR5YWtsUU1mZFVja2F6SWhvYjVYK2N6Tis0cUxmSlJHLzlJamJlVDNqbDZiZkl8&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
671787
content-length
0
expires
0
prebid
id5-sync.com/api/config/ Frame 2121 		136 B
466 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
0f613e1c7aa6e5d33b8709293844dcae58b9fc0ace76bf910aa77dbe12453a20
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
date
Sat, 27 Jan 2024 03:24:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
user-sync
cpm.programattik.com/ Frame 7D81 		604 B
886 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/user-sync?zone=921&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D921%26uid%3D%7BUID%7D
Requested by
Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash
631c09483102f313bbe4525037944ff75a43fdbafc5e596261b491bfa4b7a6e6

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store
content-length
604
content-type
text/html; charset=utf-8
date
Sat, 27 Jan 2024 03:24:44 GMT
server
nginx
user-sync
cpm.programattik.com/ Frame 0B10 		604 B
887 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/user-sync?zone=920&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D920%26uid%3D%7BUID%7D
Requested by
Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash
a6403d0b09b366d353e382e346d54e2911c8481867e617b27e18ad691ef1964e

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store
content-length
604
content-type
text/html; charset=utf-8
date
Sat, 27 Jan 2024 03:24:44 GMT
server
nginx
user-sync
cpm.programattik.com/ Frame 4E5B 		604 B
886 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/user-sync?zone=924&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D924%26uid%3D%7BUID%7D
Requested by
Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash
a158a71a6fe142164016effeddf9651a602140ebb34d2fcc888681f71e57b4c2

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store
content-length
604
content-type
text/html; charset=utf-8
date
Sat, 27 Jan 2024 03:24:44 GMT
server
nginx
usync.html
eus.rubiconproject.com/ Frame 129F 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 27 Jan 2024 03:24:44 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 2121 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
e8bc21a2f5c045f875af5f2f12df2822a60c4046116565845c5445c0e75835e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 18 Jan 2024 07:12:06 GMT
server
nginx
etag
W/"65a8cf46-178c8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 Jan 2024 03:24:44 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwbz-tavnsz.net%2F&domain=20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 27 Jan 2024 03:24:43 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
213250
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 129F 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5cfa4afdbef4f9b5d33790abf8244348412a27e7c166328b50fc5e7f5e8bdceb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:44 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Jan 2024 02:57:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84726
Connection
keep-alive
Content-Length
10901
Expires
Sun, 28 Jan 2024 02:56:50 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=U2nVP3xadjJRRUprRHZUZTJOT2NRakpKVGVGZVdMVXBZcUlRUlJKQXlRN1dMNWhmN09mTnJjU3B1QTRza1JmUTV5UDZzbnlLTEtOZUZGNWZ3ZGVkbEkxV0w5LzhTcjRQTVhGWCtKaDE0MlZZUm41UjQ1cnNwL3NwZG9LMnNWbXdlbm5EWXNSODE3KzBvMmkzWmRaZXp2TVpmOUJKYVVCd0VXYWs5QXlVQU5wY05vYTY5Tjl0SFBuM3hHekxCTUZPUjhXK2RxS0k5V043N0F4ZnQ4OGtVZ3cxdm1QL3ZyV0IvalovNTZEN2tLZHBYTC8vazRXYSt4Wm5ocFQ3c1QzOTk5b2NmTVlZZ2hMSW1Odlh2ZnhvUGg2ZXEyQzArMGZ5cWtwTVJpN0N0bHAvRnhBdDZ2djlYQjUrZ0JFSnhyZHNZZnBLR1FDUnkwRmtiTHVBd0pUR2QrMXR5YWtsUU1mZFVja2F6SWhvYjVYK2N6Tis0cUxmSlJHLzlJamJlVDNqbDZiZkl8&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 27 Jan 2024 03:24:44 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
321858
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
dcdn.adnxs.com/renderer-content/ Frame FE4E 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcdn.adnxs.com/renderer-content/8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
2dc1e68c13c864d9d83effe504c6cc2a4b7cc56794368478cd092b18322bc7bd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
gzip
Via
1.1 varnish
x-b3-traceid
31368d050cfca85f
Age
55042
X-Cache
HIT
an-served-by
hbapi-proxy-production-bfc9874b9-k88bc
Connection
keep-alive
Content-Length
2951
X-Served-By
cache-lga21936-LGA
Server
nginx/1.21.3
X-Timer
S1706325885.719260,VS0,VE1
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
X-Cache-Hits
1
trk.js
cdn.adnxs.com/v/s/240/ Frame FE4E 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.162.249 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-249.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Sun, 26 Jan 2025 03:24:44 GMT
8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
dcdn.adnxs.com/renderer-content/ Frame A9E1 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcdn.adnxs.com/renderer-content/8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
2dc1e68c13c864d9d83effe504c6cc2a4b7cc56794368478cd092b18322bc7bd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
gzip
Via
1.1 varnish
x-b3-traceid
31368d050cfca85f
Age
55042
X-Cache
HIT
an-served-by
hbapi-proxy-production-bfc9874b9-k88bc
Connection
keep-alive
Content-Length
2951
X-Served-By
cache-lga21957-LGA
Server
nginx/1.21.3
X-Timer
S1706325885.719784,VS0,VE0
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
X-Cache-Hits
4
trk.js
cdn.adnxs.com/v/s/240/ Frame A9E1 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.162.249 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-249.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Sun, 26 Jan 2025 03:24:44 GMT
8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
dcdn.adnxs.com/renderer-content/ Frame C158 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcdn.adnxs.com/renderer-content/8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
2dc1e68c13c864d9d83effe504c6cc2a4b7cc56794368478cd092b18322bc7bd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
gzip
Via
1.1 varnish
x-b3-traceid
31368d050cfca85f
Age
55042
X-Cache
HIT
an-served-by
hbapi-proxy-production-bfc9874b9-k88bc
Connection
keep-alive
Content-Length
2951
X-Served-By
cache-lga21955-LGA
Server
nginx/1.21.3
X-Timer
S1706325885.735866,VS0,VE1
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
X-Cache-Hits
1
trk.js
cdn.adnxs.com/v/s/240/ Frame C158 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.162.249 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-249.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Sun, 26 Jan 2025 03:24:44 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame B7FA 		159 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 8E30 		94 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
759ce2a2ce00d61d23c78b075f72880dba5cec69876073fc1313ccfe536c7101

Request headers

Referer
https://windsplay.com/
Origin
https://windsplay.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
br
last-modified
Mon, 08 Jan 2024 22:48:38 GMT
content-md5
KZ85098409+xSFlkh0Pi2Q==
etag
0x8DC109BF43EA7FE
x-azure-ref
0fHe0ZQAAAABQa8njDqyxQr8b2513SjTeTU5aMjIxMDYwNjEyMDQ3ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
366a0a8f-901e-00f2-5821-5099ef000000
cache-control
private, max-age=3600, stale-while-revalidate=86400
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/240/ Frame 8E30 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.162.249 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-249.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Sun, 26 Jan 2025 03:24:44 GMT
it
nym1-ib.adnxs.com/ Frame 8E30 		0
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwbz-tavnsz.net%252F&e=wqT_3QKcB_BMnAMAAAMA1gAFAQj87tGtBhDWscyP9sTNixoY6ue515-5i4pNKjYJAAAAAHAgej8RAAAAAATSeD8ZAAAAoEfh2j8hAAAAAATSeD8pAAAJJPCaMQAAAEDheoQ_MOCUxwo4mFBAtV5I4wNQuomKtgFYs_uNAWAAaPDJpgF4x88FgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIXaHR0cHM6Ly93YnotdGF2bnN6Lm5ldC-AAwCIAwGQAwCYAxegAwGqA4QDCrICaHR0cHMBLfCGd3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9OWFiNWYxNTAtMDNiZS00ODViLWE1ZDEtODBhOTBhN2NhNmY4JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmb0FkVW5pFVwYcHVibGlzaAUpLDE2MjY0NTMzMCZySZpxALhydHlwZT1udXJsJnRhZ0lkPTIyMTM3NDQwJnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZ8Ml0cWNlY25mZiZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzE4ODAwMzA5MTIyMjU0MTc0MzAiCTM4MTg0NjcxNCoEYmluZzogVTJodmNIQnBibWRCWkNNeE1EWXdNVEF6TXpZeE9UVT3AA9gEyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAERWBUiAUBmAUAoAXuv8ut6vPFyGfABQDJBUG_HAAA8D_SBQkJCQx4AADYBQHgBQHwBbC9E_oFBAgAEACQBgCYBgC4BgDBBgklLPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfHzwXSBw0VZQEmCNoHBgFexBgA4AcA6gcCCADwB_PfqASKCAIQAJUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=41056b66464e410c9eeb8ee4bb83d16cf0dbc2bf
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
an-x-request-uuid
9ddff502-d27d-4aaf-9721-9f776298891a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
script.js
acdn.adnxs-simple.com/strikeforce/ Frame 5134 		129 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b151a02b05f0e74942112f0e39e13cd6ba205fbba4e792b4d60841b1c51a450b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires
Fri, 12 Jan 2024 05:49:02 GMT
Date
Sat, 27 Jan 2024 03:24:44 GMT
Content-Encoding
gzip
Via
1.1 varnish
Age
77713
X-Cache
HIT
Connection
keep-alive
Content-Length
46991
X-Served-By
cache-lga21970-LGA
Last-Modified
Wed, 10 Jan 2024 13:34:14 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1706325885.799869,VS0,VE0
ETag
W/"659e9cd6-204f6"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
25378
8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
dcdn.adnxs.com/renderer-content/ Frame 5134 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcdn.adnxs.com/renderer-content/8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
2dc1e68c13c864d9d83effe504c6cc2a4b7cc56794368478cd092b18322bc7bd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
gzip
Via
1.1 varnish
x-b3-traceid
31368d050cfca85f
Age
55042
X-Cache
HIT
an-served-by
hbapi-proxy-production-bfc9874b9-k88bc
Connection
keep-alive
Content-Length
2951
X-Served-By
cache-lga21955-LGA
Server
nginx/1.21.3
X-Timer
S1706325885.778621,VS0,VE0
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
X-Cache-Hits
2
trk.js
cdn.adnxs.com/v/s/240/ Frame 5134 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.162.249 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-249.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Sun, 26 Jan 2025 03:24:44 GMT
8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
dcdn.adnxs.com/renderer-content/ Frame 4E86 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcdn.adnxs.com/renderer-content/8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
2dc1e68c13c864d9d83effe504c6cc2a4b7cc56794368478cd092b18322bc7bd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
gzip
Via
1.1 varnish
x-b3-traceid
31368d050cfca85f
Age
55042
X-Cache
HIT
an-served-by
hbapi-proxy-production-bfc9874b9-k88bc
Connection
keep-alive
Content-Length
2951
X-Served-By
cache-lga21936-LGA
Server
nginx/1.21.3
X-Timer
S1706325885.790345,VS0,VE0
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
X-Cache-Hits
2
trk.js
cdn.adnxs.com/v/s/240/ Frame 4E86 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.162.249 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-249.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Sun, 26 Jan 2025 03:24:44 GMT
8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
dcdn.adnxs.com/renderer-content/ Frame 4D4B 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcdn.adnxs.com/renderer-content/8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
2dc1e68c13c864d9d83effe504c6cc2a4b7cc56794368478cd092b18322bc7bd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
gzip
Via
1.1 varnish
x-b3-traceid
31368d050cfca85f
Age
55042
X-Cache
HIT
an-served-by
hbapi-proxy-production-bfc9874b9-k88bc
Connection
keep-alive
Content-Length
2951
X-Served-By
cache-lga21955-LGA
Server
nginx/1.21.3
X-Timer
S1706325885.799240,VS0,VE0
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
X-Cache-Hits
3
trk.js
cdn.adnxs.com/v/s/240/ Frame 4D4B 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.162.249 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-249.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Sun, 26 Jan 2025 03:24:44 GMT
8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
dcdn.adnxs.com/renderer-content/ Frame 358F 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcdn.adnxs.com/renderer-content/8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
2dc1e68c13c864d9d83effe504c6cc2a4b7cc56794368478cd092b18322bc7bd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
gzip
Via
1.1 varnish
x-b3-traceid
31368d050cfca85f
Age
55042
X-Cache
HIT
an-served-by
hbapi-proxy-production-bfc9874b9-k88bc
Connection
keep-alive
Content-Length
2951
X-Served-By
cache-lga21955-LGA
Server
nginx/1.21.3
X-Timer
S1706325885.821829,VS0,VE0
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
X-Cache-Hits
4
trk.js
cdn.adnxs.com/v/s/240/ Frame 358F 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.162.249 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-249.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Sun, 26 Jan 2025 03:24:44 GMT
user-sync
rtb.programattik.com/ Frame 7D81
Redirect Chain
  • https://an.yandex.ru/mapuid/turktelekomrtb/
  • https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=85683BD4B01D75A3
42 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=85683BD4B01D75A3
Requested by
Host: cpm.programattik.com
URL: https://cpm.programattik.com/user-sync?zone=921&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D921%26uid%3D%7BUID%7D
Protocol
H2
Server
85.111.6.50 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cpm.programattik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:45 GMT
cache-control
no-store
server
nginx
content-length
42
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 03:24:44 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=85683BD4B01D75A3
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 03:24:44 GMT
user-sync
cpm.programattik.com/ Frame 7D81
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45308&callback_url=%2F%2Fcpm.programattik.com%2Fuser-sync%3Fzone%3D921%26dsp%3D8%26t%3Dimage%26uid%3D%24%7BUSER_ID%7D
  • https://cpm.programattik.com/user-sync?zone=921&dsp=8&t=image&uid=b24fc8fc-8b1d-531b-b0fb-873ed54ff047
42 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cpm.programattik.com/user-sync?zone=921&dsp=8&t=image&uid=b24fc8fc-8b1d-531b-b0fb-873ed54ff047
Requested by
Host: cpm.programattik.com
URL: https://cpm.programattik.com/user-sync?zone=921&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D921%26uid%3D%7BUID%7D
Protocol
H2
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cpm.programattik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:44 GMT
cache-control
no-store
server
nginx
content-length
42
content-type
image/gif

Redirect headers

location
https://cpm.programattik.com/user-sync?zone=921&dsp=8&t=image&uid=b24fc8fc-8b1d-531b-b0fb-873ed54ff047
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
user-sync
rtb.programattik.com/ Frame 0B10
Redirect Chain
  • https://an.yandex.ru/mapuid/turktelekomrtb/
  • https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=85683BD4B01D75A3
42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=85683BD4B01D75A3
Requested by
Host: cpm.programattik.com
URL: https://cpm.programattik.com/user-sync?zone=920&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D920%26uid%3D%7BUID%7D
Protocol
H2
Server
85.111.6.50 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cpm.programattik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:45 GMT
cache-control
no-store
server
nginx
content-length
42
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 03:24:44 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=85683BD4B01D75A3
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 03:24:44 GMT
user-sync
cpm.programattik.com/ Frame 0B10
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45308&callback_url=%2F%2Fcpm.programattik.com%2Fuser-sync%3Fzone%3D920%26dsp%3D8%26t%3Dimage%26uid%3D%24%7BUSER_ID%7D
  • https://cpm.programattik.com/user-sync?zone=920&dsp=8&t=image&uid=b24fc8fc-8b1d-531b-b0fb-873ed54ff047
42 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cpm.programattik.com/user-sync?zone=920&dsp=8&t=image&uid=b24fc8fc-8b1d-531b-b0fb-873ed54ff047
Requested by
Host: cpm.programattik.com
URL: https://cpm.programattik.com/user-sync?zone=920&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D920%26uid%3D%7BUID%7D
Protocol
H2
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cpm.programattik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:44 GMT
cache-control
no-store
server
nginx
content-length
42
content-type
image/gif

Redirect headers

location
https://cpm.programattik.com/user-sync?zone=920&dsp=8&t=image&uid=b24fc8fc-8b1d-531b-b0fb-873ed54ff047
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
user-sync
rtb.programattik.com/ Frame 4E5B
Redirect Chain
  • https://an.yandex.ru/mapuid/turktelekomrtb/
  • https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=85683BD4B01D75A3
42 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=85683BD4B01D75A3
Requested by
Host: cpm.programattik.com
URL: https://cpm.programattik.com/user-sync?zone=924&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D924%26uid%3D%7BUID%7D
Protocol
H2
Server
85.111.6.50 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cpm.programattik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:45 GMT
cache-control
no-store
server
nginx
content-length
42
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 03:24:44 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=85683BD4B01D75A3
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 03:24:44 GMT
user-sync
cpm.programattik.com/ Frame 4E5B
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45308&callback_url=%2F%2Fcpm.programattik.com%2Fuser-sync%3Fzone%3D924%26dsp%3D8%26t%3Dimage%26uid%3D%24%7BUSER_ID%7D
  • https://cpm.programattik.com/user-sync?zone=924&dsp=8&t=image&uid=b24fc8fc-8b1d-531b-b0fb-873ed54ff047
42 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cpm.programattik.com/user-sync?zone=924&dsp=8&t=image&uid=b24fc8fc-8b1d-531b-b0fb-873ed54ff047
Requested by
Host: cpm.programattik.com
URL: https://cpm.programattik.com/user-sync?zone=924&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D924%26uid%3D%7BUID%7D
Protocol
H2
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cpm.programattik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:44 GMT
cache-control
no-store
server
nginx
content-length
42
content-type
image/gif

Redirect headers

location
https://cpm.programattik.com/user-sync?zone=924&dsp=8&t=image&uid=b24fc8fc-8b1d-531b-b0fb-873ed54ff047
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
syncframe
gum.criteo.com/ Frame C5A5 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:44 GMT
server
Kestrel
server-processing-duration-in-ticks
1507515
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.149.js
static.criteo.net/js/ld/ Frame 2121 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.149.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
e8bc21a2f5c045f875af5f2f12df2822a60c4046116565845c5445c0e75835e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 18 Jan 2024 07:12:06 GMT
server
nginx
etag
W/"65a8cf46-178c8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 Jan 2024 03:24:44 GMT
get
choices.trustarc.com/ Frame A9E1 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=itwreqsy&e=1981144949990
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-150-40.atl59.r.cloudfront.net
Software
nginx /
Resource Hash
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Tue, 09 Jan 2024 07:59:48 GMT
via
1.1 82b170252472ddc05787e77ddfe8dac8.cloudfront.net (CloudFront)
last-modified
Thu, 26 Oct 2023 03:20:37 GMT
server
nginx
x-amz-cf-pop
ATL59-P5
age
1539904
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
739
x-amz-cf-id
Z2F0zkQ8HawOUu2Cmqa5fYOk24T7vZ1u2wD4N4wxDaJ0BuQPfVU6Cw==
expires
Thu, 08 Feb 2024 07:39:41 GMT
th
www.bing.com/ Frame A9E1 		147 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OAIP.3340247232de307fbbf40a32a4946a8e&pid=AdsNative&c=3&w=1200&h=627&dynsize=1&qlt=90
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=itwreqsy&e=1981144949990
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9d2e31bada568b3eed7992547c55ac77a90fe91a7776322a71b262472263b662

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:45 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 36EF86C311E64ECC8E9E2F5D37B791D2 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
150855
c.gif
www.bing.com/aes/ Frame A9E1
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=45790be1-12e3-4133-87c7-b55ce34c176b&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=0f576a21-4c9b-4919-bd7...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=68cb99f9720c4ddeacbd974e3a7bd5d6&SNR=1&GV=2&med=10
0
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=68cb99f9720c4ddeacbd974e3a7bd5d6&SNR=1&GV=2&med=10
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=itwreqsy&e=1981144949990
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A9AFAD50C9CE477FA58C84C89DE7AA39 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sat, 27 Jan 2024 03:24:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 39A6C45A168241E58E9A9A4C2A388877 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=68cb99f9720c4ddeacbd974e3a7bd5d6&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
150
expires
0
it
nym1-ib.adnxs.com/ Frame A9E1 		0
968 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QKpB_BMqQMAAAMA1gAFAQj87tGtBhCWnq-66Ozq0hIY6ue515-5i4pNKjYJtrqK3dclnz8RxpcQrCaXnT8ZAAAAoEfh2j8hxpcQrCaXnT8ptroJJPRVAzEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF4hb0FgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDkwMKrQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD0wZjU3NmEyMS00YzliLTQ5MTktYmQ3Ni01MWRjNTBmN2JjNjcmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxMjcwJnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9MGY1NzZhMjEtNGM5Yi00OTE5LWJkNzYtNTFkYzUwZjdiYzY3JnJ0eXBlPW51cmwmdGFnSWQ9MjIxMzc0NDAmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD1lcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMTM0MzY2ODUyMDY4NDg2NzM1MCIJMjQ2NDUzODM1KgRiaW5nOjRVMlZoY21Ob1FXUWpOelF3TVRFeE5EQXhNRFl3TlRZak56UXdNVEV3T1RNd01UUTJNek09wAPgqAHIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNNS4xODEuMjM0LjEzM6gEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATLrMJ1iAUBmAUAoAWivpXjvMzRu07ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW4phj6BQQIABAAkAYBmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGDPIGAggAgAcBiAcAoAdByAeFvQXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB_PfqASKCAIQAJUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=aab2ba1af9d93feeb243edc9899537f03d39834b
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=itwreqsy&e=1981144949990
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
63ba7b23-c641-4d9e-a2ec-5d385d4ebc9c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2D77 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=itwreqsy&e=1981144949990
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
79074
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 Jan 2024 03:24:44 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
211802
X-Served-By
cache-lga21924-LGA
X-Timer
S1706325885.977519,VS0,VE0
rd_log
nym1-ib.adnxs.com/ Frame A9E1 		0
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QKNBPBMDQIAAAMA1gAFAQj87tGtBhCWnq-66Ozq0hIY6ue515-5i4pNKjYJtrqK3dclnz8RxpcQrCaXnT8ZAAAAoEfh2j8hxpcQrCaXnT8ptroJJPQ-ATEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF4hb0FgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDAMAD4KgByAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAFor6V47zM0btOwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFuKYY-gUECAAQAJAGAZgGALgGAMEGAAABJyzwP9AGwo0E2gYWChABEC4BAHQQABgA4AYM8gYCCACABwGIBwCgB0HIB4W9BdIHDQkRKgEmDNoHBggFCZzgBwDqBwIIAPAH89-oBIoIAhAAlQgAAIA_mAgBwAgA0ggGCAAQABgA&s=e54e5fe9e7b662225fa35bcf541a6cf522deaedc&bdref=https%3A%2F%2Fwbz-tavnsz.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwbz-tavnsz.net%2F,https%3A%2F%2Fwindsplay.com%2Fr%2Fp.html%3Ff%3Ditwreqsy%26e%3D1981144949990,https%3A%2F%2Fwindsplay.com%2Fr%2Fp.html%3Ff%3Ditwreqsy%26e%3D1981144949990&
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=itwreqsy&e=1981144949990
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
an-x-request-uuid
f1506685-6763-43f9-96f0-bd8e5f22114c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
get
choices.trustarc.com/ Frame FE4E 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by
Host: dcdn.adnxs.com
URL: https://dcdn.adnxs.com/renderer-content/8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-150-40.atl59.r.cloudfront.net
Software
nginx /
Resource Hash
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Tue, 09 Jan 2024 07:59:48 GMT
via
1.1 82b170252472ddc05787e77ddfe8dac8.cloudfront.net (CloudFront)
last-modified
Thu, 26 Oct 2023 03:20:37 GMT
server
nginx
x-amz-cf-pop
ATL59-P5
age
1539904
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
739
x-amz-cf-id
VwsgTbeth1mQcfA044a5G2h8dbEjDNAyMUJapRoFOKNp8zFci1t49A==
expires
Thu, 08 Feb 2024 07:39:41 GMT
th
www.bing.com/ Frame FE4E 		147 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OAIP.3340247232de307fbbf40a32a4946a8e&pid=AdsNative&c=3&w=1200&h=627&dynsize=1&qlt=90
Requested by
Host: dcdn.adnxs.com
URL: https://dcdn.adnxs.com/renderer-content/8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9d2e31bada568b3eed7992547c55ac77a90fe91a7776322a71b262472263b662

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:45 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5D90EC0A8C884C058BB16F102FF02C89 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
150855
c.gif
www.bing.com/aes/ Frame FE4E
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=de3a77af-392e-4003-a572-23e5caacb59e&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=53f42e5b-8495-424f-aa2...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=ee7e3963327d44419deb4dc0599c3d14&SNR=1&GV=2&med=10
0
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=ee7e3963327d44419deb4dc0599c3d14&SNR=1&GV=2&med=10
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=pboxdtxo&e=1981144949990
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9F40C4D69093455E85107F682E694606 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sat, 27 Jan 2024 03:24:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 14D8BBDB89874AE7B201B49F16ABA6C4 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=ee7e3963327d44419deb4dc0599c3d14&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
150
expires
0
it
nym1-ib.adnxs.com/ Frame FE4E 		0
968 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QLJB_BMyQMAAAMA1gAFAQj87tGtBhDcnYaJ3NvE21UY6ue515-5i4pNKjYJ5lKClOphmT8RjptIQAUdmD8ZAAAAoEfh2j8hjptIQAUdmD8p5lIJJPQIAzEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF40OYCgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDswMKzQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD01M2Y0MmU1Yi04NDk1LTQyNGYtYWEyZC1hMGY0YmU3ZjdlNWUmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxMjcwJnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9NTNmNDJlNWItODQ5NS00MjRmLWFhMmQtYTBmNGJlN2Y3ZTVlJnJ0eXBlPW51cmwmdGFnSWQ9MjIxMzc0NDAmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD1rbmFxZV8zY19wMmZfemJvdnlyJmFpZD0ke0FVQ1RJT05fSUR9JndwPSR7QVVDVElPTl9QUklDRX0SBTEyMDg1GhM2MTc2NDI2MTU3NTk5MTk4OTQwIgkyNDY0NTM4MzUqBGJpbmc6NFUyVmhjbU5vUVdRak56UXdNVEV4TkRBeE1EWXdOVFlqTnpRd01URXdPVE13TVRRMk16TT3AA-CoAcgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA01LjE4MS4yMzQuMTMzqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBMuswnWIBQGYBQCgBeq6rsLYo-H4LsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbimGPoFBAgAEACQBgGYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAkYAQF0EAAYAOAGDPIGAggAgAcBiAcAoAdByAfQ5gLSBw0JASIBAQEmDNoHBggFCbzgBwDqBwIIAPAH89-oBIoIAhAAlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=0fa46622d65f9b7d8d4fe088036778ae9140af81
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=pboxdtxo&e=1981144949990
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
46bfbda0-e26a-4c8b-a34b-91b4bd0cb8d0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6A4A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=pboxdtxo&e=1981144949990
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
79074
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 Jan 2024 03:24:44 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
211803
X-Served-By
cache-lga21924-LGA
X-Timer
S1706325885.994650,VS0,VE0
rd_log
nym1-ib.adnxs.com/ Frame FE4E 		0
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QKNBPBMDQIAAAMA1gAFAQj87tGtBhDcnYaJ3NvE21UY6ue515-5i4pNKjYJ5lKClOphmT8RjptIQAUdmD8ZAAAAoEfh2j8hjptIQAUdmD8p5lIJJPQ-ATEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF40OYCgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDAMAD4KgByAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAF6rquwtij4fguwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFuKYY-gUECAAQAJAGAZgGALgGAMEGAAABJyzwP9AGwo0E2gYWChABEC4BAHQQABgA4AYM8gYCCACABwGIBwCgB0HIB9DmAtIHDQkRKgEmDNoHBggFCZzgBwDqBwIIAPAH89-oBIoIAhAAlQgAAIA_mAgBwAgA0ggGCAAQABgA&s=a5863bbfd6f4b50a398254437056e2fb528a8318&bdref=https%3A%2F%2Fwbz-tavnsz.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwbz-tavnsz.net%2F,https%3A%2F%2Fwindsplay.com%2Fr%2Fp.html%3Ff%3Dpboxdtxo%26e%3D1981144949990,https%3A%2F%2Fwindsplay.com%2Fr%2Fp.html%3Ff%3Dpboxdtxo%26e%3D1981144949990&
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=pboxdtxo&e=1981144949990
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
an-x-request-uuid
9c45d243-8c98-4317-8324-c154ad654bab
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
get
choices.trustarc.com/ Frame C158 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by
Host: dcdn.adnxs.com
URL: https://dcdn.adnxs.com/renderer-content/8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-150-40.atl59.r.cloudfront.net
Software
nginx /
Resource Hash
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Tue, 09 Jan 2024 07:59:48 GMT
via
1.1 82b170252472ddc05787e77ddfe8dac8.cloudfront.net (CloudFront)
last-modified
Thu, 26 Oct 2023 03:20:37 GMT
server
nginx
x-amz-cf-pop
ATL59-P5
age
1539904
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
739
x-amz-cf-id
uh7QVSjTfv8Mv8WBdp511YDN271jF5P3fTvGnEzvEwRE_XlidfcAMQ==
expires
Thu, 08 Feb 2024 07:39:41 GMT
th
www.bing.com/ Frame C158 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORA4.405CFD868C29293AD9123C47557F21DF_06EF8901731A1424&pid=21.1&o=5&w=1200&h=627&dynsize=1&qlt=90&c=17
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=dhgwfr&e=1981144949990
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ba86814ef22351aa88538588afbe9ca4c4d558c30c40996aa41c0a685392089d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:45 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4CC72A09B4384F51960F3CD5973E8043 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
36656
c.gif
www.bing.com/aes/ Frame C158
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=0b8f570e-74ea-4bf1-aefa-4ae8c7bcc4cb&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=7941d982-0a60-44fd...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=9ab9b3a9baaa4d89b6d0d018f834deeb&SNR=1&GV=2&med=10
0
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=9ab9b3a9baaa4d89b6d0d018f834deeb&SNR=1&GV=2&med=10
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=dhgwfr&e=1981144949990
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 075D6A7B0DB0419CBEE29D939428CB18 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sat, 27 Jan 2024 03:24:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BF330C8A79F34AE2A0C3E80BD7DA3AFF Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=9ab9b3a9baaa4d89b6d0d018f834deeb&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
154
expires
0
it
nym1-ib.adnxs.com/ Frame C158 		0
967 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QKZB_BMmQMAAAMA1gAFAQj87tGtBhCojPaEnv2ctlUY6ue515-5i4pNKjYJcp5cx6fsZj8Ruclk_TjHZT8ZAAAAoEfh2j8huclk_TjHZT8pcp4JJPRIATEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF4ycMFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDgwMKsQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD03OTQxZDk4Mi0wYTYwLTQ0ZmQtOTIwMC1hNjA2NzA5YmUxOGMmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbml0PTM5MTI3MCZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPTc5inEAuHJ0eXBlPW51cmwmdGFnSWQ9MjIxMzc0NDAmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0KgFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNjE1NTQyMjIzOTA0MTYxOTQ5NiIJMjQ2NDUzODM1KgRiaW5nOiBVMmh2Y0hCcGJtZEJaQ014TURZd01UQXpNell4T1RVPcAD4KgByAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAFnvyJwLWBgrlxwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFsL0T-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAFFEQF0EAAYAOAGDPIGAggAgAcBiAcAoAdByAfJwwXSBw0JLiYACNoHBgFexBgA4AcA6gcCCADwB_PfqASKCAIQAJUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=6cf04f85fc0312acbe1c3142cf0a8c4aaf35d640
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=dhgwfr&e=1981144949990
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
c9ebafcc-0af5-41ca-bcb9-4127fe090454
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4C30 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=dhgwfr&e=1981144949990
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
79074
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 Jan 2024 03:24:45 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
211658
X-Served-By
cache-lga21959-LGA
X-Timer
S1706325885.020760,VS0,VE0
rd_log
nym1-ib.adnxs.com/ Frame C158 		0
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QKNBPBMDQIAAAMA1gAFAQj87tGtBhCojPaEnv2ctlUY6ue515-5i4pNKjYJcp5cx6fsZj8Ruclk_TjHZT8ZAAAAoEfh2j8huclk_TjHZT8pcp4JJPQ-ATEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF4ycMFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDAMAD4KgByAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAFnvyJwLWBgrlxwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFsL0T-gUECAAQAJAGAZgGALgGAMEGAAABJyzwP9AGwo0E2gYWChABEC4BAHQQABgA4AYM8gYCCACABwGIBwCgB0HIB8nDBdIHDQkRKgEmDNoHBggFCZzgBwDqBwIIAPAH89-oBIoIAhAAlQgAAIA_mAgBwAgA0ggGCAAQABgA&s=94e7c0e5739363b56b731215f150b6b0db9af949&bdref=https%3A%2F%2Fwbz-tavnsz.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwbz-tavnsz.net%2F,https%3A%2F%2Fwindsplay.com%2Fr%2Fp.html%3Ff%3Ddhgwfr%26e%3D1981144949990,https%3A%2F%2Fwindsplay.com%2Fr%2Fp.html%3Ff%3Ddhgwfr%26e%3D1981144949990&
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=dhgwfr&e=1981144949990
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
d160e847-8945-4fe3-908a-483be2e7f9f6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
get
choices.trustarc.com/ Frame 4E86 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by
Host: dcdn.adnxs.com
URL: https://dcdn.adnxs.com/renderer-content/8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-150-40.atl59.r.cloudfront.net
Software
nginx /
Resource Hash
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Tue, 09 Jan 2024 07:59:48 GMT
via
1.1 82b170252472ddc05787e77ddfe8dac8.cloudfront.net (CloudFront)
last-modified
Thu, 26 Oct 2023 03:20:37 GMT
server
nginx
x-amz-cf-pop
ATL59-P5
age
1539904
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
739
x-amz-cf-id
94KpYkkOR_-QZbkhMp_Fb5IRr5Bn43f-qFIAuHfWIq4n3vEBPH-zfQ==
expires
Thu, 08 Feb 2024 07:39:41 GMT
th
www.bing.com/ Frame 4E86 		147 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OAIP.3340247232de307fbbf40a32a4946a8e&pid=AdsNative&c=3&w=1200&h=627&dynsize=1&qlt=90
Requested by
Host: dcdn.adnxs.com
URL: https://dcdn.adnxs.com/renderer-content/8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9d2e31bada568b3eed7992547c55ac77a90fe91a7776322a71b262472263b662

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:45 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5237D4219FD14491AD3B49D47D2495A8 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
150855
c.gif
www.bing.com/aes/ Frame 4E86
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=b6de0de9-b7eb-4496-9769-89ed8cc173db&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=4e424406-697c-4e68-a0e...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=27d1a70e5250457b9514317d5f3d6384&SNR=1&GV=2&med=10
0
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=27d1a70e5250457b9514317d5f3d6384&SNR=1&GV=2&med=10
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=ijqdwgate&e=1981144949990
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4FF70A0A5D554EC38AE17D170B0CE587 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sat, 27 Jan 2024 03:24:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F797C68F211A4E0A99A1B2CF309F2A72 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=27d1a70e5250457b9514317d5f3d6384&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
150
expires
0
it
nym1-ib.adnxs.com/ Frame 4E86 		0
968 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QK-B_BMvgMAAAMA1gAFAQj87tGtBhDT8sDS-crapV0Y6ue515-5i4pNKjYJE5jN2lylnD8REurcz7E2mz8ZAAAAoEfh2j8hEurcz7E2mz8pE5gJJPRqAzEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF40uwCgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDqAMKwgJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD00ZTQyNDQwNi02OTdjLTRlNjgtYTBlNC05OWEzZmQ1MjM3ZDkmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxMjcwJnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9NGU0MjQ0MDYtNjk3Yy00ZTY4LWEwZTQtOTlhM2ZkNTIzN2Q5JnJ0eXBlPW51cmwmdGFnSWQ9MjIxMzc0NDAmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD16emYlM0FrbmFxZV8zY19xdmZub3lyX29lbmFxJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNjcyMjU4Mzc5MzI2NDI0NTA3NSIJMjQ2NDUzODM1KgRiaW5nOjRVMlZoY21Ob1FXUWpOelF3TVRFeE5EQXhNRFl3TlRZak56UXdNVEV3T1RNd01UUTJNek09wAPgqAHIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNNS4xODEuMjM0LjEzM6gEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATLrMJ1iAUBmAUAoAWw47O2_Lycs0rABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW4phj6BQQIABAAkAYBmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGDPIGAggAgAcBiAcAoAdByAfS7ALSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB_PfqASKCAIQAJUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=516567947dbca63668f0ca25258b91b8ebdd07b5
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=ijqdwgate&e=1981144949990
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
6a020599-c346-4fb8-a75f-a8726120cd86
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame F108 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=ijqdwgate&e=1981144949990
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
79075
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 Jan 2024 03:24:45 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
211660
X-Served-By
cache-lga21959-LGA
X-Timer
S1706325885.400745,VS0,VE0
rd_log
nym1-ib.adnxs.com/ Frame 4E86 		0
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QKNBPBMDQIAAAMA1gAFAQj87tGtBhDT8sDS-crapV0Y6ue515-5i4pNKjYJE5jN2lylnD8REurcz7E2mz8ZAAAAoEfh2j8hEurcz7E2mz8pE5gJJPQ-ATEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF40uwCgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDAMAD4KgByAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAFsOOztvy8nLNKwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFuKYY-gUECAAQAJAGAZgGALgGAMEGAAABJyzwP9AGwo0E2gYWChABEC4BAHQQABgA4AYM8gYCCACABwGIBwCgB0HIB9LsAtIHDQkRKgEmDNoHBggFCZzgBwDqBwIIAPAH89-oBIoIAhAAlQgAAIA_mAgBwAgA0ggGCAAQABgA&s=27764289f38639f5acd86afb012ea4b0957f3068&bdref=https%3A%2F%2Fwbz-tavnsz.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwbz-tavnsz.net%2F,https%3A%2F%2Fwindsplay.com%2Fr%2Fp.html%3Ff%3Dijqdwgate%26e%3D1981144949990,https%3A%2F%2Fwindsplay.com%2Fr%2Fp.html%3Ff%3Dijqdwgate%26e%3D1981144949990&
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=ijqdwgate&e=1981144949990
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
09ee42f0-b2cc-4948-8601-f6fb2969abe3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
get
choices.trustarc.com/ Frame 4D4B 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by
Host: dcdn.adnxs.com
URL: https://dcdn.adnxs.com/renderer-content/8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-150-40.atl59.r.cloudfront.net
Software
nginx /
Resource Hash
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Tue, 09 Jan 2024 07:59:48 GMT
via
1.1 82b170252472ddc05787e77ddfe8dac8.cloudfront.net (CloudFront)
last-modified
Thu, 26 Oct 2023 03:20:37 GMT
server
nginx
x-amz-cf-pop
ATL59-P5
age
1539904
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
739
x-amz-cf-id
M7WCn5c938DOit9psyVD4ElZCREoSR08_RWWVq2cea_NzUEujVdR5w==
expires
Thu, 08 Feb 2024 07:39:41 GMT
th
www.bing.com/ Frame 4D4B 		147 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OAIP.3340247232de307fbbf40a32a4946a8e&pid=AdsNative&c=3&w=1200&h=627&dynsize=1&qlt=90
Requested by
Host: dcdn.adnxs.com
URL: https://dcdn.adnxs.com/renderer-content/8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9d2e31bada568b3eed7992547c55ac77a90fe91a7776322a71b262472263b662

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:45 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3293643EF3BE4BBEAF72775D8EC61EAD Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
150855
c.gif
www.bing.com/aes/ Frame 4D4B
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=d3d7516a-fc7b-49ee-969a-9273e4d5751a&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=c09cee16-69c9-4558-a15...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=f856f1dbbf8e4fc98d2a683cd3088a92&SNR=1&GV=2&med=10
0
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=f856f1dbbf8e4fc98d2a683cd3088a92&SNR=1&GV=2&med=10
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=ozurmjyis&e=1981144949990
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3A2C248358FE4949B0D07887236F082E Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sat, 27 Jan 2024 03:24:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 97D904FF874C48CCA4A733CFFDCF424D Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=f856f1dbbf8e4fc98d2a683cd3088a92&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
150
expires
0
it
nym1-ib.adnxs.com/ Frame 4D4B 		0
968 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QLJB_BMyQMAAAMA1gAFAQj87tGtBhCnov2IvJqQ9iYY6ue515-5i4pNKjYJoll0ZN0Xoj8RwO7UhUUwoT8ZAAAAoEfh2j8hwO7UhUUwoT8polkJJPQIAzEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF42fsFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDswMKzQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD1jMDljZWUxNi02OWM5LTQ1NTgtYTE1Zi1jNGRlNWJlMWE5MzkmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxMjcwJnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9YzA5Y2VlMTYtNjljOS00NTU4LWExNWYtYzRkZTViZTFhOTM5JnJ0eXBlPW51cmwmdGFnSWQ9MjIxMzc0NDAmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD1rbmFxZV8zY19wMmZfemJvdnlyJmFpZD0ke0FVQ1RJT05fSUR9JndwPSR7QVVDVElPTl9QUklDRX0SBTEyMDg1GhMyODA0Njg3OTQ2MTY3MzA4NTgzIgkyNDY0NTM4MzUqBGJpbmc6NFUyVmhjbU5vUVdRak56UXdNVEV4TkRBeE1EWXdOVFlqTnpRd01URXdPVE13TVRRMk16TT3AA-CoAcgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA01LjE4MS4yMzQuMTMzqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBMuswnWIBQGYBQCgBbu0orWA6ovCPsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbimGPoFBAgAEACQBgGYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAkYAQF0EAAYAOAGDPIGAggAgAcBiAcAoAdByAfZ-wXSBw0JASIBAQEmDNoHBggFCbzgBwDqBwIIAPAH89-oBIoIAhAAlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=22d76741ce94f5c761f7562560ba478b4e3d5ad0
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=ozurmjyis&e=1981144949990
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
7eb9a770-dc43-4c3d-b0ed-f51cc0c9abea
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame F00E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=ozurmjyis&e=1981144949990
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
79074
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 Jan 2024 03:24:45 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
211804
X-Served-By
cache-lga21924-LGA
X-Timer
S1706325885.400639,VS0,VE0
rd_log
nym1-ib.adnxs.com/ Frame 4D4B 		0
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QKNBPBMDQIAAAMA1gAFAQj87tGtBhCnov2IvJqQ9iYY6ue515-5i4pNKjYJoll0ZN0Xoj8RwO7UhUUwoT8ZAAAAoEfh2j8hwO7UhUUwoT8polkJJPQ-ATEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF42fsFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDAMAD4KgByAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAFu7SitYDqi8I-wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFuKYY-gUECAAQAJAGAZgGALgGAMEGAAABJyzwP9AGwo0E2gYWChABEC4BAHQQABgA4AYM8gYCCACABwGIBwCgB0HIB9n7BdIHDQkRKgEmDNoHBggFCZzgBwDqBwIIAPAH89-oBIoIAhAAlQgAAIA_mAgBwAgA0ggGCAAQABgA&s=f85dc3b0a27f4e734b1f4c1cedceb769fe22fa78&bdref=https%3A%2F%2Fwbz-tavnsz.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwbz-tavnsz.net%2F,https%3A%2F%2Fwindsplay.com%2Fr%2Fp.html%3Ff%3Dozurmjyis%26e%3D1981144949990,https%3A%2F%2Fwindsplay.com%2Fr%2Fp.html%3Ff%3Dozurmjyis%26e%3D1981144949990&
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=ozurmjyis&e=1981144949990
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
70c1917c-3c2b-433d-b16c-3224151f359f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
1a
i.clean.gg/ Frame 5134 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 27 Jan 2024 03:24:45 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
get
choices.trustarc.com/ Frame 358F 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by
Host: dcdn.adnxs.com
URL: https://dcdn.adnxs.com/renderer-content/8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-150-40.atl59.r.cloudfront.net
Software
nginx /
Resource Hash
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Tue, 09 Jan 2024 07:59:48 GMT
via
1.1 82b170252472ddc05787e77ddfe8dac8.cloudfront.net (CloudFront)
last-modified
Thu, 26 Oct 2023 03:20:37 GMT
server
nginx
x-amz-cf-pop
ATL59-P5
age
1539904
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
739
x-amz-cf-id
8Ue1WJ2Ay4OLmNENbcDOKz-KKCnjiehKwFydfznEKVceaDhHYzKXKg==
expires
Thu, 08 Feb 2024 07:39:41 GMT
th
www.bing.com/ Frame 358F 		147 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OAIP.3340247232de307fbbf40a32a4946a8e&pid=AdsNative&c=3&w=1200&h=627&dynsize=1&qlt=90
Requested by
Host: dcdn.adnxs.com
URL: https://dcdn.adnxs.com/renderer-content/8ddb95ba-a9cf-4a4f-b38c-2a9c09e8b55b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9d2e31bada568b3eed7992547c55ac77a90fe91a7776322a71b262472263b662

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:45 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4FCCE3D0F78D4B15B1B8AB21973A9F23 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
150855
c.gif
www.bing.com/aes/ Frame 358F
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=bad3ebf0-39e9-4a2a-83d2-bab8b4e85c5b&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=1766ad1a-f18e-4c6b-833...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=e821d197cc5c47dc8453de200ae9df50&SNR=1&GV=2&med=10
0
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=e821d197cc5c47dc8453de200ae9df50&SNR=1&GV=2&med=10
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=wxjerejyq&e=1981144949990
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8A8C3A1498B54270860B269D862921E1 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sat, 27 Jan 2024 03:24:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8C35F3CCC8ED454DBCF145FE312DD455 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=e821d197cc5c47dc8453de200ae9df50&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
150
expires
0
it
nym1-ib.adnxs.com/ Frame 358F 		0
968 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QK1B_BMtQMAAAMA1gAFAQj87tGtBhDd4cGx6uDg9BMY6ue515-5i4pNKjYJLZG-J29LmD8RuNbBZXYUlz8ZAAAAoEfh2j8huNbBZXYUlz8pLZEJJPTwAjEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF42_sFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDnwMKuQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD0xNzY2YWQxYS1mMThlLTRjNmItODMzMi05NTdkNTk0M2Y2NGImYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxMjcwJnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9MTc2NmFkMWEtZjE4ZS00YzZiLTgzMzItOTU3ZDU5NDNmNjRiJnJ0eXBlPW51cmwmdGFnSWQ9MjIxMzc0NDAmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD16emYlM0FrbmFxZV8zY19nem5rJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMTQzNDgyMjAyMDg3NTQ0ODU0MSIJMjQ2NDUzODM1KgRiaW5nOjRVMlZoY21Ob1FXUWpOelF3TVRFeE5EQXhNRFl3TlRZak56UXdNVEV3T1RNd01UUTJNek09wAPgqAHIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNNS4xODEuMjM0LjEzM6gEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATLrMJ1iAUBmAUAoAWG6-jUjKq6lC_ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW4phj6BQQIABAAkAYBmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAVEFQF0EAAYAOAGDPIGAggAgAcBiAcAoAdByAfb-wXSBw0JEScBJgzaBwYIBQm84AcA6gcCCADwB_PfqASKCAIQAJUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=52b1f6724dd34cf352cba21ece25574d0e0f0f37
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=wxjerejyq&e=1981144949990
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
a8b61379-9186-430c-b5b1-5d1fbcc8bb04
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 12D3 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=wxjerejyq&e=1981144949990
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
79075
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 Jan 2024 03:24:45 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
211661
X-Served-By
cache-lga21959-LGA
X-Timer
S1706325885.424711,VS0,VE0
rd_log
nym1-ib.adnxs.com/ Frame 358F 		0
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QKNBPBMDQIAAAMA1gAFAQj87tGtBhDd4cGx6uDg9BMY6ue515-5i4pNKjYJLZG-J29LmD8RuNbBZXYUlz8ZAAAAoEfh2j8huNbBZXYUlz8pLZEJJPQ-ATEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF42_sFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDAMAD4KgByAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAFhuvo1IyqupQvwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFuKYY-gUECAAQAJAGAZgGALgGAMEGAAABJyzwP9AGwo0E2gYWChABEC4BAHQQABgA4AYM8gYCCACABwGIBwCgB0HIB9v7BdIHDQkRKgEmDNoHBggFCZzgBwDqBwIIAPAH89-oBIoIAhAAlQgAAIA_mAgBwAgA0ggGCAAQABgA&s=515d9b180365305904d795234f85885b01fa37be&bdref=https%3A%2F%2Fwbz-tavnsz.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwbz-tavnsz.net%2F,https%3A%2F%2Fwindsplay.com%2Fr%2Fp.html%3Ff%3Dwxjerejyq%26e%3D1981144949990,https%3A%2F%2Fwindsplay.com%2Fr%2Fp.html%3Ff%3Dwxjerejyq%26e%3D1981144949990&
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=wxjerejyq&e=1981144949990
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
7461126c-ddb3-41f8-8fa0-425ff7665395
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame 2121 		33 B
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
ba004247d787602ed6a3746ddd295613ad2de75b46d9e0027fcfd6c1cab3f9c2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
date
Sat, 27 Jan 2024 03:24:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0703 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40027
content-encoding
gzip
content-length
14529
content-type
text/html
date
Sat, 27 Jan 2024 03:24:45 GMT
expires
Sat, 27 Jan 2024 14:31:52 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame B7FA 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:45 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=40027
accept-ranges
bytes
content-length
14529
expires
Sat, 27 Jan 2024 14:31:52 GMT
get
choices.trustarc.com/ Frame 5134 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-150-40.atl59.r.cloudfront.net
Software
nginx /
Resource Hash
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Tue, 09 Jan 2024 07:59:48 GMT
via
1.1 82b170252472ddc05787e77ddfe8dac8.cloudfront.net (CloudFront)
last-modified
Thu, 26 Oct 2023 03:20:37 GMT
server
nginx
x-amz-cf-pop
ATL59-P5
age
1539904
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
739
x-amz-cf-id
LAd-1LOe43fXR24aC56ncSSFgUHnZ9_al-i--JcK8yKNLsqAkj3D3Q==
expires
Thu, 08 Feb 2024 07:39:41 GMT
th
www.bing.com/ Frame 5134 		147 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OAIP.3340247232de307fbbf40a32a4946a8e&pid=AdsNative&c=3&w=1200&h=627&dynsize=1&qlt=90
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9d2e31bada568b3eed7992547c55ac77a90fe91a7776322a71b262472263b662

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:45 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6D3C1FBB81C740F8BEF4FE2652D31F4A Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
150855
c.gif
www.bing.com/aes/ Frame 5134
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=8dcda9e2-ddc1-4eae-bb4d-95c6b2cd280f&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=4e6c266c-1f98-4c50-b80...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=7c5f284b29ac4a0abd5e5e0fadbb8d21&SNR=1&GV=2&med=10
0
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=7c5f284b29ac4a0abd5e5e0fadbb8d21&SNR=1&GV=2&med=10
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=tgxtthnd&e=1981144949990
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9468EA46539140929AEEA2A303142A0B Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sat, 27 Jan 2024 03:24:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5F77D2828C914814B0EF253324CCEA55 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=7c5f284b29ac4a0abd5e5e0fadbb8d21&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
150
expires
0
it
nym1-ib.adnxs.com/ Frame 5134 		0
967 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QKqB_BMqgMAAAMA1gAFAQj87tGtBhDV5oD_2ZmT8nAY6ue515-5i4pNKjYJDy0zVqnBrT8RaAQXRcdErD8ZAAAAoEfh2j8haAQXRcdErD8pDy0JJPRWAzEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF4gLcFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDlAMKrgJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD00ZTZjMjY2Yy0xZjk4LTRjNTAtYjgwMi1mODY3OWM0YTkxNGMmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxMjcwJnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9NGU2YzI2NmMtMWY5OC00YzUwLWI4MDItZjg2NzljNGE5MTRjJnJ0eXBlPW51cmwmdGFnSWQ9MjIxMzc0NDAmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD10cWNlY25mZiZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzgxMzQ3MTEyNzI5NzIyMzU2MDUiCTI0NjQ1MzgzNSoEYmluZzo0VTJWaGNtTm9RV1FqTnpRd01URXhOREF4TURZd05UWWpOelF3TVRFd09UTXdNVFEyTXpNPcAD4KgByAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAFm6ripI-6rP4TwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFuKYY-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgzyBgIIAIAHAYgHAKAHQcgHgLcF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8Afz36gEiggCEACVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=35ec49b1fdc1b6c85807f6b800894d3dd2320f04
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=tgxtthnd&e=1981144949990
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
1e7c7dfc-e9c0-4d60-9ef3-42a17efe6a0c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 81A2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=tgxtthnd&e=1981144949990
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
79074
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 Jan 2024 03:24:45 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
211805
X-Served-By
cache-lga21924-LGA
X-Timer
S1706325885.424450,VS0,VE0
rd_log
nym1-ib.adnxs.com/ Frame 5134 		0
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QKNBPBMDQIAAAMA1gAFAQj87tGtBhDV5oD_2ZmT8nAY6ue515-5i4pNKjYJDy0zVqnBrT8RaAQXRcdErD8ZAAAAoEfh2j8haAQXRcdErD8pDy0JJPQ-ATEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF4gLcFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDAMAD4KgByAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAFm6ripI-6rP4TwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFuKYY-gUECAAQAJAGAZgGALgGAMEGAAABJyzwP9AGwo0E2gYWChABEC4BAHQQABgA4AYM8gYCCACABwGIBwCgB0HIB4C3BdIHDQkRKgEmDNoHBggFCZzgBwDqBwIIAPAH89-oBIoIAhAAlQgAAIA_mAgBwAgA0ggGCAAQABgA&s=8c0537a97f03882cfbd036580468f68e29542002&bdref=https%3A%2F%2Fwbz-tavnsz.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwbz-tavnsz.net%2F,https%3A%2F%2Fwindsplay.com%2Fr%2Fp.html%3Ff%3Dtgxtthnd%26e%3D1981144949990,https%3A%2F%2Fwindsplay.com%2Fr%2Fp.html%3Ff%3Dtgxtthnd%26e%3D1981144949990&
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
422b5762-6349-44b6-85ae-56d8997e7411
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c.gif
www.bing.com/aes/ Frame 8E30
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=d589748d-961f-4c17-a8ad-cebbb41d653e&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=9ab5f150-03be-485b...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4e430b0b8b024923a094c68e8e873f81&SNR=1&GV=2&med=10
0
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4e430b0b8b024923a094c68e8e873f81&SNR=1&GV=2&med=10
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=eyjzkkxfzf&e=1981144949990
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BA019028C5C344D8A17227F058AE21D9 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sat, 27 Jan 2024 03:24:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 42BBE7BD08DB4B32B5E457A7BD39AABE Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4e430b0b8b024923a094c68e8e873f81&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
154
expires
0
th
www.bing.com/ Frame 8E30 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORA4.405CFD868C29293AD9123C47557F21DF_06EF8901731A1424&pid=21.1&o=5&w=100&h=100&qlt=90&c=17
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=eyjzkkxfzf&e=1981144949990
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5f23deed1fa696bf900ffdfc8132b58a400292d74684e3a561260c09c95708df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:45 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C505E303EA23456398D40E90359E885C Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:45Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
2126
async_usersync.html
acdn.adnxs.com/dmp/ Frame F8EE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=eyjzkkxfzf&e=1981144949990
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
79075
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 Jan 2024 03:24:45 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
212690
X-Served-By
cache-lga21958-LGA
X-Timer
S1706325885.450285,VS0,VE0
rd_log
nym1-ib.adnxs.com/ Frame 8E30 		0
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QKQBPBMEAIAAAMA1gAFAQj87tGtBhDWscyP9sTNixoY6ue515-5i4pNKjYJAAAAAHAgej8RAAAAAATSeD8ZAAAAoEfh2j8hAAAAAATSeD8pAAAJJPQOATEAAABA4XqEPzDglMcKOJhQQLVeSOMDULqJirYBWLP7jQFgAGjwyaYBeMfPBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNNS4xODEuMjM0LjEzM6gEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF7r_LrerzxchnwAUAyQUhOxwAAPA_0gUJCQkMeAAA2AUB4AUB8AWwvRP6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHx88F0gcNFWUBJgjaBwYBXqQYAOAHAOoHAggA8Afz36gEiggCEACVCAAAgD-YCAHACADSCAYIABAAGAA.&s=69011f55e1c8bbfe92b60fe1e3f3938fbd166686&bdref=https%3A%2F%2Fwbz-tavnsz.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwbz-tavnsz.net%2F,https%3A%2F%2Fwindsplay.com%2Fr%2Fp.html%3Ff%3Deyjzkkxfzf%26e%3D1981144949990,https%3A%2F%2Fwindsplay.com%2Fr%2Fp.html%3Ff%3Deyjzkkxfzf%26e%3D1981144949990&
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=eyjzkkxfzf&e=1981144949990
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
78b66e33-aed6-408c-a6f5-04085b8eb878
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame C5A5
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&lsw=1&topicsavail=0&fledgea...
  • https://mug.criteo.com/sid?cpp=mVHsiHxhSTd2MFNSL2VaU09jTTQwSTNIWk5RQnVyY0hUSStpdVhTWFhML08xMTNhSmlXUDZQWUNHNzU5RFgvdzQxdXlOdVJKTXM3TnJRcTZiRlFoSHZGYk9yQXNFc2lMNzV2TXF2VnVWVDY1cjVUZ21US2tFYmd0TytjQV...
422 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=mVHsiHxhSTd2MFNSL2VaU09jTTQwSTNIWk5RQnVyY0hUSStpdVhTWFhML08xMTNhSmlXUDZQWUNHNzU5RFgvdzQxdXlOdVJKTXM3TnJRcTZiRlFoSHZGYk9yQXNFc2lMNzV2TXF2VnVWVDY1cjVUZ21US2tFYmd0TytjQVFxcmpxS2dRVjdNVTg3WUNlaSt5TWZnb2ZXY3VBblhWNlBncjNhdnBPQTZjcGtPOHlhNEFMWWFMcjBGMjFiNWFGaWVlOEVuZkMxR1Y1Qlk1eEwrVzM5NEFYb0VZb3RhTDNYY2Fla0lGT2xkM1VQcER5ZmlQVjlVUjMrREdxWmhvRnVKbU4vSzMyNHlBcnJOWlpTRkVZbHN4bWZlVm9QdHdkUUNFWFNjZTFCRlhoalozQTN5ditZSFErV0V6RjhDVXdQMWZZdFFLclROV2FGUXptRktyaXd6eDYzd1pSaG5ZbDZON1MrUEdhZWhCNVF0OUNLc08xZ1FOZU9hczRWeWdrWlR4REVlc2x8&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
803c04148537f982098ecddf47bf6cf8bdb124933bbfee5fa3ef2c528db20683
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1583455
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=mVHsiHxhSTd2MFNSL2VaU09jTTQwSTNIWk5RQnVyY0hUSStpdVhTWFhML08xMTNhSmlXUDZQWUNHNzU5RFgvdzQxdXlOdVJKTXM3TnJRcTZiRlFoSHZGYk9yQXNFc2lMNzV2TXF2VnVWVDY1cjVUZ21US2tFYmd0TytjQVFxcmpxS2dRVjdNVTg3WUNlaSt5TWZnb2ZXY3VBblhWNlBncjNhdnBPQTZjcGtPOHlhNEFMWWFMcjBGMjFiNWFGaWVlOEVuZkMxR1Y1Qlk1eEwrVzM5NEFYb0VZb3RhTDNYY2Fla0lGT2xkM1VQcER5ZmlQVjlVUjMrREdxWmhvRnVKbU4vSzMyNHlBcnJOWlpTRkVZbHN4bWZlVm9QdHdkUUNFWFNjZTFCRlhoalozQTN5ditZSFErV0V6RjhDVXdQMWZZdFFLclROV2FGUXptRktyaXd6eDYzd1pSaG5ZbDZON1MrUEdhZWhCNVF0OUNLc08xZ1FOZU9hczRWeWdrWlR4REVlc2x8&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
276157
content-length
0
expires
0
async_usersync
ib.adnxs.com/ Frame 2D77 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1856874&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
e16c2b70-3c68-4273-82cd-9464823d2fe7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6A4A 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1856874&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
8248ac5a-3a4f-43d6-8d7a-5aabe18a874b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401230101&jk=1734083426458124&bg=!IyClIG_NAAa8BdJLnAU7ADQBe5WfODsKnBwSWhpQRNqu361k1R_cxUMOo9tCaPGlrbF1EA_lBrOrYKvZo3BgzR-d89KtAgAABhBSAAAAA2gBBwoAR81WjseaxpScGmBvST4X61cWwJIGNxNwrpuIANNfLEiDBzSY_cH0aT608CZwa6R6JpcCI5DmmqDe3OSL1CV7FYgNO25NVVYGmQLKdV1Zu7jLdywJRmOW6iMqtfqNV4JIU780S5QAPafBb7YfqZKT99s8bFJ-yrHzU-wgJjM_PpA1Gav4M1ZL54O19iTIQSdNo20VeiAZ-7_TsFJfx5xdUcww56PYPspZGQmUTCq9noXpXV3kLdBjQkoKgszjz6tSyLOqOdilU4M-szOx7CtUROeKFzpqs5OMob0FERlK6FthfhsP2ULckkZx08Et5vx_H7E9oLVamLUvXjpHdIwz7vV44DhE2gUmBdXOctlGxoGE7SUES-TjeLsF2QwKJKqKS-ebjutj_qEIGu0ASSFTxgRqVCE3ZN_ET1EWUJM18OSPniL6SCCrZuFxDSNTqJ9CKzqKliGUh9KQ-o_-1_O2m8WNyHQlXPzRFtu1B7ScnqKyJOtgKw2T75KJIGciG82IrRvG1GqbA5fqcAXsEgu2YHW_FXniit9AY5Y-gp5kb5RXXgI8bglulB8qTpqDL2Nsv2jSuCM2BO9a1fG0Kx8sIVUl4P4pptNQwOPpvtqWXOdyKScA5i0dI9rWiQmVYxf54_q7feu6GroZ50PJlyMKCOJykuoPYQvZJYw3RFas3kUBmBT6gajcNgbBROe-y9HtDER7EYdC0chOe2njzJfVZlNIQp3Av5jR-X0YI39Sf-MN8fUPfPzGJjgiD0XY-UDSOQapYdA_6qVYRK8yBPx_YHNN-llYCavRbW76cGlqf8FrFYu0gGvsNv5BWe_-uR4VP26P1AN0SkyVx67XIp80GNnb9_-Pl6hjzWVnZolJ07Ily1_GG7kkJz2mD_Bee4HU6yLT_x_9d9zWwGyw4sn9afTLRblCjDOI2AZZrw5B83Cj-oRXKQCiFtG7JjSQZ6RzXHdNTA-SYdqBqCTSGPFjF4XVYJkBIg1_Nsd4bbfDgSlCN99Rbvx1ELyHaCcERTaI3URVSJxSTL4PPEOSKMwBDgZmbs4A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
vevent
nym1-ib.adnxs.com/ Frame A9E1 		0
983 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QKpB_BMqQMAAAMA1gAFAQj87tGtBhCWnq-66Ozq0hIY6ue515-5i4pNKjYJtrqK3dclnz8RxpcQrCaXnT8ZAAAAoEfh2j8hxpcQrCaXnT8ptroJJPRVAzEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF4hb0FgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDkwMKrQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD0wZjU3NmEyMS00YzliLTQ5MTktYmQ3Ni01MWRjNTBmN2JjNjcmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxMjcwJnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9MGY1NzZhMjEtNGM5Yi00OTE5LWJkNzYtNTFkYzUwZjdiYzY3JnJ0eXBlPW51cmwmdGFnSWQ9MjIxMzc0NDAmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD1lcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMTM0MzY2ODUyMDY4NDg2NzM1MCIJMjQ2NDUzODM1KgRiaW5nOjRVMlZoY21Ob1FXUWpOelF3TVRFeE5EQXhNRFl3TlRZak56UXdNVEV3T1RNd01UUTJNek09wAPgqAHIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNNS4xODEuMjM0LjEzM6gEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATLrMJ1iAUBmAUAoAWivpXjvMzRu07ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW4phj6BQQIABAAkAYBmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGDPIGAggAgAcBiAcAoAdByAeFvQXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB_PfqASKCAIQAJUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=aab2ba1af9d93feeb243edc9899537f03d39834b&type=nv&nvt=5&jm=1400|1003&px=0&py=0&bw=728&bh=74&sid=6009858151604288704&vd=ct~0|rr~0&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=22137440&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
c3a734e4-5a7f-46b3-a35b-837f9ec09133
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame FE4E 		0
983 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QLJB_BMyQMAAAMA1gAFAQj87tGtBhDcnYaJ3NvE21UY6ue515-5i4pNKjYJ5lKClOphmT8RjptIQAUdmD8ZAAAAoEfh2j8hjptIQAUdmD8p5lIJJPQIAzEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF40OYCgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDswMKzQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD01M2Y0MmU1Yi04NDk1LTQyNGYtYWEyZC1hMGY0YmU3ZjdlNWUmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxMjcwJnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9NTNmNDJlNWItODQ5NS00MjRmLWFhMmQtYTBmNGJlN2Y3ZTVlJnJ0eXBlPW51cmwmdGFnSWQ9MjIxMzc0NDAmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD1rbmFxZV8zY19wMmZfemJvdnlyJmFpZD0ke0FVQ1RJT05fSUR9JndwPSR7QVVDVElPTl9QUklDRX0SBTEyMDg1GhM2MTc2NDI2MTU3NTk5MTk4OTQwIgkyNDY0NTM4MzUqBGJpbmc6NFUyVmhjbU5vUVdRak56UXdNVEV4TkRBeE1EWXdOVFlqTnpRd01URXdPVE13TVRRMk16TT3AA-CoAcgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA01LjE4MS4yMzQuMTMzqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBMuswnWIBQGYBQCgBeq6rsLYo-H4LsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbimGPoFBAgAEACQBgGYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAkYAQF0EAAYAOAGDPIGAggAgAcBiAcAoAdByAfQ5gLSBw0JASIBAQEmDNoHBggFCbzgBwDqBwIIAPAH89-oBIoIAhAAlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=0fa46622d65f9b7d8d4fe088036778ae9140af81&type=nv&nvt=5&jm=1400|1003&px=0&py=0&bw=728&bh=74&sid=6009858151604288704&vd=ct~0|rr~0&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=22137440&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
8e0fac57-1414-4291-8532-a6fcdc71387c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame C158 		0
983 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QKZB_BMmQMAAAMA1gAFAQj87tGtBhCojPaEnv2ctlUY6ue515-5i4pNKjYJcp5cx6fsZj8Ruclk_TjHZT8ZAAAAoEfh2j8huclk_TjHZT8pcp4JJPRIATEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF4ycMFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDgwMKsQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD03OTQxZDk4Mi0wYTYwLTQ0ZmQtOTIwMC1hNjA2NzA5YmUxOGMmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbml0PTM5MTI3MCZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPTc5inEAuHJ0eXBlPW51cmwmdGFnSWQ9MjIxMzc0NDAmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0KgFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNjE1NTQyMjIzOTA0MTYxOTQ5NiIJMjQ2NDUzODM1KgRiaW5nOiBVMmh2Y0hCcGJtZEJaQ014TURZd01UQXpNell4T1RVPcAD4KgByAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAFnvyJwLWBgrlxwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFsL0T-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAFFEQF0EAAYAOAGDPIGAggAgAcBiAcAoAdByAfJwwXSBw0JLiYACNoHBgFexBgA4AcA6gcCCADwB_PfqASKCAIQAJUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=6cf04f85fc0312acbe1c3142cf0a8c4aaf35d640&type=nv&nvt=5&jm=1400|1003&px=0&py=0&bw=728&bh=60&sid=6009858151604288704&vd=ct~0|rr~0&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=22137440&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
f27f30d1-b206-46de-bf41-6f77c4bf2a22
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://windsplay.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Sat, 27 Jan 2024 03:24:45 GMT
server
nginx/1.21.6
via
1.1 google
async_usersync
ib.adnxs.com/ Frame 4C30 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1856874&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
6153bada-a9d6-43b1-914d-143181fa8078
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F108 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1856874&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
547f5c35-b52f-48a2-8329-9bfb846078e2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F00E 		0
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1856874&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
90888920-efe1-445b-acec-eecae8fe34a7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 12D3 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1856874&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
dcf1b097-995a-43f5-afa6-effee2a7134e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 81A2 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1856874&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
f099e6da-1514-4cba-99a8-bf96ce987298
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F8EE 		0
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1856874&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
d329ee6f-deb6-4d31-a2a4-32cda92ce102
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame 4E86 		0
983 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QK-B_BMvgMAAAMA1gAFAQj87tGtBhDT8sDS-crapV0Y6ue515-5i4pNKjYJE5jN2lylnD8REurcz7E2mz8ZAAAAoEfh2j8hEurcz7E2mz8pE5gJJPRqAzEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF40uwCgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDqAMKwgJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD00ZTQyNDQwNi02OTdjLTRlNjgtYTBlNC05OWEzZmQ1MjM3ZDkmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxMjcwJnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9NGU0MjQ0MDYtNjk3Yy00ZTY4LWEwZTQtOTlhM2ZkNTIzN2Q5JnJ0eXBlPW51cmwmdGFnSWQ9MjIxMzc0NDAmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD16emYlM0FrbmFxZV8zY19xdmZub3lyX29lbmFxJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNjcyMjU4Mzc5MzI2NDI0NTA3NSIJMjQ2NDUzODM1KgRiaW5nOjRVMlZoY21Ob1FXUWpOelF3TVRFeE5EQXhNRFl3TlRZak56UXdNVEV3T1RNd01UUTJNek09wAPgqAHIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNNS4xODEuMjM0LjEzM6gEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATLrMJ1iAUBmAUAoAWw47O2_Lycs0rABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW4phj6BQQIABAAkAYBmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGDPIGAggAgAcBiAcAoAdByAfS7ALSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB_PfqASKCAIQAJUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=516567947dbca63668f0ca25258b91b8ebdd07b5&type=nv&nvt=5&jm=1400|1003&px=0&py=0&bw=728&bh=74&sid=6009858151604288704&vd=ct~0|rr~0&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=22137440&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
f576ffcc-82b4-42c2-af06-db1768dfa255
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame 4D4B 		0
983 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QLJB_BMyQMAAAMA1gAFAQj87tGtBhCnov2IvJqQ9iYY6ue515-5i4pNKjYJoll0ZN0Xoj8RwO7UhUUwoT8ZAAAAoEfh2j8hwO7UhUUwoT8polkJJPQIAzEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF42fsFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDswMKzQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD1jMDljZWUxNi02OWM5LTQ1NTgtYTE1Zi1jNGRlNWJlMWE5MzkmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxMjcwJnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9YzA5Y2VlMTYtNjljOS00NTU4LWExNWYtYzRkZTViZTFhOTM5JnJ0eXBlPW51cmwmdGFnSWQ9MjIxMzc0NDAmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD1rbmFxZV8zY19wMmZfemJvdnlyJmFpZD0ke0FVQ1RJT05fSUR9JndwPSR7QVVDVElPTl9QUklDRX0SBTEyMDg1GhMyODA0Njg3OTQ2MTY3MzA4NTgzIgkyNDY0NTM4MzUqBGJpbmc6NFUyVmhjbU5vUVdRak56UXdNVEV4TkRBeE1EWXdOVFlqTnpRd01URXdPVE13TVRRMk16TT3AA-CoAcgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA01LjE4MS4yMzQuMTMzqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBMuswnWIBQGYBQCgBbu0orWA6ovCPsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbimGPoFBAgAEACQBgGYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAkYAQF0EAAYAOAGDPIGAggAgAcBiAcAoAdByAfZ-wXSBw0JASIBAQEmDNoHBggFCbzgBwDqBwIIAPAH89-oBIoIAhAAlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=22d76741ce94f5c761f7562560ba478b4e3d5ad0&type=nv&nvt=5&jm=1400|1003&px=0&py=0&bw=728&bh=74&sid=6009858151604288704&vd=ct~0|rr~0&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=22137440&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
c4807ef1-badd-4bed-b66c-4ad5b6d17be3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame 5134 		0
983 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QKqB_BMqgMAAAMA1gAFAQj87tGtBhDV5oD_2ZmT8nAY6ue515-5i4pNKjYJDy0zVqnBrT8RaAQXRcdErD8ZAAAAoEfh2j8haAQXRcdErD8pDy0JJPRWAzEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF4gLcFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDlAMKrgJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD00ZTZjMjY2Yy0xZjk4LTRjNTAtYjgwMi1mODY3OWM0YTkxNGMmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxMjcwJnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9NGU2YzI2NmMtMWY5OC00YzUwLWI4MDItZjg2NzljNGE5MTRjJnJ0eXBlPW51cmwmdGFnSWQ9MjIxMzc0NDAmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD10cWNlY25mZiZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzgxMzQ3MTEyNzI5NzIyMzU2MDUiCTI0NjQ1MzgzNSoEYmluZzo0VTJWaGNtTm9RV1FqTnpRd01URXhOREF4TURZd05UWWpOelF3TVRFd09UTXdNVFEyTXpNPcAD4KgByAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAFm6ripI-6rP4TwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFuKYY-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgzyBgIIAIAHAYgHAKAHQcgHgLcF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8Afz36gEiggCEACVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=35ec49b1fdc1b6c85807f6b800894d3dd2320f04&type=nv&nvt=5&jm=1400|1003&px=0&py=0&bw=728&bh=74&sid=6009858151604288704&vd=ct~0|rr~0&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=22137440&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
bce57f69-7bf4-445f-8030-17c861971a54
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame 358F 		0
983 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QK1B_BMtQMAAAMA1gAFAQj87tGtBhDd4cGx6uDg9BMY6ue515-5i4pNKjYJLZG-J29LmD8RuNbBZXYUlz8ZAAAAoEfh2j8huNbBZXYUlz8pLZEJJPTwAjEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF42_sFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDnwMKuQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD0xNzY2YWQxYS1mMThlLTRjNmItODMzMi05NTdkNTk0M2Y2NGImYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxMjcwJnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9MTc2NmFkMWEtZjE4ZS00YzZiLTgzMzItOTU3ZDU5NDNmNjRiJnJ0eXBlPW51cmwmdGFnSWQ9MjIxMzc0NDAmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD16emYlM0FrbmFxZV8zY19nem5rJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMTQzNDgyMjAyMDg3NTQ0ODU0MSIJMjQ2NDUzODM1KgRiaW5nOjRVMlZoY21Ob1FXUWpOelF3TVRFeE5EQXhNRFl3TlRZak56UXdNVEV3T1RNd01UUTJNek09wAPgqAHIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNNS4xODEuMjM0LjEzM6gEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATLrMJ1iAUBmAUAoAWG6-jUjKq6lC_ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW4phj6BQQIABAAkAYBmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAVEFQF0EAAYAOAGDPIGAggAgAcBiAcAoAdByAfb-wXSBw0JEScBJgzaBwYIBQm84AcA6gcCCADwB_PfqASKCAIQAJUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=52b1f6724dd34cf352cba21ece25574d0e0f0f37&type=nv&nvt=5&jm=1400|1003&px=0&py=0&bw=728&bh=74&sid=6009858151604288704&vd=ct~0|rr~0&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=22137440&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
e21f3147-4509-49ba-9fd8-60548a02ed0b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame 8E30 		0
982 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QKcB_BMnAMAAAMA1gAFAQj87tGtBhDWscyP9sTNixoY6ue515-5i4pNKjYJAAAAAHAgej8RAAAAAATSeD8ZAAAAoEfh2j8hAAAAAATSeD8pAAAJJPCaMQAAAEDheoQ_MOCUxwo4mFBAtV5I4wNQuomKtgFYs_uNAWAAaPDJpgF4x88FgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIXaHR0cHM6Ly93YnotdGF2bnN6Lm5ldC-AAwCIAwGQAwCYAxegAwGqA4QDCrICaHR0cHMBLfCGd3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9OWFiNWYxNTAtMDNiZS00ODViLWE1ZDEtODBhOTBhN2NhNmY4JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmb0FkVW5pFVwYcHVibGlzaAUpLDE2MjY0NTMzMCZySZpxALhydHlwZT1udXJsJnRhZ0lkPTIyMTM3NDQwJnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZ8Ml0cWNlY25mZiZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzE4ODAwMzA5MTIyMjU0MTc0MzAiCTM4MTg0NjcxNCoEYmluZzogVTJodmNIQnBibWRCWkNNeE1EWXdNVEF6TXpZeE9UVT3AA9gEyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAERWBUiAUBmAUAoAXuv8ut6vPFyGfABQDJBUG_HAAA8D_SBQkJCQx4AADYBQHgBQHwBbC9E_oFBAgAEACQBgCYBgC4BgDBBgklLPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfHzwXSBw0VZQEmCNoHBgFexBgA4AcA6gcCCADwB_PfqASKCAIQAJUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=41056b66464e410c9eeb8ee4bb83d16cf0dbc2bf&type=nv&nvt=5&jm=1003&px=0&py=0&bw=182&bh=90&sid=6009858151604288704&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22137440&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
an-x-request-uuid
f1120e1d-0fa0-42ac-9a32-5f49f060c5cc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
1383.json
id5-sync.com/g/v2/ Frame 2121 		629 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1383.json
Requested by
Host: static.cdn.pixad.com.tr
URL: https://static.cdn.pixad.com.tr/dist/prebid8.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
f0641c955bc37ac722aadf1b4ef786f3980e39697dcc6d8e335973e169b1d5ed
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
date
Sat, 27 Jan 2024 03:24:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
AdServerServlet
vid.pubmatic.com/AdServer/ Frame B7FA 		27 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,&us_privacy=&cb=1706325885119&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwbz-tavnsz.net%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwbz-tavnsz.net%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2024-1-26%2017:24:45&ranreq=0.020457210320277808&timezone=-10&sua_br=[]&sua_mob=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:45 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://wbz-tavnsz.net
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
user-synced
cpm.programattik.com/ Frame 0B10 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/user-synced?zone=920&uid=T6683566755625823493
Requested by
Host: cpm.programattik.com
URL: https://cpm.programattik.com/user-sync?zone=920&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D920%26uid%3D%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash

Request headers

Referer
https://cpm.programattik.com/user-sync?zone=920&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D920%26uid%3D%7BUID%7D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store
date
Sat, 27 Jan 2024 03:24:45 GMT
server
nginx
user-synced
cpm.programattik.com/ Frame 7D81 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/user-synced?zone=921&uid=T6710851213427970150
Requested by
Host: cpm.programattik.com
URL: https://cpm.programattik.com/user-sync?zone=921&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D921%26uid%3D%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash

Request headers

Referer
https://cpm.programattik.com/user-sync?zone=921&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D921%26uid%3D%7BUID%7D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store
date
Sat, 27 Jan 2024 03:24:45 GMT
server
nginx
user-synced
cpm.programattik.com/ Frame 4E5B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/user-synced?zone=924&uid=T8292404068245487557
Requested by
Host: cpm.programattik.com
URL: https://cpm.programattik.com/user-sync?zone=924&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D924%26uid%3D%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash

Request headers

Referer
https://cpm.programattik.com/user-sync?zone=924&r=%2F%2Fcpm.programattik.com%2Fuser-synced%3Fzone%3D924%26uid%3D%7BUID%7D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store
date
Sat, 27 Jan 2024 03:24:45 GMT
server
nginx
track
st.pubmatic.com/ Frame B7FA 		0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325886&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.36 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 1693 		159 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325882847,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:45 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
track
aktrack.pubmatic.com/ Frame CAA3 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325884&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:46 GMT
content-length
0
content-type
text/html
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5F57 		39 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325882847,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40026
content-encoding
gzip
content-length
14529
content-type
text/html
date
Sat, 27 Jan 2024 03:24:46 GMT
expires
Sat, 27 Jan 2024 14:31:52 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1693 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325882847,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:46 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=40026
accept-ranges
bytes
content-length
14529
expires
Sat, 27 Jan 2024 14:31:52 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 5F57 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=67126318&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f0e53b74506b4bb5012cb85266b761f24b7772f52b6372b490b025fb4855ab5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 27 Jan 2024 03:24:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame 2D77 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1856874&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
an-x-request-uuid
30bd03fb-80d6-4499-ba2b-502b8bc93c6a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6A4A 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1856874&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
an-x-request-uuid
54b41cc9-b1c0-4a1c-b79e-7d5e719f06c9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 4904 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=7A05A1EB-E839-419A-981D-8D23A8FF1E05&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 27 Jan 2024 03:24:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
KXC15V1S5CDT76HN210K
Pug
simage2.pubmatic.com/AdServer/ Frame 5358
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5554114585976271850&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5554114585976271850&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 27 Jan 2024 03:24:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
343a9bd2-0952-445e-a149-6623d358bee3
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sat, 27 Jan 2024 03:24:46 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5554114585976271850&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 78BE
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=9ed7d566-bcc3-11ee-9d27-bceb8ac44083
0
0
redir
rtb-csync.smartadserver.com/ Frame 6D56
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHODhVN0xhTzhBQUJPMVVLbFljQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAG88U7LaO8AABO1UKlYcA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_cur...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAG88U7LaO8AABO1UKlYcA&pid=558502&do=add&gd...
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAG88U7LaO8AABO1UKlYcA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%...
0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5F57
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=egWh6-g5QZqYHY0jqP8eBQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
0
0
receive
pixel.tapad.com/idsync/ex/ Frame 5F57
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=7A05A1EB-E839-419A-981D-8D23A8FF1E05
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D7c557dde-d608-4ba1-a19b-be5a365c1632%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5554114585976271850&pt=7c557dde-d608-4ba1-a19b-be5a365c1632%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5554114585976271850&pt=7c557dde-d608-4ba1-a19b-be5a365c1632%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
an-x-request-uuid
88d8e757-72c0-43ec-8a25-53a407b90724
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5554114585976271850&pt=7c557dde-d608-4ba1-a19b-be5a365c1632%2C%2C
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 5F57 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%207A05A1EB-E839-419A-981D-8D23A8FF1E05&rnd=RND
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 5F57 		37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 27 Jan 2024 03:24:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame 5F57
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0EwNUExRUItRTgzOS00MTlBLTk4MUQtOEQyM0E4RkYxRTA1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 27 Jan 2024 03:24:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5F57
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAirZUZi-uraAcrnq-r_QKI&google_cver=1
42 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAirZUZi-uraAcrnq-r_QKI&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 27 Jan 2024 03:24:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAirZUZi-uraAcrnq-r_QKI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5F57
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E57B5237F775449FBB25A116396F8954
42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E57B5237F775449FBB25A116396F8954
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 27 Jan 2024 03:24:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sat, 27 Jan 2024 03:24:46 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E57B5237F775449FBB25A116396F8954
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 26 Jan 2024 03:24:46 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5F57
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&gdpr_consent=
42 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 27 Jan 2024 03:24:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&gdpr_consent=
date
Sat, 27 Jan 2024 03:24:46 GMT
server
Kestrel
content-length
355
7A05A1EB-E839-419A-981D-8D23A8FF1E05
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5F57 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/7A05A1EB-E839-419A-981D-8D23A8FF1E05?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:efc0:d7f0:30f1:7edd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 5F57
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Em9_0iRE2uWbcxB7CFqri3zmKEUONJU-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Em9_0iRE2uWbcxB7CFqri3zmKEUONJU-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Em9_0iRE2uWbcxB7CFqri3zmKEUONJU-~A&gdpr=0
date
Sat, 27 Jan 2024 03:24:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
c.gif
www.bing.com/aes/ Frame 8E30
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=d589748d-961f-4c17-a8ad-cebbb41d653e&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=9ab5f150-03be-485b...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=4e430b0b8b024923a094c68e8e873f81&tids=15000&med=10
0
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=4e430b0b8b024923a094c68e8e873f81&tids=15000&med=10
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D4850B08E885449F83438850DF96303D Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:46Z
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sat, 27 Jan 2024 03:24:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 23ED611D3EDB4DD9885BD1F178AA09DB Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:46Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=4e430b0b8b024923a094c68e8e873f81&tids=15000&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
146
expires
0
p
sb.scorecardresearch.com/ 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=331085&ns_st_ec=1&ns_st_cn=1&ns_st_ev=end&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1706325886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.60.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-60-23.atl59.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:46 GMT
via
1.1 653d84f9cc1169ba3d5e97dfeed6b826.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
ATL59-P1
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
8Tai-PvB1QbnNKn34coshzJb-x4G3dCLF-otWjPImnsFGZSxaz4HOw==
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 1693 		27 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325882847,,&us_privacy=&cb=1706325885886&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwbz-tavnsz.net%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwbz-tavnsz.net%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2024-1-26%2017:24:46&ranreq=0.5326247760369189&timezone=-10&sua_br=[]&sua_mob=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325882847,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:46 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://wbz-tavnsz.net
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame 1693 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325886&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.36 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
async_usersync
ib.adnxs.com/ Frame 4C30 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1856874&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
an-x-request-uuid
74bc3839-a50f-4bb7-8e50-de92b68a23c8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
track
aktrack.pubmatic.com/ Frame CAA3 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325884&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:46 GMT
content-length
0
content-type
text/html
i
vid-io-cle.springserve.com/vd/ Frame CAA3 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=ed522828&ps_id=357265&event=js_opportunity&time_on_page=5&num_bq_pt=1&num_dt_pt=2&timestamp=1706325886483&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=e793303b-7a46-461c-ba10-737a1ffd794e.1706325882847&uuid=ed522828-d4cc-40f9-803b-bd94794794df&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&a_cc=s.357265&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=6169473
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.246.194.225 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-246-194-225.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:46 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame CAA3 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=ed522828&ps_id=357265&event=cm_js_demand_req_resp&a_cc=s.357265-d.1183021&dtidx=1&cc_i=0&response_time=413&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1706325886483&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=e793303b-7a46-461c-ba10-737a1ffd794e.1706325882847&uuid=ed522828-d4cc-40f9-803b-bd94794794df&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=2841317
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:46 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame CAA3 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=ed522828&ps_id=357265&event=js_demand_opportunity&a_cc=s.357265-d.1183021&dtidx=1&cc_i=0&response_time=1&creative_type=JS_VPAID&_t1=1&timestamp=1706325886483&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=e793303b-7a46-461c-ba10-737a1ffd794e.1706325882847&uuid=ed522828-d4cc-40f9-803b-bd94794794df&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=1119164
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:46 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame CAA3 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=ed522828&ps_id=357265&event=cm_js_demand_req_resp&a_cc=s.357265-d.437974&dtidx=1&cc_i=0&response_time=519&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1706325886483&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=e793303b-7a46-461c-ba10-737a1ffd794e.1706325882847&uuid=ed522828-d4cc-40f9-803b-bd94794794df&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=6049537
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:46 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame CAA3 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=ed522828&ps_id=357265&event=js_demand_error&a_cc=s.357265-d.1183021&dtidx=1&cc_i=0&response_time=1115&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1706325886483&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=e793303b-7a46-461c-ba10-737a1ffd794e.1706325882847&uuid=ed522828-d4cc-40f9-803b-bd94794794df&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=4832165
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:46 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-cle.springserve.com/vd/ Frame CAA3 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=ed522828&ps_id=357265&event=js_demand_opportunity&a_cc=s.357265-d.437974&dtidx=1&cc_i=0&response_time=0&creative_type=JS_VPAID&_t1=1&timestamp=1706325886483&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=e793303b-7a46-461c-ba10-737a1ffd794e.1706325882847&uuid=ed522828-d4cc-40f9-803b-bd94794794df&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=685664
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.246.194.225 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-246-194-225.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:46 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-dub.springserve.com/vd/ Frame CAA3 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-dub.springserve.com/vd/i?suuid=ed522828&ps_id=357265&event=js_demand_error&a_cc=s.357265-d.437974&dtidx=1&cc_i=0&response_time=650&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1706325886483&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=e793303b-7a46-461c-ba10-737a1ffd794e.1706325882847&uuid=ed522828-d4cc-40f9-803b-bd94794794df&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=4364277
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.245.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-245-60.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:46 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-sin.springserve.com/vd/ Frame CAA3 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-sin.springserve.com/vd/i?suuid=ed522828&ps_id=357265&event=js_supply_error&time_on_page=2184&reason=NO_FILL&timeout=false&timestamp=1706325886483&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=e793303b-7a46-461c-ba10-737a1ffd794e.1706325882847&uuid=ed522828-d4cc-40f9-803b-bd94794794df&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&a_cc=s.357265&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=6840091
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.125.59 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-125-59.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:47 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
async_usersync
ib.adnxs.com/ Frame F108 		0
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1856874&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
an-x-request-uuid
aa4f3d45-7a19-4775-8d0b-fe8d87970f8f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F00E 		0
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1856874&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
an-x-request-uuid
4016073c-2bff-4d24-b1da-feae4aa2aad7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 12D3 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1856874&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
an-x-request-uuid
957b038e-2950-4e8f-ba13-abaf280160c3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 81A2 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1856874&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
an-x-request-uuid
7bde6183-784a-43aa-83c1-5e41b5012ea2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F8EE 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1856874&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1856874
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
an-x-request-uuid
b57e3758-840a-44fb-8890-e91364c8782d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1BF0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
79076
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 Jan 2024 03:24:46 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
212693
X-Served-By
cache-lga21958-LGA
X-Timer
S1706325887.607256,VS0,VE0
vevent
nym1-ib.adnxs.com/ Frame C158 		0
983 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QKZB_BMmQMAAAMA1gAFAQj87tGtBhCojPaEnv2ctlUY6ue515-5i4pNKjYJcp5cx6fsZj8Ruclk_TjHZT8ZAAAAoEfh2j8huclk_TjHZT8pcp4JJPRIATEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF4ycMFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDgwMKsQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD03OTQxZDk4Mi0wYTYwLTQ0ZmQtOTIwMC1hNjA2NzA5YmUxOGMmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbml0PTM5MTI3MCZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPTc5inEAuHJ0eXBlPW51cmwmdGFnSWQ9MjIxMzc0NDAmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0KgFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNjE1NTQyMjIzOTA0MTYxOTQ5NiIJMjQ2NDUzODM1KgRiaW5nOiBVMmh2Y0hCcGJtZEJaQ014TURZd01UQXpNell4T1RVPcAD4KgByAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAFnvyJwLWBgrlxwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFsL0T-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAFFEQF0EAAYAOAGDPIGAggAgAcBiAcAoAdByAfJwwXSBw0JLiYACNoHBgFexBgA4AcA6gcCCADwB_PfqASKCAIQAJUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=6cf04f85fc0312acbe1c3142cf0a8c4aaf35d640&type=pv&jm=1400|1003|1421&px=0&py=0&bw=728&bh=125&sf=1&sid=6009858151604288704&vd=ct~0|rr~5&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=22137440&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
an-x-request-uuid
7894e213-44cd-4727-9b75-9e8ae8e1d4d1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c.gif
www.bing.com/aes/ Frame 6B72
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=0b8f570e-74ea-4bf1-aefa-4ae8c7bcc4cb&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=7941d982-0a60-44fd...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=9ab9b3a9baaa4d89b6d0d018f834deeb&tids=15000&med=10
0
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=9ab9b3a9baaa4d89b6d0d018f834deeb&tids=15000&med=10
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 434DBFE4172E450D93596752995DFAFF Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:46Z
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sat, 27 Jan 2024 03:24:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2ED1AE0685294BA291EC73A16862B74C Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:46Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=9ab9b3a9baaa4d89b6d0d018f834deeb&tids=15000&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
146
expires
0
async_usersync
ib.adnxs.com/ Frame 1BF0 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
an-x-request-uuid
6ffcb1e7-323c-46c6-98a4-1d3a8fc2ea5c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame FE4E 		0
983 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QLJB_BMyQMAAAMA1gAFAQj87tGtBhDcnYaJ3NvE21UY6ue515-5i4pNKjYJ5lKClOphmT8RjptIQAUdmD8ZAAAAoEfh2j8hjptIQAUdmD8p5lIJJPQIAzEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF40OYCgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDswMKzQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD01M2Y0MmU1Yi04NDk1LTQyNGYtYWEyZC1hMGY0YmU3ZjdlNWUmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxMjcwJnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9NTNmNDJlNWItODQ5NS00MjRmLWFhMmQtYTBmNGJlN2Y3ZTVlJnJ0eXBlPW51cmwmdGFnSWQ9MjIxMzc0NDAmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD1rbmFxZV8zY19wMmZfemJvdnlyJmFpZD0ke0FVQ1RJT05fSUR9JndwPSR7QVVDVElPTl9QUklDRX0SBTEyMDg1GhM2MTc2NDI2MTU3NTk5MTk4OTQwIgkyNDY0NTM4MzUqBGJpbmc6NFUyVmhjbU5vUVdRak56UXdNVEV4TkRBeE1EWXdOVFlqTnpRd01URXdPVE13TVRRMk16TT3AA-CoAcgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA01LjE4MS4yMzQuMTMzqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBMuswnWIBQGYBQCgBeq6rsLYo-H4LsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbimGPoFBAgAEACQBgGYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAkYAQF0EAAYAOAGDPIGAggAgAcBiAcAoAdByAfQ5gLSBw0JASIBAQEmDNoHBggFCbzgBwDqBwIIAPAH89-oBIoIAhAAlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=0fa46622d65f9b7d8d4fe088036778ae9140af81&type=pv&jm=1400|1003|1421&px=0&py=0&bw=728&bh=125&sf=1&sid=6009858151604288704&vd=ct~0|rr~5&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=22137440&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
an-x-request-uuid
f97edda7-ea88-422c-abab-fc761cdc64a0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c.gif
www.bing.com/aes/ Frame 372A
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=de3a77af-392e-4003-a572-23e5caacb59e&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=53f42e5b-8495-424f-aa2...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ee7e3963327d44419deb4dc0599c3d14&tids=1&med=10
0
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ee7e3963327d44419deb4dc0599c3d14&tids=1&med=10
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 02B4E51D09544CB0974D6AD49EE4453B Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:46Z
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sat, 27 Jan 2024 03:24:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 50C04AEAF2634F839B9F30852E6ECB2C Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:46Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ee7e3963327d44419deb4dc0599c3d14&tids=1&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
142
expires
0
vevent
nym1-ib.adnxs.com/ Frame A9E1 		0
983 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QKpB_BMqQMAAAMA1gAFAQj87tGtBhCWnq-66Ozq0hIY6ue515-5i4pNKjYJtrqK3dclnz8RxpcQrCaXnT8ZAAAAoEfh2j8hxpcQrCaXnT8ptroJJPRVAzEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF4hb0FgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDkwMKrQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD0wZjU3NmEyMS00YzliLTQ5MTktYmQ3Ni01MWRjNTBmN2JjNjcmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxMjcwJnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9MGY1NzZhMjEtNGM5Yi00OTE5LWJkNzYtNTFkYzUwZjdiYzY3JnJ0eXBlPW51cmwmdGFnSWQ9MjIxMzc0NDAmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD1lcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMTM0MzY2ODUyMDY4NDg2NzM1MCIJMjQ2NDUzODM1KgRiaW5nOjRVMlZoY21Ob1FXUWpOelF3TVRFeE5EQXhNRFl3TlRZak56UXdNVEV3T1RNd01UUTJNek09wAPgqAHIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNNS4xODEuMjM0LjEzM6gEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATLrMJ1iAUBmAUAoAWivpXjvMzRu07ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW4phj6BQQIABAAkAYBmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGDPIGAggAgAcBiAcAoAdByAeFvQXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB_PfqASKCAIQAJUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=aab2ba1af9d93feeb243edc9899537f03d39834b&type=pv&jm=1400|1003|1421&px=0&py=0&bw=728&bh=125&sf=1&sid=6009858151604288704&vd=ct~0|rr~5&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=22137440&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
an-x-request-uuid
946c6a19-f7a0-4e7c-ab1f-886d01aa0c4f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c.gif
www.bing.com/aes/ Frame 2407
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=45790be1-12e3-4133-87c7-b55ce34c176b&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=0f576a21-4c9b-4919-bd7...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=68cb99f9720c4ddeacbd974e3a7bd5d6&tids=1&med=10
0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=68cb99f9720c4ddeacbd974e3a7bd5d6&tids=1&med=10
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 65E93301124447DC871CC04D75C9EA44 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:46Z
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sat, 27 Jan 2024 03:24:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 80BC4C2C76D448F98A3E5DDD0E160BE8 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:46Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=68cb99f9720c4ddeacbd974e3a7bd5d6&tids=1&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
142
expires
0
vevent
nym1-ib.adnxs.com/ Frame 8E30 		0
983 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QKcB_BMnAMAAAMA1gAFAQj87tGtBhDWscyP9sTNixoY6ue515-5i4pNKjYJAAAAAHAgej8RAAAAAATSeD8ZAAAAoEfh2j8hAAAAAATSeD8pAAAJJPCaMQAAAEDheoQ_MOCUxwo4mFBAtV5I4wNQuomKtgFYs_uNAWAAaPDJpgF4x88FgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIXaHR0cHM6Ly93YnotdGF2bnN6Lm5ldC-AAwCIAwGQAwCYAxegAwGqA4QDCrICaHR0cHMBLfCGd3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9OWFiNWYxNTAtMDNiZS00ODViLWE1ZDEtODBhOTBhN2NhNmY4JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmb0FkVW5pFVwYcHVibGlzaAUpLDE2MjY0NTMzMCZySZpxALhydHlwZT1udXJsJnRhZ0lkPTIyMTM3NDQwJnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZ8Ml0cWNlY25mZiZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzE4ODAwMzA5MTIyMjU0MTc0MzAiCTM4MTg0NjcxNCoEYmluZzogVTJodmNIQnBibWRCWkNNeE1EWXdNVEF6TXpZeE9UVT3AA9gEyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAERWBUiAUBmAUAoAXuv8ut6vPFyGfABQDJBUG_HAAA8D_SBQkJCQx4AADYBQHgBQHwBbC9E_oFBAgAEACQBgCYBgC4BgDBBgklLPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfHzwXSBw0VZQEmCNoHBgFexBgA4AcA6gcCCADwB_PfqASKCAIQAJUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=41056b66464e410c9eeb8ee4bb83d16cf0dbc2bf&type=pv&jm=1003&px=0&py=0&bw=182&bh=90&sf=1&sid=6009858151604288704&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22137440&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
an-x-request-uuid
bb3dc9b2-6c55-45c8-9cc1-3a1424c09413
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame 358F 		0
983 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QK1B_BMtQMAAAMA1gAFAQj87tGtBhDd4cGx6uDg9BMY6ue515-5i4pNKjYJLZG-J29LmD8RuNbBZXYUlz8ZAAAAoEfh2j8huNbBZXYUlz8pLZEJJPTwAjEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF42_sFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDnwMKuQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD0xNzY2YWQxYS1mMThlLTRjNmItODMzMi05NTdkNTk0M2Y2NGImYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxMjcwJnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9MTc2NmFkMWEtZjE4ZS00YzZiLTgzMzItOTU3ZDU5NDNmNjRiJnJ0eXBlPW51cmwmdGFnSWQ9MjIxMzc0NDAmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD16emYlM0FrbmFxZV8zY19nem5rJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMTQzNDgyMjAyMDg3NTQ0ODU0MSIJMjQ2NDUzODM1KgRiaW5nOjRVMlZoY21Ob1FXUWpOelF3TVRFeE5EQXhNRFl3TlRZak56UXdNVEV3T1RNd01UUTJNek09wAPgqAHIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNNS4xODEuMjM0LjEzM6gEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATLrMJ1iAUBmAUAoAWG6-jUjKq6lC_ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW4phj6BQQIABAAkAYBmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAVEFQF0EAAYAOAGDPIGAggAgAcBiAcAoAdByAfb-wXSBw0JEScBJgzaBwYIBQm84AcA6gcCCADwB_PfqASKCAIQAJUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=52b1f6724dd34cf352cba21ece25574d0e0f0f37&type=pv&jm=1400|1003|1421&px=0&py=0&bw=728&bh=125&sf=1&sid=6009858151604288704&vd=ct~0|rr~5&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=22137440&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
an-x-request-uuid
cfae1997-4e0a-49ab-a9b8-3f2796fcef06
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c.gif
www.bing.com/aes/ Frame CE29
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=bad3ebf0-39e9-4a2a-83d2-bab8b4e85c5b&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=1766ad1a-f18e-4c6b-833...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=e821d197cc5c47dc8453de200ae9df50&tids=1&med=10
0
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=e821d197cc5c47dc8453de200ae9df50&tids=1&med=10
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6EFC8B134DB14D2CB05319AE741C1E3F Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:46Z
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sat, 27 Jan 2024 03:24:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D59BA43985F2454FB4BBEA6779B86FC5 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:46Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=e821d197cc5c47dc8453de200ae9df50&tids=1&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
142
expires
0
vevent
nym1-ib.adnxs.com/ Frame 4D4B 		0
983 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QLJB_BMyQMAAAMA1gAFAQj87tGtBhCnov2IvJqQ9iYY6ue515-5i4pNKjYJoll0ZN0Xoj8RwO7UhUUwoT8ZAAAAoEfh2j8hwO7UhUUwoT8polkJJPQIAzEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF42fsFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDswMKzQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD1jMDljZWUxNi02OWM5LTQ1NTgtYTE1Zi1jNGRlNWJlMWE5MzkmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxMjcwJnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9YzA5Y2VlMTYtNjljOS00NTU4LWExNWYtYzRkZTViZTFhOTM5JnJ0eXBlPW51cmwmdGFnSWQ9MjIxMzc0NDAmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD1rbmFxZV8zY19wMmZfemJvdnlyJmFpZD0ke0FVQ1RJT05fSUR9JndwPSR7QVVDVElPTl9QUklDRX0SBTEyMDg1GhMyODA0Njg3OTQ2MTY3MzA4NTgzIgkyNDY0NTM4MzUqBGJpbmc6NFUyVmhjbU5vUVdRak56UXdNVEV4TkRBeE1EWXdOVFlqTnpRd01URXdPVE13TVRRMk16TT3AA-CoAcgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA01LjE4MS4yMzQuMTMzqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBMuswnWIBQGYBQCgBbu0orWA6ovCPsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbimGPoFBAgAEACQBgGYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAkYAQF0EAAYAOAGDPIGAggAgAcBiAcAoAdByAfZ-wXSBw0JASIBAQEmDNoHBggFCbzgBwDqBwIIAPAH89-oBIoIAhAAlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=22d76741ce94f5c761f7562560ba478b4e3d5ad0&type=pv&jm=1400|1003|1421&px=0&py=0&bw=728&bh=125&sf=1&sid=6009858151604288704&vd=ct~0|rr~5&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=22137440&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
an-x-request-uuid
1871a8fa-4d96-4ae9-ab95-a96489d2e6ea
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c.gif
www.bing.com/aes/ Frame E845
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=d3d7516a-fc7b-49ee-969a-9273e4d5751a&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=c09cee16-69c9-4558-a15...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=f856f1dbbf8e4fc98d2a683cd3088a92&tids=1&med=10
0
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=f856f1dbbf8e4fc98d2a683cd3088a92&tids=1&med=10
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5776E86402C34AD48583577B80C14687 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:46Z
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sat, 27 Jan 2024 03:24:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 833B939B9A954FE8891720ABA20AA092 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:46Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=f856f1dbbf8e4fc98d2a683cd3088a92&tids=1&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
142
expires
0
vevent
nym1-ib.adnxs.com/ Frame 5134 		0
984 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QKqB_BMqgMAAAMA1gAFAQj87tGtBhDV5oD_2ZmT8nAY6ue515-5i4pNKjYJDy0zVqnBrT8RaAQXRcdErD8ZAAAAoEfh2j8haAQXRcdErD8pDy0JJPRWAzEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF4gLcFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDlAMKrgJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD00ZTZjMjY2Yy0xZjk4LTRjNTAtYjgwMi1mODY3OWM0YTkxNGMmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxMjcwJnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9NGU2YzI2NmMtMWY5OC00YzUwLWI4MDItZjg2NzljNGE5MTRjJnJ0eXBlPW51cmwmdGFnSWQ9MjIxMzc0NDAmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD10cWNlY25mZiZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzgxMzQ3MTEyNzI5NzIyMzU2MDUiCTI0NjQ1MzgzNSoEYmluZzo0VTJWaGNtTm9RV1FqTnpRd01URXhOREF4TURZd05UWWpOelF3TVRFd09UTXdNVFEyTXpNPcAD4KgByAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAFm6ripI-6rP4TwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFuKYY-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgzyBgIIAIAHAYgHAKAHQcgHgLcF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8Afz36gEiggCEACVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=35ec49b1fdc1b6c85807f6b800894d3dd2320f04&type=pv&jm=1400|1003|1421&px=0&py=0&bw=728&bh=125&sf=1&sid=6009858151604288704&vd=ct~0|rr~5&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=22137440&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
an-x-request-uuid
b352c1e8-3415-4765-8bdf-37b5f96227b9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c.gif
www.bing.com/aes/ Frame C240
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=8dcda9e2-ddc1-4eae-bb4d-95c6b2cd280f&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=4e6c266c-1f98-4c50-b80...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=7c5f284b29ac4a0abd5e5e0fadbb8d21&tids=1&med=10
0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=7c5f284b29ac4a0abd5e5e0fadbb8d21&tids=1&med=10
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 94F43040B129413FA6943927DEA6578E Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:46Z
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sat, 27 Jan 2024 03:24:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E75216C5B2294C51B9C6834FC25033A1 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:46Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=7c5f284b29ac4a0abd5e5e0fadbb8d21&tids=1&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
142
expires
0
vevent
nym1-ib.adnxs.com/ Frame 4E86 		0
983 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwbz-tavnsz.net%2F&e=wqT_3QK-B_BMvgMAAAMA1gAFAQj87tGtBhDT8sDS-crapV0Y6ue515-5i4pNKjYJE5jN2lylnD8REurcz7E2mz8ZAAAAoEfh2j8hEurcz7E2mz8pE5gJJPRqAzEAAABA4XqEPzDglMcKOJhQQLVeSOMDUMuswnVYs_uNAWAAaPDJpgF40uwCgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhdodHRwczovL3diei10YXZuc3oubmV0L4ADAIgDAZADAJgDF6ADAaoDqAMKwgJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD00ZTQyNDQwNi02OTdjLTRlNjgtYTBlNC05OWEzZmQ1MjM3ZDkmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxMjcwJnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9NGU0MjQ0MDYtNjk3Yy00ZTY4LWEwZTQtOTlhM2ZkNTIzN2Q5JnJ0eXBlPW51cmwmdGFnSWQ9MjIxMzc0NDAmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD16emYlM0FrbmFxZV8zY19xdmZub3lyX29lbmFxJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNjcyMjU4Mzc5MzI2NDI0NTA3NSIJMjQ2NDUzODM1KgRiaW5nOjRVMlZoY21Ob1FXUWpOelF3TVRFeE5EQXhNRFl3TlRZak56UXdNVEV3T1RNd01UUTJNek09wAPgqAHIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNNS4xODEuMjM0LjEzM6gEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATLrMJ1iAUBmAUAoAWw47O2_Lycs0rABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW4phj6BQQIABAAkAYBmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGDPIGAggAgAcBiAcAoAdByAfS7ALSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB_PfqASKCAIQAJUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=516567947dbca63668f0ca25258b91b8ebdd07b5&type=pv&jm=1400|1003|1421&px=0&py=0&bw=728&bh=125&sf=1&sid=6009858151604288704&vd=ct~0|rr~5&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=22137440&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
an-x-request-uuid
ab184d40-af17-449e-94c2-3aaa48ba5fc0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c.gif
www.bing.com/aes/ Frame 1FD8
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=b6de0de9-b7eb-4496-9769-89ed8cc173db&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=4e424406-697c-4e68-a0e...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=27d1a70e5250457b9514317d5f3d6384&tids=1&med=10
0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=27d1a70e5250457b9514317d5f3d6384&tids=1&med=10
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BAD467AFEFC7466FA1A80569D759D5F9 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:46Z
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sat, 27 Jan 2024 03:24:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AE0872401A2E4A60AC0906C76330AEF7 Ref B: EWR311000104021 Ref C: 2024-01-27T03:24:46Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=27d1a70e5250457b9514317d5f3d6384&tids=1&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
142
expires
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame CFB1 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
79076
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 Jan 2024 03:24:46 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
212695
X-Served-By
cache-lga21958-LGA
X-Timer
S1706325887.853231,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 576D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
79076
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 Jan 2024 03:24:46 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
211811
X-Served-By
cache-lga21924-LGA
X-Timer
S1706325887.854320,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame B7AF 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 27 Jan 2024 03:24:46 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame 47CE 		749 B
832 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
0390e9862fadc96ca99eb73e69e26ffa9fdcb9d4fc3335087ae563e77183ac3c

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
749
content-type
text/html
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame E18B
Redirect Chain
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6550805774
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6550805774&rd=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6550805774&rd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
91f304ecd9691c55f724ecb159a9b1b803485e1fc460bb625bf2a22be20b9780

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 27 Jan 2024 03:23:05 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.5

Redirect headers

content-type
text/html; charset=UTF-8
date
Sat, 27 Jan 2024 03:23:05 GMT
location
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6550805774&rd=1
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
x-powered-by
PHP/8.2.5
async_usersync.html
acdn.adnxs.com/dmp/ Frame FCB4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
79076
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 Jan 2024 03:24:46 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
211812
X-Served-By
cache-lga21924-LGA
X-Timer
S1706325887.883925,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EB1F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56813
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 27 Jan 2024 03:24:46 GMT
expires
Sat, 27 Jan 2024 19:11:39 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
rtb-csync.smartadserver.com/redir/ Frame 002F
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6771990059
  • https://sync.1rx.io/usersync/tradedesk/ea18b846-2890-45b5-bb97-1db97e1acc8a
  • https://sync.targeting.unrulymedia.com/csync/RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-6db02d9c-3...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005
43 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005
date
Sat, 27 Jan 2024 03:24:47 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX6db02d9c30dd4c5d9287813b93805cd3005
content-type
text/html
/
rtb-csync.smartadserver.com/redir/ Frame 002F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZbR3ewAAX5lxcQBK&gdpr=0&gdpr_consent=
43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZbR3ewAAX5lxcQBK&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-lga21970-LGA
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1706325887.884523,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZbR3ewAAX5lxcQBK&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
v1
match.sharethrough.com/sync/ Frame 002F
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4027850678975933537&gdpr=0&gdpr_consent=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4027850678975933537&gdpr=0&gdpr_consent=
Protocol
H2
Server
50.19.82.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-82-102.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:46 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4027850678975933537&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
10.gif
id5-sync.com/c/102/163/0/ Frame 002F
Redirect Chain
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-cd97pA0gcDiLvxp5fxf53Qn1RQt5eJeJkHFIxa-OTw&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_...
  • https://id5-sync.com/c/102/102/8/2.gif?puid=4027850678975933537&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/2/7/3.gif?puid=5554114585976271850&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AAG88U7LaO8AABO1UKlYcA&id5AccountNum=155&numCascadesAllowed=9
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=ea18b846-2890-45b5-bb97-1db97e1acc8a&ttl=%%TTL%%
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F4%2F6.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/102/123/4/6.gif?puid=18d48f2b6b9-26b00000010a59e6&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/102/112/3/7.gif?puid=B86DEE7BEC4EECF0&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F2%2F8.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/102/10/2/8.gif?puid=481039510169595972&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F1%2F9.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/104/1/9.gif?puid=5520a5b8-4f14-47af-8167-705984949485&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F163%2F0%2F10.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/102/163/0/10.gif?puid=AkhEhhiT1Rtzjh5&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/102/163/0/10.gif?puid=AkhEhhiT1Rtzjh5&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sat, 27 Jan 2024 03:24:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 03:24:48 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-0174de7c622621521@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://id5-sync.com/c/102/163/0/10.gif?puid=AkhEhhiT1Rtzjh5&gdpr=0&gdpr_consent=
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 002F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&gdpr_consent=
date
Sat, 27 Jan 2024 03:24:46 GMT
server
Kestrel
content-length
299
async_usersync
ib.adnxs.com/ Frame CFB1 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
an-x-request-uuid
1f3ce64e-4e9b-4d09-b050-fe55a249a7f7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 576D 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
an-x-request-uuid
412ad3c8-4885-4c15-98b1-95c2503f47c7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame B7AF 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5cfa4afdbef4f9b5d33790abf8244348412a27e7c166328b50fc5e7f5e8bdceb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:46 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Jan 2024 02:57:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84724
Connection
keep-alive
Content-Length
10901
Expires
Sun, 28 Jan 2024 02:56:50 GMT
match
ads.betweendigital.com/ Frame 47CE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=between&bsw_custom_parameter=5520a5b8-4f14-47af-8167-705984949485
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=5520a5b8-4f14-47af-8167-705984949485&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=7c557dde-d608-4ba1-a19b-be5a365c1632&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=7c557dde-d608-4ba1-a19b-be5a365c1632&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=42104034399028679712155648240527062714&pt=7c557dde-d608-4ba1-a19b-be5a365c1632%2Chttps%253A%252F%252Fx.bidswitch.net%252Fs...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=between&bsw_param=5520a5b8-4f14-47af-8167-705984949485
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=5520a5b8-4f14-47af-8167-705984949485
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=5520a5b8-4f14-47af-8167-705984949485
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=5520a5b8-4f14-47af-8167-705984949485
Date
Sat, 27 Jan 2024 03:24:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
match
ads.betweendigital.com/ Frame 47CE
Redirect Chain
  • https://ads.adlook.me/csync?pid=btw&uid=b24fc8fc-8b1d-531b-b0fb-873ed54ff047&url=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D128%26external_user_id%3D%7BuserId%7D
  • https://ads.betweendigital.com/match?bidder_id=128&external_user_id=e7931392255b4d1eb5817ada86475dab
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=128&external_user_id=e7931392255b4d1eb5817ada86475dab
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
https://ads.betweendigital.com/match?bidder_id=128&external_user_id=e7931392255b4d1eb5817ada86475dab
date
Sat, 27 Jan 2024 03:24:46 GMT
server
Microsoft-IIS/10.0
btw
sync.dmp.otm-r.com/match/ Frame 47CE 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/btw?id=b24fc8fc-8b1d-531b-b0fb-873ed54ff047
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.69.72.5 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.5.72.69.159.clients.your-server.de
Software
nginx/1.17.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:47 GMT
server
nginx/1.17.0
match
ads.betweendigital.com/ Frame 47CE
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=gRgb5CTQoW0.AikABlGNSPLJcg
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=gRgb5CTQoW0.AikABlGNSPLJcg
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
server
nginx
x-backend-id
f2-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=gRgb5CTQoW0.AikABlGNSPLJcg
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame FCB4 		0
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
an-x-request-uuid
615a0772-89eb-4abb-a0a4-00022753705a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
vid.vidoomy.com/ Frame 7733 		49 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer
https://ads.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sat, 27 Jan 2024 03:24:47 GMT
etag
W/"a9290c6b5f8c75ebc321b414a16a5c2a"
last-modified
Tue, 12 Dec 2023 09:09:26 GMT
server
CDN77-Turbo
vary
Accept-Encoding Accept-Encoding
x-77-age
220612
x-77-cache
HIT
x-77-nzt
A1m7sQ83Nzf/xF0DAJySO983NzexbT1aAsdSRwA
x-77-nzt-ray
49be14087c6ea83f7f77b465c642280f
x-77-pop
newyorkUSNY
x-accel-date
1706105275
x-accel-expires
@1707142075
x-age-lb
220612
x-amz-request-id
tx0000059b14a1e262e6aea-0065a147ba-2bae485-prg
x-amz-storage-class
STANDARD
x-cache-lb
HIT
x-rgw-object-type
Normal
PugMaster
image6.pubmatic.com/AdServer/ Frame EB1F 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=41323852&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e22957ff3644522f17da060484eae66a19121a8d5ea588777ab50bbef17fb880

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 27 Jan 2024 03:24:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame D821 		85 B
258 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sat, 27 Jan 2024 03:24:47 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-lga21970-LGA
x-timer
S1706325887.120175,VS0,VE9
141
match.deepintent.com/usersync/ Frame 5158 		0
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Sat, 27 Jan 2024 03:24:46 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
Pug
simage2.pubmatic.com/AdServer/ Frame A1A5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5520a5b8-4f14-47af-8167-705984949485
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5520a5b8-4f14-47af-8167-705984949485
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=0720d1d8-a8b6-4457-9ba7-7cfe8ceb61a0&user_group=1&ssp=pubmatic&bsw_param=5520a5b8-4f14-47af-8167-705984949485
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5520a5b8-4f14-47af-8167-705984949485&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5520a5b8-4f14-47af-8167-705984949485&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 27 Jan 2024 03:24:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 27 Jan 2024 03:24:47 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5520a5b8-4f14-47af-8167-705984949485&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame FE1E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oCZVl6EkAMG7JwLHpSIakq8gAse7IQ6SpyK-4HVe
42 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oCZVl6EkAMG7JwLHpSIakq8gAse7IQ6SpyK-4HVe
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 27 Jan 2024 03:24:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sat, 27 Jan 2024 03:24:47 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oCZVl6EkAMG7JwLHpSIakq8gAse7IQ6SpyK-4HVe
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame C1F9
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:AkhEhhiT1Rtzjh5&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:AkhEhhiT1Rtzjh5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 27 Jan 2024 03:24:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 27 Jan 2024 03:24:46 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:AkhEhhiT1Rtzjh5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-04a14c9e36ad01112@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame E50C
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=2b264bda-1995-43f9-82fb-d30181d4ae55&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=7A05A1EB-E839-419A-981D-8D23A8FF1E05
42 B
491 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=7A05A1EB-E839-419A-981D-8D23A8FF1E05
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-222-101.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Sat, 27 Jan 2024 03:24:47 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 27 Jan 2024 03:24:45 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=7A05A1EB-E839-419A-981D-8D23A8FF1E05
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 9753
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
118 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 27 Jan 2024 03:24:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:46 GMT
expires
Sat, 27 Jan 2024 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1385948
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame A31B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=2w51-qyfWF5reWb4xqKsmAW16oU&gdpr=0&gdpr_consent=
42 B
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=2w51-qyfWF5reWb4xqKsmAW16oU&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 27 Jan 2024 03:24:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sat, 27 Jan 2024 03:24:47 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=2w51-qyfWF5reWb4xqKsmAW16oU&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 76FF
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2809753620617690363
42 B
276 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2809753620617690363
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 27 Jan 2024 03:24:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sat, 27 Jan 2024 03:24:47 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2809753620617690363
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
i.match
a.tribalfusion.com/ Frame A0FB 		43 B
489 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
84bde27a9bcf42ab-EWR
content-length
43
content-type
image/gif; charset=utf-8
date
Sat, 27 Jan 2024 03:24:47 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
Pug
image2.pubmatic.com/AdServer/ Frame A1A9
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU8bf0252287024404b335b3ba67fa6f9d
42 B
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU8bf0252287024404b335b3ba67fa6f9d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 27 Jan 2024 03:24:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Sat, 27 Jan 2024 03:24:47 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU8bf0252287024404b335b3ba67fa6f9d
pragma
no-cache
server
Tengine
Pug
simage2.pubmatic.com/AdServer/ Frame D729
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 27 Jan 2024 03:24:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sat, 27 Jan 2024 03:24:47 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame EB1D
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=881709339909
42 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=881709339909
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 27 Jan 2024 03:24:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=881709339909
Pug
simage2.pubmatic.com/AdServer/ Frame 0B97
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3a8765b4-777a-4700-b6f1-8334dac4d9f0&gdpr=0&gdpr_consent=
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3a8765b4-777a-4700-b6f1-8334dac4d9f0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 27 Jan 2024 03:24:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 27 Jan 2024 03:24:47 GMT
Expires
Sat, 27 Jan 2024 03:24:46 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1451 1934b03 master ord ord-pixel-x58 config_version:"539"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3a8765b4-777a-4700-b6f1-8334dac4d9f0&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame F64B
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=_POTYpxSAz2mj1OEf3e0ZQ
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=_POTYpxSAz2mj1OEf3e0ZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 27 Jan 2024 03:24:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Sat, 27 Jan 2024 03:24:47 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=_POTYpxSAz2mj1OEf3e0ZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
pubmatic
ad.mrtnsvr.com/sync/ Frame 4261 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 582A
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=8345392668
  • https://sync.1rx.io/usersync3/mediamathtest/1508/3a8765b4-777a-4700-b6f1-8334dac4d9f0?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005
42 B
255 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 27 Jan 2024 03:24:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Sat, 27 Jan 2024 03:24:47 GMT
etag
RX6db02d9c30dd4c5d9287813b93805cd3005
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
cm
ipac.ctnsnet.com/int/ Frame E71D 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sat, 27 Jan 2024 03:24:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
pub
matching.truffle.bid/sync/ Frame 6058 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Sat, 27 Jan 2024 03:24:47 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame EE01 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sat, 27 Jan 2024 03:24:47 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-249fe9aa07e0@version_1.582v4
X-core-time
1ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame 89A7
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7596122872025351995&uid=Q759612287202535...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7596122872025351995
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7596122872025351995
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 27 Jan 2024 03:24:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=31760
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Sat, 27 Jan 2024 03:24:47 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7596122872025351995
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame 8378
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E57B5237F775449FBB25A116396F8954&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E57B5237F775449FBB25A116396F8954&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 27 Jan 2024 03:24:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Sat, 27 Jan 2024 03:24:47 GMT
expires
Fri, 26 Jan 2024 03:24:47 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E57B5237F775449FBB25A116396F8954&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
insync
thrtle.com/ Frame EB1F
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&vxii_pid=12&vxii_pid1=10067&vxii_rcid=c9ab0d85-fd57-4e59-91c7-85a3b499f492
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&vxii_pid=12&vxii_pid1=10067&vxii_rcid=c9ab0d85-fd57-4e59-91c7-85a3b499f492
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
54.163.145.250 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-145-250.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Sat, 27 Jan 2024 03:24:47 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&vxii_pid=12&vxii_pid1=10067&vxii_rcid=c9ab0d85-fd57-4e59-91c7-85a3b499f492
date
Sat, 27 Jan 2024 03:24:47 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame EB1F
Redirect Chain
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent=
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent=
date
Sat, 27 Jan 2024 03:24:47 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
Martin
crb.kargo.com/api/v1/dsync/ Frame EB1F 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.26.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-26-94.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame EB1F 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.244.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-244-166.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 27 Jan 2024 03:24:46 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EB1F
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9937cf25-d733-49e9-a224-fe71af373a0d&gdpr=0&gdpr_consent=
1 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9937cf25-d733-49e9-a224-fe71af373a0d&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9937cf25-d733-49e9-a224-fe71af373a0d&gdpr=0&gdpr_consent=
Date
Sat, 27 Jan 2024 03:24:47 GMT
Connection
keep-alive
X-CI-RTID
03267935-fabc-44bd-b126-b2118df6a2df
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame EB1F
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1f5742648788243b&is_secure=true&networkId=17100&version=1&nuid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACcDz2cVEWJQN6pBHbAAAAAAA&expiration=1706412287&nuid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&...
42 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACcDz2cVEWJQN6pBHbAAAAAAA&expiration=1706412287&nuid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACcDz2cVEWJQN6pBHbAAAAAAA&expiration=1706412287&nuid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame EB1F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7830607249730030491&gdpr=0&gdpr_consent=&us_privacy=
1 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7830607249730030491&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7830607249730030491&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sn.ashx
pmp.mxptint.net/ Frame EB1F
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33646_10FECF050_A65EACC2&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
HTTP/1.1
Server
38.98.69.175 North Bergen, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-389330687; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Sat, 27 Jan 2024 03:24:46 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-389330687; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame EB1F
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=0a28d24a-cf74-430f-bb09-6fcd90d36213-65b4777b-5553&gdpr=0&gdpr_consent=
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=0a28d24a-cf74-430f-bb09-6fcd90d36213-65b4777b-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=0a28d24a-cf74-430f-bb09-6fcd90d36213-65b4777b-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EB1F
Redirect Chain
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_9cf28c52-bcc3-11ee-b38e-126da42bc963&gdpr=0
42 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_9cf28c52-bcc3-11ee-b38e-126da42bc963&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_9cf28c52-bcc3-11ee-b38e-126da42bc963&gdpr=0
date
Sat, 27 Jan 2024 03:24:47 GMT
content-type
text/plain
Pug
simage2.pubmatic.com/AdServer/ Frame EB1F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=GxYHZq_DnYR8peAn_851_xrMe7PO2nbX7azw4MAivjA&pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
42 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=GxYHZq_DnYR8peAn_851_xrMe7PO2nbX7azw4MAivjA&pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=GxYHZq_DnYR8peAn_851_xrMe7PO2nbX7azw4MAivjA&pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT, Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EB1F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=481039510169595972
42 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=481039510169595972
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 27 Jan 2024 03:24:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=481039510169595972
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
vpaid_ef07200f.js
vpaid.springserve.com/production/ Frame 7336 		530 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_ef07200f.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24d7:ee00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0483daadda3d2e4c229fdce8d1f649cf6ad4176299867d4e66d4748ed7513bac

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:08:40 GMT
content-encoding
gzip
via
1.1 a598fd731d305353a077e1766dac2884.cloudfront.net (CloudFront)
last-modified
Thu, 26 Oct 2023 22:19:09 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P3
age
526568
x-amz-server-side-encryption
AES256
etag
W/"bcb9a826fdf2c845d2e7400c960d5f69"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2678400
x-amz-cf-id
obTXp_jQKrlFTLqcaasz0uArQM2Me8EmsWKL7BAT7cId-n8i4-6gLQ==
/
track.adform.net/Serving/Cookie/ Frame E18B 		91 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6550805774&rd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.230 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0c17cb36d6e7dab8669bfc0c92545308cb383d775b8c1a8edc5ead84345cc661
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
198
expires
-1
usync.html
eus.rubiconproject.com/ Frame 7CBA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=publicidad&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6550805774&rd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 27 Jan 2024 03:24:47 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 27 Jan 2024 03:24:47 GMT
location
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
server
AkamaiGHost
/
sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/ Frame E18B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=60aa20a9-e486-49a7-826c-1zz1706325785
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=5520a5b8-4f14-47af-8167-705984949485&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=richaudience&user_id=jYsQb8N8r4ztaE9h2fb10
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=5520a5b8-4f14-47af-8167-705984949485&gdpr=&gdpr_consent=&us_ps=
95 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=5520a5b8-4f14-47af-8167-705984949485&gdpr=&gdpr_consent=&us_ps=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6550805774&rd=1
Protocol
H2
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/png
date
Sat, 27 Jan 2024 03:23:06 GMT
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Location
//sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=5520a5b8-4f14-47af-8167-705984949485&gdpr=&gdpr_consent=&us_ps=
Date
Sat, 27 Jan 2024 03:24:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/ Frame E18B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&euconsent=&domain=sync.richaudience.com
95 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&euconsent=&domain=sync.richaudience.com
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6550805774&rd=1
Protocol
H2
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/png
date
Sat, 27 Jan 2024 03:23:05 GMT
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&euconsent=&domain=sync.richaudience.com
date
Sat, 27 Jan 2024 03:24:47 GMT
server
Kestrel
content-length
333
track
aktrack.pubmatic.com/ Frame CAA3 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325884&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:47 GMT
content-length
0
content-type
text/html
urlsvid.json
vpaid.vidoomy.com/sync/ Frame 7733 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Sat, 27 Jan 2024 03:24:47 GMT
content-encoding
gzip
x-age-lb
52025
x-amz-request-id
tx0000058ef62c2b4bdb730-0065b3ac46-2bbae03-prg
x-77-cache
HIT
x-amz-storage-class
STANDARD
x-accel-date
1706273862
x-77-nzt
A5ySJBY3Nzf/OcsAALk73xQ3NzexWbu8qUD97gA
x-accel-expires
@1707310662
x-77-age
52025
x-cache-lb
HIT
last-modified
Tue, 26 Dec 2023 20:45:55 GMT
server
CDN77-Turbo
x-amz-meta-s3cmd-attrs
atime:1703619207/ctime:1703619207/gid:1000/gname:federicoi/md5:d0bbf411bc053227f208739885ca90c0/mode:33204/mtime:1703619207/uid:1000/uname:federicoi
etag
W/"d0bbf411bc053227f208739885ca90c0"
x-77-nzt-ray
1e192d08904953337f77b465d6c16623
vary
Accept-Encoding, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-rgw-object-type
Normal
access-control-allow-credentials
true
timing-allow-origin
*
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 7336 		979 B
844 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325882847,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
996891e63f0025b546f457df41836d9e2dfbed89b51e5faaea9db4d8cd88e62b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
608
expires
Sat, 27 Jan 2024 03:24:47 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 7336 		964 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
053cf97ba2428be75b9a9ba980e6e2ba54c7b8320d321559e2282743b071c986

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
600
expires
Sat, 27 Jan 2024 03:24:47 GMT
usync.js
eus.rubiconproject.com/ Frame 7CBA 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5cfa4afdbef4f9b5d33790abf8244348412a27e7c166328b50fc5e7f5e8bdceb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:47 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Jan 2024 02:57:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84723
Connection
keep-alive
Content-Length
10901
Expires
Sun, 28 Jan 2024 02:56:50 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame F3EC 		159 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325882847,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:47 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
t
t.lkqd.net/ Frame 4536 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 27 Jan 2024 03:24:47 GMT
server
nginx
cookie
a.vidoomy.com/api/rtbserver/ Frame 7733
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=&us_privacy=
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LRVIDF5G-1Y-53O3&gdpr=0
43 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LRVIDF5G-1Y-53O3&gdpr=0
Protocol
HTTP/1.1
Server
212.36.83.245 Sant Vicenç dels Horts, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb1.vdmy.dtic.es
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:47 GMT
Content-Encoding
none
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LRVIDF5G-1Y-53O3&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
Expires
0
pbscookie
a.vidoomy.com/api/rtbserver/ Frame 7733
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3D70a21ae20dfbf74c5fa4b7af696db04c%26dspid%3Dopenx
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=0e06f90a-5a71-4401-9ee8-b8aade7d3758&vid=70a21ae20dfbf74c5fa4b7af696db04c&dspid=openx
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=0e06f90a-5a71-4401-9ee8-b8aade7d3758&vid=70a21ae20dfbf74c5fa4b7af696db04c&dspid=openx
Protocol
HTTP/1.1
Server
212.36.83.245 Sant Vicenç dels Horts, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb1.vdmy.dtic.es
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:48 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=0e06f90a-5a71-4401-9ee8-b8aade7d3758&vid=70a21ae20dfbf74c5fa4b7af696db04c&dspid=openx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166
pbscookie
a.vidoomy.com/api/rtbserver/ Frame 7733
Redirect Chain
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3D70a21ae20dfbf74c5fa4b7af696db04c%26dspid%3Dadf
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=481039510169595972&vid=70a21ae20dfbf74c5fa4b7af696db04c&dspid=adf
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=481039510169595972&vid=70a21ae20dfbf74c5fa4b7af696db04c&dspid=adf
Protocol
HTTP/1.1
Server
212.36.83.245 Sant Vicenç dels Horts, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb1.vdmy.dtic.es
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:48 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*

Redirect headers

location
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=481039510169595972&vid=70a21ae20dfbf74c5fa4b7af696db04c&dspid=adf
date
Sat, 27 Jan 2024 03:24:48 GMT
server
nginx
content-length
0
content-type
text/plain
khaos.json
token.rubiconproject.com/ Frame 7CBA 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LRVIDF5G-1Y-53O3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
Expires
0
async_usersync
ib.adnxs.com/ Frame 1BF0 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
an-x-request-uuid
116747cb-0b8a-4bb5-8f51-9049090e45c5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E576 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56812
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 27 Jan 2024 03:24:47 GMT
expires
Sat, 27 Jan 2024 19:11:39 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8B55 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
79077
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 Jan 2024 03:24:47 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
211813
X-Served-By
cache-lga21924-LGA
X-Timer
S1706325888.871814,VS0,VE0
sspmatch-iframe
ads.betweendigital.com/ Frame 382A 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-type
text/html
usync.html
eus.rubiconproject.com/ Frame 2780 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 27 Jan 2024 03:24:47 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
redir
rtb-csync.smartadserver.com/ Frame 372A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAG88U7LaO8AABO1UKlYcA&partnerid=127&gdpr=0
43 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partneruserid=AAG88U7LaO8AABO1UKlYcA&partnerid=127&gdpr=0
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partneruserid=AAG88U7LaO8AABO1UKlYcA&partnerid=127&gdpr=0
Date
Sat, 27 Jan 2024 03:24:47 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 372A
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=57406687-8359-414a-ba2e-983339914e7d&gdpr=0
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=57406687-8359-414a-ba2e-983339914e7d&gdpr=0
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=57406687-8359-414a-ba2e-983339914e7d&gdpr=0
date
Sat, 27 Jan 2024 03:24:47 GMT
content-length
0
/
wt.rqtrk.eu/ Frame 372A
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26...
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=4027850678975933537&gdpr_pd=0&gdpr=0&gdpr_consent=
43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=4027850678975933537&gdpr_pd=0&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.241.100 , Canada, ASN16276 (OVH, FR),
Reverse DNS
haproxy-ca-011.roqad.pl
Software
istio-envoy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type
image/gif
cache-control
no-cache,private
x-envoy-upstream-service-time
0
content-length
43
expires
Sat, 27 Jan 2024 03:24:47 GMT

Redirect headers

location
https://wt.rqtrk.eu?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=4027850678975933537&gdpr_pd=0&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pixel
cm.g.doubleclick.net/ Frame 372A
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDAyNzg1MDY3ODk3NTkzMzUzNw==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDAyNzg1MDY3ODk3NTkzMzUzNw==&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDAyNzg1MDY3ODk3NTkzMzUzNw==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 372A
Redirect Chain
  • https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=172d7189-394e-4638-832f-8590408566d1&gdpr=0&gdpr_consent=[GDPR_CONSENT]
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=172d7189-394e-4638-832f-8590408566d1&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 03:24:47 GMT
Server
nginx
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=172d7189-394e-4638-832f-8590408566d1&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame B76B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
79077
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 Jan 2024 03:24:47 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
212697
X-Served-By
cache-lga21958-LGA
X-Timer
S1706325888.884744,VS0,VE0
sspmatch-iframe
ads.betweendigital.com/ Frame 370D 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-type
text/html
usync.html
eus.rubiconproject.com/ Frame E5CF 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 27 Jan 2024 03:24:47 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B04E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56812
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 27 Jan 2024 03:24:47 GMT
expires
Sat, 27 Jan 2024 19:11:39 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
redir
rtb-csync.smartadserver.com/ Frame 2407
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAG88U7LaO8AABO1UKlYcA&partnerid=127&gdpr=0
43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partneruserid=AAG88U7LaO8AABO1UKlYcA&partnerid=127&gdpr=0
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partneruserid=AAG88U7LaO8AABO1UKlYcA&partnerid=127&gdpr=0
Date
Sat, 27 Jan 2024 03:24:47 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 2407
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=smartadserver&bsw=5520a5b8-4f14-47af-8167-705984949485
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=&ssp=smartadserver&bsw=5520a5b8-4f14-47af-8167-705984949485&chk=1
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=NDYxM2MxNDA0NzQ0YTA2YQ&gdpr=0&gdpr_consent=&us_privacy=&ssp=smartadserver&bsw_param=5520a5b8-4f14-47af-8167-705984949485
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=5520a5b8-4f14-47af-8167-705984949485&gdpr=0&gdpr_consent=
43 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=5520a5b8-4f14-47af-8167-705984949485&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=5520a5b8-4f14-47af-8167-705984949485&gdpr=0&gdpr_consent=
Date
Sat, 27 Jan 2024 03:24:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 2407
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=7e92928104
43 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=7e92928104
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Sat, 27 Jan 2024 03:24:25 GMT
via
1.1 b0d9885fa66f307673d2636510f36b60.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ATL58-P7
age
22
x-cache
Hit from cloudfront
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=7e92928104
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
-6k0VcvxzH3SQRWG6VNLvAh5krbKRWb7-rTw9f8wPYroAHNL3702ug==
/
rtb-csync.smartadserver.com/redir/ Frame 2407
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%2...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=2251e13d-722c-4884-b2f6-c68379352e13&gdpr=0&gdpr_consent=
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=2251e13d-722c-4884-b2f6-c68379352e13&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Sat, 27 Jan 2024 03:24:47 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=2251e13d-722c-4884-b2f6-c68379352e13&gdpr=0&gdpr_consent=
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 2407
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=&s=2
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=nmeEaVjnU38KmSVrV-bu&gdpr=0
43 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=nmeEaVjnU38KmSVrV-bu&gdpr=0
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 03:24:48 GMT
Content-Type
text/html; charset=utf-8
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=nmeEaVjnU38KmSVrV-bu&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
140
Expires
Thu, 01 Dec 1994 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 08E7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
79077
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 Jan 2024 03:24:47 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
211667
X-Served-By
cache-lga21959-LGA
X-Timer
S1706325888.956061,VS0,VE0
sspmatch-iframe
ads.betweendigital.com/ Frame FAB2 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-type
text/html
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3990 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56812
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 27 Jan 2024 03:24:47 GMT
expires
Sat, 27 Jan 2024 19:11:39 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 225D 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 27 Jan 2024 03:24:48 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
redir
rtb-csync.smartadserver.com/ Frame 6B72
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAG88U7LaO8AABO1UKlYcA&partnerid=127&gdpr=0
43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partneruserid=AAG88U7LaO8AABO1UKlYcA&partnerid=127&gdpr=0
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partneruserid=AAG88U7LaO8AABO1UKlYcA&partnerid=127&gdpr=0
Date
Sat, 27 Jan 2024 03:24:47 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 6B72
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=4702a7c3-4a31-4856-b9d9-3ab63a55712b&gdpr=0&gdpr_consent=
43 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=4702a7c3-4a31-4856-b9d9-3ab63a55712b&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=4702a7c3-4a31-4856-b9d9-3ab63a55712b&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1054837
content-length
0
expires
Sat, 27 Jan 2024 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 6B72
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=f13ff11e-70c9-48d5-9f0d-aff05ede43a5&gdpr_consent=null&gdpr=0
43 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=f13ff11e-70c9-48d5-9f0d-aff05ede43a5&gdpr_consent=null&gdpr=0
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=f13ff11e-70c9-48d5-9f0d-aff05ede43a5&gdpr_consent=null&gdpr=0
date
Sat, 27 Jan 2024 03:24:48 GMT
server
_
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 6B72
Redirect Chain
  • https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=7830607249730030491&gdpr=0&gdpr_consent=
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=7830607249730030491&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=7830607249730030491&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
/
rtb-csync.smartadserver.com/redir/ Frame 6B72
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7328613885281106071&gdpr=0&gdpr_consent=
43 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7328613885281106071&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7328613885281106071&gdpr=0&gdpr_consent=
Date
Sat, 27 Jan 2024 03:24:48 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0AB6 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
79077
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 Jan 2024 03:24:47 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
211529
X-Served-By
cache-lga21942-LGA
X-Timer
S1706325888.961836,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 803B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56812
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 27 Jan 2024 03:24:47 GMT
expires
Sat, 27 Jan 2024 19:11:39 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 35FF 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 27 Jan 2024 03:24:47 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame 4A16 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-type
text/html
/
rtb-csync.smartadserver.com/redir/ Frame AB4D
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=7e92928104
43 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=7e92928104
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Sat, 27 Jan 2024 03:24:30 GMT
via
1.1 b0d9885fa66f307673d2636510f36b60.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ATL58-P7
age
17
x-cache
Hit from cloudfront
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=7e92928104
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
I3uRbZE4CV1Z1T9QvtUZ_GBKpMuoDvLkr4A_b3Q3MtO_FOo7q8Q1Cw==
/
rtb-csync.smartadserver.com/redir/ Frame AB4D
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=5554114585976271850&gdpr=0&gdpr_consent=
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=5554114585976271850&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
an-x-request-uuid
eff3bc61-e91b-4386-b352-95856af217ff
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=5554114585976271850&gdpr=0&gdpr_consent=
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame AB4D
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0a16220400d2b5865bd61592&gdpr=0&gdpr_consent=
43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0a16220400d2b5865bd61592&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0a16220400d2b5865bd61592&gdpr=0&gdpr_consent=
date
Sat, 27 Jan 2024 03:24:48 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
264.gif
id5-sync.com/k/ Frame AB4D
Redirect Chain
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=ea18b846-2890-45b5-bb97-1db97e1acc8a&ttl=%%TTL%%
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/264.gif?puid=ea18b846-2890-45b5-bb97-1db97e1acc8a&ttl=%%TTL%%
Protocol
H2
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:47 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
text/html;charset=utf-8

Redirect headers

location
https://id5-sync.com/k/264.gif?puid=ea18b846-2890-45b5-bb97-1db97e1acc8a&ttl=%%TTL%%
date
Sat, 27 Jan 2024 03:24:48 GMT
server
Kestrel
content-length
199
/
rtb-csync.smartadserver.com/redir/ Frame AB4D
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_conse...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent=
43 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent=
date
Sat, 27 Jan 2024 03:24:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
async_usersync.html
acdn.adnxs.com/dmp/ Frame AA0C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
79078
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 Jan 2024 03:24:47 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
212698
X-Served-By
cache-lga21958-LGA
X-Timer
S1706325888.970689,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame A843 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 27 Jan 2024 03:24:48 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame 7E98 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-type
text/html
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3CFD 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56812
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 27 Jan 2024 03:24:47 GMT
expires
Sat, 27 Jan 2024 19:11:39 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
rtb-csync.smartadserver.com/redir/ Frame 9243
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=7e92928104
43 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=7e92928104
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Sat, 27 Jan 2024 03:24:30 GMT
via
1.1 b0d9885fa66f307673d2636510f36b60.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ATL58-P7
age
18
x-cache
Hit from cloudfront
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=7e92928104
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
wydHjjMADj-VpR2M3RGxKxVTnNEYqU2K73yglEP_vMG3yfJHMAoR6Q==
/
rtb-csync.smartadserver.com/redir/ Frame 9243
Redirect Chain
  • https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=5b7e0147-082c-4b5d-92cf-2fe7fb610a19&gdpr=0&gdpr_consent=[GDPR_CONSENT]
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=5b7e0147-082c-4b5d-92cf-2fe7fb610a19&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 03:24:48 GMT
Server
nginx
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=5b7e0147-082c-4b5d-92cf-2fe7fb610a19&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 9243
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=&s=2
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=nmeEaVjnU38KmSVrV-bu&gdpr=0
43 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=nmeEaVjnU38KmSVrV-bu&gdpr=0
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 03:24:48 GMT
Content-Type
text/html; charset=utf-8
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=nmeEaVjnU38KmSVrV-bu&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
140
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 9243
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=323ac30330a93ceb331e0fd5eb382862&gdpr=0&gdpr_consent=0
43 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=323ac30330a93ceb331e0fd5eb382862&gdpr=0&gdpr_consent=0
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=323ac30330a93ceb331e0fd5eb382862&gdpr=0&gdpr_consent=0
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
0
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 9243
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NDAyNzg1MDY3ODk3NTkzMzUzNw==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELvH8ST_n_RCUCuoDPhCfqI&gdpr=0&gdpr_consent=&google_cver=1
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELvH8ST_n_RCUCuoDPhCfqI&gdpr=0&gdpr_consent=&google_cver=1
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELvH8ST_n_RCUCuoDPhCfqI&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame E9A4 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 27 Jan 2024 03:24:48 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame BEE6 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-type
text/html
async_usersync.html
acdn.adnxs.com/dmp/ Frame 50BA 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
79077
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 Jan 2024 03:24:48 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
211530
X-Served-By
cache-lga21942-LGA
X-Timer
S1706325888.060768,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3216 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56811
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 27 Jan 2024 03:24:48 GMT
expires
Sat, 27 Jan 2024 19:11:39 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
rtb-csync.smartadserver.com/redir/ Frame C240
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=4702a7c3-4a31-4856-b9d9-3ab63a55712b&gdpr=0&gdpr_consent=
43 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=4702a7c3-4a31-4856-b9d9-3ab63a55712b&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=4702a7c3-4a31-4856-b9d9-3ab63a55712b&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
787743
content-length
0
expires
Sat, 27 Jan 2024 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame C240
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%2...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=2251e13d-722c-4884-b2f6-c68379352e13&gdpr=0&gdpr_consent=
43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=2251e13d-722c-4884-b2f6-c68379352e13&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Sat, 27 Jan 2024 03:24:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=2251e13d-722c-4884-b2f6-c68379352e13&gdpr=0&gdpr_consent=
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame C240
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=7e92928104
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=7e92928104
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Sat, 27 Jan 2024 03:24:30 GMT
via
1.1 b0d9885fa66f307673d2636510f36b60.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ATL58-P7
age
18
x-cache
Hit from cloudfront
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=7e92928104
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
WsphTfmY-aUHWxRCxKrof7VhTjX9ZlPKAa8TADVu_qWvr__-gbKCjA==
/
wt.rqtrk.eu/ Frame C240
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26...
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=4027850678975933537&gdpr_pd=0&gdpr=0&gdpr_consent=
43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=4027850678975933537&gdpr_pd=0&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.241.100 , Canada, ASN16276 (OVH, FR),
Reverse DNS
haproxy-ca-011.roqad.pl
Software
istio-envoy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type
image/gif
cache-control
no-cache,private
x-envoy-upstream-service-time
0
content-length
43
expires
Sat, 27 Jan 2024 03:24:47 GMT

Redirect headers

location
https://wt.rqtrk.eu?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=4027850678975933537&gdpr_pd=0&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame C240
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&gdpr_consent=
43 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&gdpr_consent=
date
Sat, 27 Jan 2024 03:24:48 GMT
server
Kestrel
content-length
299
usync.html
eus.rubiconproject.com/ Frame 9E07 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 27 Jan 2024 03:24:48 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame DF87 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
79078
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 Jan 2024 03:24:48 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
212699
X-Served-By
cache-lga21958-LGA
X-Timer
S1706325888.083347,VS0,VE0
sspmatch-iframe
ads.betweendigital.com/ Frame 3BAA 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-type
text/html
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DD92 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56811
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 27 Jan 2024 03:24:48 GMT
expires
Sat, 27 Jan 2024 19:11:39 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
rtb-csync.smartadserver.com/redir/ Frame 1FD8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=2809753620617690363&expires=30&ssp=smartadserver
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=5520a5b8-4f14-47af-8167-705984949485&gdpr=&gdpr_consent=
43 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=5520a5b8-4f14-47af-8167-705984949485&gdpr=&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=5520a5b8-4f14-47af-8167-705984949485&gdpr=&gdpr_consent=
Date
Sat, 27 Jan 2024 03:24:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1FD8
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDAyNzg1MDY3ODk3NTkzMzUzNw==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDAyNzg1MDY3ODk3NTkzMzUzNw==&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDAyNzg1MDY3ODk3NTkzMzUzNw==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
p
a.audrte.com/ Frame 1FD8
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MmdhR2NnWURJeEZUemlrZC10VVJoWHlIQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZ...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDJnYUdjZ1lESXhGVHppa2Qt...
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...
  • https://a.audrte.com/a?adform_uid=481039510169595972&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MD...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=2gaGcgYDIxFTzikd-tURhXyHA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991...
  • https://a.audrte.com/match?uid=4027850678975933537&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p?
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p?
Protocol
HTTP/1.1
Server
52.16.166.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-166-255.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:49 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sat, 27 Jan 2024 03:24:48 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com/p?
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 1FD8
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=2h3irtsft_jBHLX-3xmtq9Ubtf7BGrmr3RnFEblL
43 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=2h3irtsft_jBHLX-3xmtq9Ubtf7BGrmr3RnFEblL
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=2h3irtsft_jBHLX-3xmtq9Ubtf7BGrmr3RnFEblL
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 1FD8
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=CxTYaqsNLmpX&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=CxTYaqsNLmpX&ev=1&pid=560288&gdpr_consent=&gdpr=0
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=CxTYaqsNLmpX&ev=1&pid=560288&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-c7l2w
expires
-1
sspmatch-iframe
ads.betweendigital.com/ Frame 8BCD 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-type
text/html
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5187 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
79077
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 Jan 2024 03:24:48 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
211668
X-Served-By
cache-lga21959-LGA
X-Timer
S1706325888.086987,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B666 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56811
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 27 Jan 2024 03:24:48 GMT
expires
Sat, 27 Jan 2024 19:11:39 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 600C 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 27 Jan 2024 03:24:48 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
rtb-csync.smartadserver.com/redir/ Frame E845
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%2...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=2251e13d-722c-4884-b2f6-c68379352e13&gdpr=0&gdpr_consent=
43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=2251e13d-722c-4884-b2f6-c68379352e13&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Sat, 27 Jan 2024 03:24:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=2251e13d-722c-4884-b2f6-c68379352e13&gdpr=0&gdpr_consent=
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame E845
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7328613885283858585&gdpr=0&gdpr_consent=
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7328613885283858585&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7328613885283858585&gdpr=0&gdpr_consent=
Date
Sat, 27 Jan 2024 03:24:48 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
/
rtb-csync.smartadserver.com/redir/ Frame E845
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NDAyNzg1MDY3ODk3NTkzMzUzNw==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELvH8ST_n_RCUCuoDPhCfqI&gdpr=0&gdpr_consent=&google_cver=1
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELvH8ST_n_RCUCuoDPhCfqI&gdpr=0&gdpr_consent=&google_cver=1
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELvH8ST_n_RCUCuoDPhCfqI&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame E845
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4027850678975933537&gdpr=0&gdpr_consent=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4027850678975933537&gdpr=0&gdpr_consent=
Protocol
H2
Server
50.19.82.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-82-102.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:48 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4027850678975933537&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
usermatch
ssum-sec.casalemedia.com/ Frame E845 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
usync.html
eus.rubiconproject.com/ Frame AF4A 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 27 Jan 2024 03:24:48 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame C0F8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
79077
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 Jan 2024 03:24:48 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
211815
X-Served-By
cache-lga21924-LGA
X-Timer
S1706325888.090976,VS0,VE0
sspmatch-iframe
ads.betweendigital.com/ Frame 4793 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-type
text/html
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5BE1 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56811
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 27 Jan 2024 03:24:48 GMT
expires
Sat, 27 Jan 2024 19:11:39 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
rtb-csync.smartadserver.com/redir/ Frame AD95
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=&s=2
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=nmeEaVjnU38KmSVrV-bu&gdpr=0
43 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=nmeEaVjnU38KmSVrV-bu&gdpr=0
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 03:24:48 GMT
Content-Type
text/html; charset=utf-8
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=nmeEaVjnU38KmSVrV-bu&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
140
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame AD95
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NDAyNzg1MDY3ODk3NTkzMzUzNw==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELvH8ST_n_RCUCuoDPhCfqI&gdpr=0&gdpr_consent=&google_cver=1
43 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELvH8ST_n_RCUCuoDPhCfqI&gdpr=0&gdpr_consent=&google_cver=1
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELvH8ST_n_RCUCuoDPhCfqI&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame AD95
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_conse...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent=
43 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent=
date
Sat, 27 Jan 2024 03:24:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame AD95
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MmdhN3RJRnNSNE9RTU9wMFVmZXpQR3FUdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZ...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDJnYTd0SUZzUjRPUU1PcDBV...
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...
  • https://a.audrte.com/a?adform_uid=481039510169595972&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MD...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=2gaGcgYDIxFTzikd-tURhXyHA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991...
  • https://a.audrte.com/match?uid=4027850678975933537&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p?
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p?
Protocol
HTTP/1.1
Server
52.16.166.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-166-255.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:49 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sat, 27 Jan 2024 03:24:48 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com/p?
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame AD95
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005&rndcb=2486051683
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=5520a5b8-4f14-47af-8167-705984949485&google_hm=NTUyMGE1YjgtNGYxNC00N2FmLTgxNjctNzA1OTg0OTQ5...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENJXa2e0CfMx5zhj1Em_RrQ&google_cver=1&ssp=adconductor&bsw_param=5520a5b8-4f14-47af-8167-705984949485
  • https://sync.1rx.io/usersync/bidswitch/5520a5b8-4f14-47af-8167-705984949485?gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-6db02d9c-3...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005
43 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005
date
Sat, 27 Jan 2024 03:24:48 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX6db02d9c30dd4c5d9287813b93805cd3005
content-type
text/html
sspmatch-iframe
ads.betweendigital.com/ Frame 0493 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-type
text/html
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FC98 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56811
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 27 Jan 2024 03:24:48 GMT
expires
Sat, 27 Jan 2024 19:11:39 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3735 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
79077
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 Jan 2024 03:24:48 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
212943
X-Served-By
cache-lga21939-LGA
X-Timer
S1706325888.095849,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame CD24 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 27 Jan 2024 03:24:48 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
rtb-csync.smartadserver.com/redir/ Frame CE29
Redirect Chain
  • https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=7830607249730030491&gdpr=0&gdpr_consent=
43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=7830607249730030491&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=7830607249730030491&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
/
rtb-csync.smartadserver.com/redir/ Frame CE29
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&gdpr_consent=
43 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=ea18b846-2890-45b5-bb97-1db97e1acc8a&gdpr=0&gdpr_consent=
date
Sat, 27 Jan 2024 03:24:48 GMT
server
Kestrel
content-length
299
/
rtb-csync.smartadserver.com/redir/ Frame CE29
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=2h3irtsft_jBHLX-3xmtq9Ubtf7BGrmr3RnFEblL
43 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=2h3irtsft_jBHLX-3xmtq9Ubtf7BGrmr3RnFEblL
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=2h3irtsft_jBHLX-3xmtq9Ubtf7BGrmr3RnFEblL
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame CE29
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7328613885282941086&gdpr=0&gdpr_consent=
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7328613885282941086&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7328613885282941086&gdpr=0&gdpr_consent=
Date
Sat, 27 Jan 2024 03:24:48 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
/
rtb-csync.smartadserver.com/redir/ Frame CE29
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=4702a7c3-4a31-4856-b9d9-3ab63a55712b&gdpr=0&gdpr_consent=
43 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=4702a7c3-4a31-4856-b9d9-3ab63a55712b&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:47 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=4702a7c3-4a31-4856-b9d9-3ab63a55712b&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
598562
content-length
0
expires
Sat, 27 Jan 2024 00:00:00 GMT
/
sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/ Frame 7CBA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=publicidad&gdpr=0&gdpr_consent=&gdpr=0&khaos=LRVIDF5G-1Y-53O3
  • https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LRVIDF5G-1Y-53O3&gdpr=0
95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LRVIDF5G-1Y-53O3&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Protocol
H2
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/png
date
Sat, 27 Jan 2024 03:23:06 GMT
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LRVIDF5G-1Y-53O3&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
Expires
0
/
sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/ Frame E18B 		95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/?gdpr=0&gdpr_consent=&uid=481039510169595972
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6550805774&rd=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6550805774&rd=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/png
date
Sat, 27 Jan 2024 03:23:06 GMT
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
usync.js
eus.rubiconproject.com/ Frame 2780 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5cfa4afdbef4f9b5d33790abf8244348412a27e7c166328b50fc5e7f5e8bdceb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:48 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Jan 2024 02:57:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84722
Connection
keep-alive
Content-Length
10901
Expires
Sun, 28 Jan 2024 02:56:50 GMT
async_usersync
ib.adnxs.com/ Frame CFB1 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
an-x-request-uuid
8c75399c-a4e9-4db2-9e4b-21b8324126b1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 576D 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
an-x-request-uuid
5cfa9921-cf95-49ce-9169-59b7ba1bbd2d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame FCB4 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
an-x-request-uuid
68682902-0473-4f3d-ac23-c2865d708f83
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame E5CF 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5cfa4afdbef4f9b5d33790abf8244348412a27e7c166328b50fc5e7f5e8bdceb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:48 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Jan 2024 02:57:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84722
Connection
keep-alive
Content-Length
10901
Expires
Sun, 28 Jan 2024 02:56:50 GMT
usync.js
eus.rubiconproject.com/ Frame 35FF 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5cfa4afdbef4f9b5d33790abf8244348412a27e7c166328b50fc5e7f5e8bdceb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:48 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Jan 2024 02:57:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84722
Connection
keep-alive
Content-Length
10901
Expires
Sun, 28 Jan 2024 02:56:50 GMT
usync.js
eus.rubiconproject.com/ Frame 225D 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5cfa4afdbef4f9b5d33790abf8244348412a27e7c166328b50fc5e7f5e8bdceb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:48 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Jan 2024 02:57:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84722
Connection
keep-alive
Content-Length
10901
Expires
Sun, 28 Jan 2024 02:56:50 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame F235 		39 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325882847,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40024
content-encoding
gzip
content-length
14529
content-type
text/html
date
Sat, 27 Jan 2024 03:24:48 GMT
expires
Sat, 27 Jan 2024 14:31:52 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame F3EC 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325882847,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:48 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=40024
accept-ranges
bytes
content-length
14529
expires
Sat, 27 Jan 2024 14:31:52 GMT
async_usersync
ib.adnxs.com/ Frame 8B55 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
an-x-request-uuid
71b78d85-7c77-4268-b836-dcd72c516f6a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame B76B 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
an-x-request-uuid
5cdab21e-9220-4875-97a7-83f79b99a22c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 08E7 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
an-x-request-uuid
36c0ceae-52b5-4e59-b58d-2ddec3f5a3b0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0AB6 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
an-x-request-uuid
1c9cce9e-1287-4ef5-86e1-17bd397c6ba2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame A843 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5cfa4afdbef4f9b5d33790abf8244348412a27e7c166328b50fc5e7f5e8bdceb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:48 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Jan 2024 02:57:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84722
Connection
keep-alive
Content-Length
10901
Expires
Sun, 28 Jan 2024 02:56:50 GMT
usync.js
eus.rubiconproject.com/ Frame E9A4 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5cfa4afdbef4f9b5d33790abf8244348412a27e7c166328b50fc5e7f5e8bdceb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:48 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Jan 2024 02:57:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84722
Connection
keep-alive
Content-Length
10901
Expires
Sun, 28 Jan 2024 02:56:50 GMT
usync.js
eus.rubiconproject.com/ Frame 9E07 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5cfa4afdbef4f9b5d33790abf8244348412a27e7c166328b50fc5e7f5e8bdceb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:48 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Jan 2024 02:57:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84722
Connection
keep-alive
Content-Length
10901
Expires
Sun, 28 Jan 2024 02:56:50 GMT
usync.js
eus.rubiconproject.com/ Frame AF4A 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5cfa4afdbef4f9b5d33790abf8244348412a27e7c166328b50fc5e7f5e8bdceb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:48 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Jan 2024 02:57:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84722
Connection
keep-alive
Content-Length
10901
Expires
Sun, 28 Jan 2024 02:56:50 GMT
usync.js
eus.rubiconproject.com/ Frame 600C 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5cfa4afdbef4f9b5d33790abf8244348412a27e7c166328b50fc5e7f5e8bdceb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:48 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Jan 2024 02:57:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84722
Connection
keep-alive
Content-Length
10901
Expires
Sun, 28 Jan 2024 02:56:50 GMT
async_usersync
ib.adnxs.com/ Frame AA0C 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
an-x-request-uuid
72a99674-6642-4162-84d8-bd485a3cd2ad
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame CD24 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5cfa4afdbef4f9b5d33790abf8244348412a27e7c166328b50fc5e7f5e8bdceb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:48 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Jan 2024 02:57:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84722
Connection
keep-alive
Content-Length
10901
Expires
Sun, 28 Jan 2024 02:56:50 GMT
async_usersync
ib.adnxs.com/ Frame 50BA 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
an-x-request-uuid
9e66ce27-67d5-48f8-bbdc-515aca78fe56
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame DF87 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
an-x-request-uuid
2bb6dacb-a3cb-4233-9bbe-14fbfc929449
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5187 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
an-x-request-uuid
5e355a96-4520-4b85-ae7d-3bb375f6cdf1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame C0F8 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
an-x-request-uuid
793372b3-b231-4ccc-b236-6a20e9c37b29
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3735 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:48 GMT
an-x-request-uuid
de70d4d7-4c19-4ef3-831c-e96609f2401b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame F3EC 		27 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325882847,,&kltstamp=2024-1-26%2017%3A24%3A48&ranreq=0.7806400875081692&timezone=-10&us_privacy=&cb=1706325888163&SAVersion=2&inIframe=1&pageURL=&screenResolution=-1x-1&kdntuid=1&vwndh=0&vwndw=0&vwndurl=&vwndref=&vc=2&js=1&sec=1
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325882847,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:48 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://wbz-tavnsz.net
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame F3EC 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325889&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.36 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 3F15 		159 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:49 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
track
aktrack.pubmatic.com/ Frame 7336 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325887&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:49 GMT
content-length
0
content-type
text/html
SPug
simage4.pubmatic.com/AdServer/ Frame EB1F 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156383&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
showad.js
ads.pubmatic.com/AdServer/js/ Frame 83A5 		39 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40023
content-encoding
gzip
content-length
14529
content-type
text/html
date
Sat, 27 Jan 2024 03:24:49 GMT
expires
Sat, 27 Jan 2024 14:31:52 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3F15 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:49 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=40023
accept-ranges
bytes
content-length
14529
expires
Sat, 27 Jan 2024 14:31:52 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 83A5 		913 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60489112&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1987b8161006317895c30c4064d3dee5e9f8fd77c19f4f5652c3e574cd508c8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 27 Jan 2024 03:24:49 GMT
content-length
913
content-type
text/html; charset=UTF-8
async_usersync
ib.adnxs.com/ Frame 8B55 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:49 GMT
an-x-request-uuid
fd112dff-c58a-47b9-b0c6-9523d2b2f127
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame B76B 		0
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:49 GMT
an-x-request-uuid
6bd49659-ca14-4f74-9f68-db57e0469887
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 83A5 		0
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.15.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-15-86.atl58.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:49 GMT
via
1.1 35ccb6cc125c2f90120be4104c394baa.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ATL58-P2
content-length
0
x-amz-cf-id
9g-_2_rcoiggh1ek7LSa5NHUUHINNmGv76OYoxr75z-84GNmWKd_2w==
x-cache
Error from cloudfront
db_sync
px.ads.linkedin.com/ Frame 83A5
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent=
  • https://pippio.com/api/sync?pid=5324&it=1&iv=9514ef1a70cae9a4e687eba5b475580b265418c15d7eb2165b214ca565623491791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=9514ef1a70cae9a4e687eba5b475580b265418c15d7eb2165b214ca565623491791426b5417dce21&rand=06656222
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=9514ef1a70cae9a4e687eba5b475580b265418c15d7eb2165b214ca565623491791426b5417dce21&rand=06656222
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:48 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: BA5EC6AC7D004B4FB0C486ADEDA11DA1 Ref B: EWR30EDGE1608 Ref C: 2024-01-27T03:24:49Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYP5PSClxZro7EIFvkT0g==

Redirect headers

date
Sat, 27 Jan 2024 03:24:49 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=9514ef1a70cae9a4e687eba5b475580b265418c15d7eb2165b214ca565623491791426b5417dce21&rand=06656222
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=7A05A1EB-E839-419A-981D-8D23A8FF1E05/gdpr=0/ Frame 83A5 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=7A05A1EB-E839-419A-981D-8D23A8FF1E05/gdpr=0/gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-57-44.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:49 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.7.39
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 83A5 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:49 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
Pug
simage2.pubmatic.com/AdServer/ Frame 83A5
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b5cd31c0-6b62-4732-961f-d87a56fbf45a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b5cd31c0-6b62-4732-961f-d87a56fbf45a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 27 Jan 2024 03:24:49 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b5cd31c0-6b62-4732-961f-d87a56fbf45a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sat, 27 Jan 2024 03:24:49 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
async_usersync
ib.adnxs.com/ Frame 08E7 		0
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:49 GMT
an-x-request-uuid
4409e722-8805-4eba-b24a-e4e45b0292e1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0AB6 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:49 GMT
an-x-request-uuid
2f23a3a6-1057-4957-bec1-8754cc78da91
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame AA0C 		0
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:49 GMT
an-x-request-uuid
62b73ff2-0a20-49c7-acc0-dd2759c8213a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 50BA 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:49 GMT
an-x-request-uuid
61373a7a-2208-4647-8e91-b11bca2d8ea9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame DF87 		0
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:49 GMT
an-x-request-uuid
806bf57b-8218-48b5-87f8-a2e489c3d786
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5187 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:49 GMT
an-x-request-uuid
9676875c-2dbc-4c44-b8a9-49ab6e3e9be1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame C0F8 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:49 GMT
an-x-request-uuid
eec9b136-d68d-4865-9623-9d5419a6e7c5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3735 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:49 GMT
an-x-request-uuid
29ad4db0-2040-4032-bf71-3ef4d5a227ef
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 3F15 		27 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,&us_privacy=&cb=1706325889152&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwbz-tavnsz.net%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwbz-tavnsz.net%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2024-1-26%2017:24:49&ranreq=0.2440500967655721&timezone=-10&sua_br=[]&sua_mob=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:49 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://wbz-tavnsz.net
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame 3F15 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325890&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.36 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
track
aktrack.pubmatic.com/ Frame 7336 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325887&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:49 GMT
content-length
0
content-type
text/html
i
vid-io-iad.springserve.com/vd/ Frame 7336 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=d4264888&ps_id=356921&event=js_opportunity&time_on_page=2&num_bq_pt=1&num_dt_pt=2&timestamp=1706325889748&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=d668e612-08a1-4d5c-afc4-e392da36664b.1706325882847&uuid=d4264888-ee3a-46c0-ad0a-05d5c00bdbe8&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&a_cc=s.356921&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=356071
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:49 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame 7336 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=d4264888&ps_id=356921&event=cm_js_demand_req_resp&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=34&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1706325889748&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=d668e612-08a1-4d5c-afc4-e392da36664b.1706325882847&uuid=d4264888-ee3a-46c0-ad0a-05d5c00bdbe8&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=5095036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:49 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-dub.springserve.com/vd/ Frame 7336 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-dub.springserve.com/vd/i?suuid=d4264888&ps_id=356921&event=js_demand_opportunity&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=0&creative_type=JS_VPAID&_t1=1&timestamp=1706325889748&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=d668e612-08a1-4d5c-afc4-e392da36664b.1706325882847&uuid=d4264888-ee3a-46c0-ad0a-05d5c00bdbe8&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=1196282
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.245.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-245-60.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:49 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame 7336 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=d4264888&ps_id=356921&event=cm_js_demand_req_resp&a_cc=s.356921-d.1183021&dtidx=1&cc_i=0&response_time=51&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1706325889748&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=d668e612-08a1-4d5c-afc4-e392da36664b.1706325882847&uuid=d4264888-ee3a-46c0-ad0a-05d5c00bdbe8&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=5359600
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:49 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-sin.springserve.com/vd/ Frame 7336 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-sin.springserve.com/vd/i?suuid=d4264888&ps_id=356921&event=js_demand_error&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=1509&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1706325889748&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=d668e612-08a1-4d5c-afc4-e392da36664b.1706325882847&uuid=d4264888-ee3a-46c0-ad0a-05d5c00bdbe8&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=9887124
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.125.59 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-125-59.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:49 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-sin.springserve.com/vd/ Frame 7336 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-sin.springserve.com/vd/i?suuid=d4264888&ps_id=356921&event=js_demand_opportunity&a_cc=s.356921-d.1183021&dtidx=1&cc_i=0&response_time=0&creative_type=JS_VPAID&_t1=1&timestamp=1706325889748&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=d668e612-08a1-4d5c-afc4-e392da36664b.1706325882847&uuid=d4264888-ee3a-46c0-ad0a-05d5c00bdbe8&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=726319
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.125.59 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-125-59.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:49 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame 7336 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=d4264888&ps_id=356921&event=js_demand_error&a_cc=s.356921-d.1183021&dtidx=1&cc_i=0&response_time=659&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1706325889748&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=d668e612-08a1-4d5c-afc4-e392da36664b.1706325882847&uuid=d4264888-ee3a-46c0-ad0a-05d5c00bdbe8&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=3084521
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:49 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame 7336 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=d4264888&ps_id=356921&event=js_supply_error&time_on_page=2205&reason=NO_FILL&timeout=false&timestamp=1706325889748&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=d668e612-08a1-4d5c-afc4-e392da36664b.1706325882847&uuid=d4264888-ee3a-46c0-ad0a-05d5c00bdbe8&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&a_cc=s.356921&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=3126293
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:49 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
t
t.lkqd.net/ Frame 4536 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:50 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 27 Jan 2024 03:24:50 GMT
server
nginx
PugMaster
image6.pubmatic.com/AdServer/ Frame EB1F 		577 B
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62895743&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1408a82786c2cfe9bc7edc6d3bfee3243ca994b47abd64b9f1020af9683a0eb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 27 Jan 2024 03:24:49 GMT
content-length
577
content-type
text/html; charset=UTF-8
match
ads.betweendigital.com/ Frame 7733 		68 B
598 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/match?bidder_id=261&external_user_id=70a21ae20dfbf74c5fa4b7af696db04c
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
/
bpi.rtactivate.com/tag/ Frame EB1F 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.233.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-233-220.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:50 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
52164
i6.liadm.com/s/ Frame EB1F
Redirect Chain
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=7A05A1EB-E839-419A-981D-8D23A8FF1E05
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&_li_chk=true&previous_uuid=a221e9018812460991e312008b376dd4
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7830607249730030491
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=a221e901-8812-4609-91e3-12008b376dd4
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=liveintent
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=481039510169595972&ssp=liveintent
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=5520a5b8-4f14-47af-8167-705984949485
  • https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=5520a5b8-4f14-47af-8167-705984949485
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=5520a5b8-4f14-47af-8167-705984949485
Protocol
HTTP/1.1
Server
2600:1f18:ed:550f:6f5e:c54f:5770:5695 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:50 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=5520a5b8-4f14-47af-8167-705984949485
Date
Sat, 27 Jan 2024 03:24:50 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
qmap
sync.crwdcntrl.net/ Frame EB1F 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7A05A1EB-E839-419A-981D-8D23A8FF1E05&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-57-44.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:50 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.58.17
content-length
49
expires
0
/
io.narrative.io/ Frame EB1F
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:7A05A1EB-E839-419A-981D-8D23A8FF1E05
  • https://io.narrative.io/?io.narrative.guid.v2=a1205780-bcc3-11ee-b039-16c962239a11&companyId=673&id=pubmatic_id:7A05A1EB-E839-419A-981D-8D23A8FF1E05
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=a1205780-bcc3-11ee-b039-16c962239a11&companyId=673&id=pubmatic_id:7A05A1EB-E839-419A-981D-8D23A8FF1E05
Protocol
HTTP/1.1
Server
34.199.67.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-67-71.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 03:24:50 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=a1205780-bcc3-11ee-b039-16c962239a11&companyId=673&id=pubmatic_id:7A05A1EB-E839-419A-981D-8D23A8FF1E05
Date
Sat, 27 Jan 2024 03:24:50 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
ad
v.lkqd.net/ Frame 587C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1181913&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C64027%2C1%2C&c4=true&c5=&c6=64027&c10=&c11=true&c12=&c13=true&c14=&c15=true&rnd=32410303&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
3b2f19e0a9e9b115af904a216ee89b5029be6829491bf37e965c52bc617cdc7b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:50 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1447
vpaid.js
ad.lkqd.net/vpaid/ Frame 1A21 		230 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.252.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.252.110.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
IktgKK_KJgLxSedeIEpHPiaaFUcsadbM
via
1.1 google
content-encoding
br
date
Thu, 04 Jan 2024 19:10:42 GMT
x-amz-request-id
476APBNJQQ3R1V1M
age
1930448
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57258
x-amz-id-2
p3uC/AaM/o90zq9/Clng77lZLO0wcy/XWxS2Fx8u8Yrk7UVdUreAvZTrRcul3C5YH6YyDFyDly4=
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
server
AmazonS3
etag
W/"88ca76abee51b1544e17b021f04aaaed"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=604800
accept-ranges
none
usync.html
ad.lkqd.net/cookie-sync/ Frame 9BC9 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.252.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.252.110.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
age
1815676
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=604800
content-encoding
br
content-length
1772
content-type
text/html
date
Sat, 06 Jan 2024 03:03:34 GMT
etag
W/"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 google
x-amz-id-2
L3LOmaJJVga2tk2X9AQfAwESA6eToYnwJFCBmMthhEVtyMCD8U/aFqIdkihDt7AooPQAoioCsVU=
x-amz-replication-status
COMPLETED
x-amz-request-id
CD9K3YB2GTBF13FA
x-amz-version-id
NI253OTV2M5oCpTwsHBLVZgCVbG2a6IX
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1181913&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C64027%2C1%2C&c4=true&c5=&c6=64027&c10=&c11=true&c12=&c13=true&c14=&c15=true&rnd=32410303&m=&rtv=1&thost=wbz-tavnsz.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Sat, 27 Jan 2024 03:24:50 GMT
server
nginx
ad
v.lkqd.net/ Frame 1A21 		44 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1181913&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C64027%2C1%2C&c4=true&c5=&c6=64027&c10=&c11=true&c12=&c13=true&c14=&c15=true&rnd=32410303&m=&rtv=1&thost=wbz-tavnsz.net
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
351c1c3d5c2adb66b7e287b1b9e9ea8ae2a7346aaf1e8d458c7fd52f5cf169ba

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 27 Jan 2024 03:24:50 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4566
cs
cs.lkqd.net/ Frame 1A21
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=v
  • https://cs.lkqd.net/cs?partnerId=109&partnerUserId=7e92928104&gdpr=0&gdpr_consent=
43 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=7e92928104&gdpr=0&gdpr_consent=
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:50 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Sat, 27 Jan 2024 03:24:50 GMT
via
1.1 b0d9885fa66f307673d2636510f36b60.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ATL58-P7
x-cache
Miss from cloudfront
location
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=7e92928104&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
Q3lbeX8rxNStMlnZS7geaxO9_oMHWlwVkHoOShINSwuxnsZSdielSA==
33787225
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 9478 		788 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/33787225?schain=1.0%2C1%21vidoomy.com%2C64027%2C1%2C20105316949007868344047308402,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
0109081dce9108ac53720abf6934457dd2f80c7ce1161c6d843c5d92a9f910b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 03:24:50 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://wbz-tavnsz.net
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1706325890742018-131
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 9478 		28 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473012&zone_id=2804598&size_id=203&p_aso.video.protocols=2,5,3,6,7,8,11,12&p_aso.video.maxduration=250&p_aso.video.mimes=%22application/javascript%22,%22video/3gpp%22,%22video/mp4%22,%22video/webm%22,%22video/x-flv%22&p_aso.video.playbackmethod=2&p_aso.video.api=2,7,8,9&rp_schain=1.0,1!vidoomy.com,64001,1,[CACHEBUSTER],,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.228.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-228-57.compute-1.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
d06c733ba42b81cd66c7fcaabc75b51c59292cdbccdcfb6a88bf2b57d262047b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 9478 		802 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C64027%2C1%2C9007868344047308402938665458%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
3fbd9f061c09f9d7bcd81865c28114a683368d40bdc4c990ea56c7deb3b5ece6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 03:24:50 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://wbz-tavnsz.net
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1706325890742015-1200
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 27 Jan 2024 03:24:50 GMT
server
nginx
t
t.lkqd.net/ Frame 8ED8 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:50 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid_ef07200f.js
vpaid.springserve.com/production/ Frame 16FE 		530 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_ef07200f.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24d7:ee00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0483daadda3d2e4c229fdce8d1f649cf6ad4176299867d4e66d4748ed7513bac

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:08:40 GMT
content-encoding
gzip
via
1.1 a598fd731d305353a077e1766dac2884.cloudfront.net (CloudFront)
last-modified
Thu, 26 Oct 2023 22:19:09 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P3
age
526571
x-amz-server-side-encryption
AES256
etag
W/"bcb9a826fdf2c845d2e7400c960d5f69"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2678400
x-amz-cf-id
ikA0P1nixgdZFJR83JzikOOPXaTIC7WOz8w_UlFlsZLcVeGRLJJH_A==
t
t.lkqd.net/ Frame 8ED8 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:50 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 27 Jan 2024 03:24:50 GMT
server
nginx
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 16FE 		964 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ce9d5af22bb35f36961a1878be5183fc342c38d7b2f2e8cf9e0da52352673650

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:50 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
600
expires
Sat, 27 Jan 2024 03:24:50 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 16FE 		979 B
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325890690,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f467d3a42d902cd3b08867caadb05d540700f1a653f3d4b1fe547ab1a1374b51

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:50 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
607
expires
Sat, 27 Jan 2024 03:24:50 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 64A5 		159 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:50 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
showad.js
ads.pubmatic.com/AdServer/js/ Frame 14D9 		39 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40022
content-encoding
gzip
content-length
14529
content-type
text/html
date
Sat, 27 Jan 2024 03:24:50 GMT
expires
Sat, 27 Jan 2024 14:31:52 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 64A5 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:50 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=40022
accept-ranges
bytes
content-length
14529
expires
Sat, 27 Jan 2024 14:31:52 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 64A5 		27 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,&us_privacy=&cb=1706325890930&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwbz-tavnsz.net%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwbz-tavnsz.net%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2024-1-26%2017:24:51&ranreq=0.6956977538000024&timezone=-10&sua_br=[]&sua_mob=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:51 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://wbz-tavnsz.net
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame 64A5 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325891&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.36 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 73F6 		159 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325890690,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:51 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
track
aktrack.pubmatic.com/ Frame 16FE 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325890&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:51 GMT
content-length
0
content-type
text/html
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5D08 		39 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325890690,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40021
content-encoding
gzip
content-length
14529
content-type
text/html
date
Sat, 27 Jan 2024 03:24:51 GMT
expires
Sat, 27 Jan 2024 14:31:52 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 73F6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325890690,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:51 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=40021
accept-ranges
bytes
content-length
14529
expires
Sat, 27 Jan 2024 14:31:52 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 73F6 		27 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325890690,,&us_privacy=&cb=1706325891562&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwbz-tavnsz.net%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwbz-tavnsz.net%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2024-1-26%2017:24:52&ranreq=0.43933541341935944&timezone=-10&sua_br=[]&sua_mob=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325890690,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:52 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://wbz-tavnsz.net
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame 73F6 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325892&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.36 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
track
aktrack.pubmatic.com/ Frame 16FE 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325890&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:52 GMT
content-length
0
content-type
text/html
i
vid-io-iad.springserve.com/vd/ Frame 16FE 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=732f77b1&ps_id=357265&event=js_opportunity&time_on_page=2&num_bq_pt=1&num_dt_pt=2&timestamp=1706325892149&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=6b609e94-2d24-47cc-b19e-45780f0f5076.1706325890690&uuid=732f77b1-2de3-4951-8452-ea0de2e024bf&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&a_cc=s.357265&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=551621
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:52 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame 16FE 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=732f77b1&ps_id=357265&event=cm_js_demand_req_resp&a_cc=s.357265-d.1183021&dtidx=1&cc_i=0&response_time=43&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1706325892149&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=6b609e94-2d24-47cc-b19e-45780f0f5076.1706325890690&uuid=732f77b1-2de3-4951-8452-ea0de2e024bf&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=3835596
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:52 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-sin.springserve.com/vd/ Frame 16FE 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-sin.springserve.com/vd/i?suuid=732f77b1&ps_id=357265&event=js_demand_opportunity&a_cc=s.357265-d.1183021&dtidx=1&cc_i=0&response_time=1&creative_type=JS_VPAID&_t1=1&timestamp=1706325892149&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=6b609e94-2d24-47cc-b19e-45780f0f5076.1706325890690&uuid=732f77b1-2de3-4951-8452-ea0de2e024bf&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=8995298
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.125.59 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-125-59.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:52 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-sin.springserve.com/vd/ Frame 16FE 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-sin.springserve.com/vd/i?suuid=732f77b1&ps_id=357265&event=cm_js_demand_req_resp&a_cc=s.357265-d.437974&dtidx=1&cc_i=0&response_time=54&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1706325892149&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=6b609e94-2d24-47cc-b19e-45780f0f5076.1706325890690&uuid=732f77b1-2de3-4951-8452-ea0de2e024bf&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=8550914
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.125.59 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-125-59.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:52 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-sin.springserve.com/vd/ Frame 16FE 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-sin.springserve.com/vd/i?suuid=732f77b1&ps_id=357265&event=js_demand_error&a_cc=s.357265-d.1183021&dtidx=1&cc_i=0&response_time=632&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1706325892149&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=6b609e94-2d24-47cc-b19e-45780f0f5076.1706325890690&uuid=732f77b1-2de3-4951-8452-ea0de2e024bf&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=5910029
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.125.59 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-125-59.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:52 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-dub.springserve.com/vd/ Frame 16FE 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-dub.springserve.com/vd/i?suuid=732f77b1&ps_id=357265&event=js_demand_opportunity&a_cc=s.357265-d.437974&dtidx=1&cc_i=0&response_time=0&creative_type=JS_VPAID&_t1=1&timestamp=1706325892149&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=6b609e94-2d24-47cc-b19e-45780f0f5076.1706325890690&uuid=732f77b1-2de3-4951-8452-ea0de2e024bf&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=4122565
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.245.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-245-60.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:52 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame 16FE 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=732f77b1&ps_id=357265&event=js_demand_error&a_cc=s.357265-d.437974&dtidx=1&cc_i=0&response_time=618&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1706325892149&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=6b609e94-2d24-47cc-b19e-45780f0f5076.1706325890690&uuid=732f77b1-2de3-4951-8452-ea0de2e024bf&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=4757159
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:52 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-sin.springserve.com/vd/ Frame 16FE 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-sin.springserve.com/vd/i?suuid=732f77b1&ps_id=357265&event=js_supply_error&time_on_page=1296&reason=NO_FILL&timeout=false&timestamp=1706325892149&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=6b609e94-2d24-47cc-b19e-45780f0f5076.1706325890690&uuid=732f77b1-2de3-4951-8452-ea0de2e024bf&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&a_cc=s.357265&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=2531170
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.125.59 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-125-59.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:52 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
truncated
/ Frame 1A21 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_ef07200f.js
vpaid.springserve.com/production/ Frame 2932 		530 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_ef07200f.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24d7:ee00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0483daadda3d2e4c229fdce8d1f649cf6ad4176299867d4e66d4748ed7513bac

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:08:40 GMT
content-encoding
gzip
via
1.1 a598fd731d305353a077e1766dac2884.cloudfront.net (CloudFront)
last-modified
Thu, 26 Oct 2023 22:19:09 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P3
age
526573
x-amz-server-side-encryption
AES256
etag
W/"bcb9a826fdf2c845d2e7400c960d5f69"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2678400
x-amz-cf-id
fbOwrzfawPA0ld8WMgE0PuZKrcm9yoDR_MeRC0mMRiDlBe1BvNapNg==
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 2932 		979 B
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325890689,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a25542a33708ce4883717ca5df9f9055c0f8f35fea7e0d71bc306b0036497ddc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:52 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
607
expires
Sat, 27 Jan 2024 03:24:52 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 2932 		964 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4c5b97d9532dee1660600ed702de9be74b905c0c6b270e15c9d065c0581ca5d9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:52 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
599
expires
Sat, 27 Jan 2024 03:24:52 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame C84F 		159 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325890689,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:52 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
showad.js
ads.pubmatic.com/AdServer/js/ Frame F4A6 		39 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325890689,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40020
content-encoding
gzip
content-length
14529
content-type
text/html
date
Sat, 27 Jan 2024 03:24:52 GMT
expires
Sat, 27 Jan 2024 14:31:52 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame C84F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325890689,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:52 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=40020
accept-ranges
bytes
content-length
14529
expires
Sat, 27 Jan 2024 14:31:52 GMT
t
t.lkqd.net/ Frame 8ED8 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:52 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 27 Jan 2024 03:24:52 GMT
server
nginx
AdServerServlet
vid.pubmatic.com/AdServer/ Frame C84F 		27 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325890689,,&us_privacy=&cb=1706325892614&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwbz-tavnsz.net%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwbz-tavnsz.net%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2024-1-26%2017:24:53&ranreq=0.49967917106346116&timezone=-10&sua_br=[]&sua_mob=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325890689,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:53 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://wbz-tavnsz.net
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame C84F 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325893&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.36 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 002F 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 Jan 2024 03:24:53 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 4265 		159 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:53 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
track
aktrack.pubmatic.com/ Frame 2932 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325892&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:53 GMT
content-length
0
content-type
text/html
dc_oe=ChMIgbvJn8_8gwMVl6KDCB05_AIUEAEYACCo1ZVi;dc_eps=AHas8cDZlLVXblKkY0_FMLtfd402szAnWrBhR1GEG8a6iwoj1Cp7cDyuELfKMsfAnWRfxZtQVmnIGJS7Bg;met=1;&timestamp=1706325893248;eid1=871060;ecn1=1;etm1=0;eid...
ade.googlesyndication.com/ddm/activity/ Frame 0829 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgbvJn8_8gwMVl6KDCB05_AIUEAEYACCo1ZVi;dc_eps=AHas8cDZlLVXblKkY0_FMLtfd402szAnWrBhR1GEG8a6iwoj1Cp7cDyuELfKMsfAnWRfxZtQVmnIGJS7Bg;met=1;&timestamp=1706325893248;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame A850 		39 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40019
content-encoding
gzip
content-length
14529
content-type
text/html
date
Sat, 27 Jan 2024 03:24:53 GMT
expires
Sat, 27 Jan 2024 14:31:52 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4265 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:53 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=40019
accept-ranges
bytes
content-length
14529
expires
Sat, 27 Jan 2024 14:31:52 GMT
syncframe
gum.criteo.com/ Frame BD42 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wbz-tavnsz.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:53 GMT
server
Kestrel
server-processing-duration-in-ticks
824624
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 002F 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 Jan 2024 03:24:53 GMT
sid
mug.criteo.com/ Frame BD42
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=wbz-tavnsz.net&sn=ChromeSyncframe&so=3&topUrl=wbz-tavnsz.net&bundle=hQR-MF9TMmVDQXpNQVg5Z3A4Y1QlMkZ2VzFFdkVOaUV1SkpkeDBJS3Z6MlF5RXV3NnkxcW...
  • https://mug.criteo.com/sid?cpp=KiE7h3xibC9LRnJ5SldxZWhEWENwYjlIUjlEWk51Uk9WMHJCME5Sam1IZ3pJMmhSR2pTQkdvVTcvdjdiK0pMSWYvMHp2SDBPekJWOWwvYzlrczZsazVzbFF5eXJTWjAyMTVENmpPejJDMjZJQjNCUWFjRjIyTWxVVngrdk...
425 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=KiE7h3xibC9LRnJ5SldxZWhEWENwYjlIUjlEWk51Uk9WMHJCME5Sam1IZ3pJMmhSR2pTQkdvVTcvdjdiK0pMSWYvMHp2SDBPekJWOWwvYzlrczZsazVzbFF5eXJTWjAyMTVENmpPejJDMjZJQjNCUWFjRjIyTWxVVngrdkZBNnRZRDJub20yK1o4TjZzTnNoNTFwbGJURUxmUVRyMk93R005SDJmc1V5N3NpMExkMFJHelJEOE13R3htdGJDQVlzVUExUTQzT1RwZUx3MjhlZXNCVUZicFhSTFBBMkdDYzFyMm8yUE9SYXJWUVNWYWQ0VFNVbzdnSW5oSFRHNzVzdDM4YzcrMlJZcHphM0taNnFyTUpXQ3ZaMWdvRkp4WnNaeEI2RFdGdUN5QzJ3ckFSQT18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c8bf73dc1f21b72403e8498a767342578f65dd57a489f33cd701249280ca2638
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1266197
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=KiE7h3xibC9LRnJ5SldxZWhEWENwYjlIUjlEWk51Uk9WMHJCME5Sam1IZ3pJMmhSR2pTQkdvVTcvdjdiK0pMSWYvMHp2SDBPekJWOWwvYzlrczZsazVzbFF5eXJTWjAyMTVENmpPejJDMjZJQjNCUWFjRjIyTWxVVngrdkZBNnRZRDJub20yK1o4TjZzTnNoNTFwbGJURUxmUVRyMk93R005SDJmc1V5N3NpMExkMFJHelJEOE13R3htdGJDQVlzVUExUTQzT1RwZUx3MjhlZXNCVUZicFhSTFBBMkdDYzFyMm8yUE9SYXJWUVNWYWQ0VFNVbzdnSW5oSFRHNzVzdDM4YzcrMlJZcHphM0taNnFyTUpXQ3ZaMWdvRkp4WnNaeEI2RFdGdUN5QzJ3ckFSQT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
705124
content-length
0
expires
0
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 4265 		27 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,&us_privacy=&cb=1706325893264&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwbz-tavnsz.net%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwbz-tavnsz.net%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2024-1-26%2017:24:53&ranreq=0.006362870745298288&timezone=-10&sua_br=[]&sua_mob=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:53 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://wbz-tavnsz.net
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame 4265 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325894&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.36 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
track
aktrack.pubmatic.com/ Frame 2932 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325892&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:53 GMT
content-length
0
content-type
text/html
i
vid-io-cle.springserve.com/vd/ Frame 2932 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=1efd14e6&ps_id=356921&event=js_opportunity&time_on_page=1&num_bq_pt=1&num_dt_pt=2&timestamp=1706325893864&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=60ebe951-3f0e-4f9d-9dda-f0a0e798684c.1706325890689&uuid=1efd14e6-6041-4fe2-97e1-c1ae5264e741&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&a_cc=s.356921&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=7740509
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.246.194.225 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-246-194-225.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:53 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame 2932 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=1efd14e6&ps_id=356921&event=cm_js_demand_req_resp&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=57&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1706325893864&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=60ebe951-3f0e-4f9d-9dda-f0a0e798684c.1706325890689&uuid=1efd14e6-6041-4fe2-97e1-c1ae5264e741&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=3683082
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:53 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-sin.springserve.com/vd/ Frame 2932 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-sin.springserve.com/vd/i?suuid=1efd14e6&ps_id=356921&event=js_demand_opportunity&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=0&creative_type=JS_VPAID&_t1=1&timestamp=1706325893864&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=60ebe951-3f0e-4f9d-9dda-f0a0e798684c.1706325890689&uuid=1efd14e6-6041-4fe2-97e1-c1ae5264e741&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=4745348
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.125.59 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-125-59.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:54 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-sin.springserve.com/vd/ Frame 2932 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-sin.springserve.com/vd/i?suuid=1efd14e6&ps_id=356921&event=cm_js_demand_req_resp&a_cc=s.356921-d.1183021&dtidx=1&cc_i=0&response_time=72&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1706325893864&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=60ebe951-3f0e-4f9d-9dda-f0a0e798684c.1706325890689&uuid=1efd14e6-6041-4fe2-97e1-c1ae5264e741&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=5640598
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.125.59 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-125-59.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:54 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame 2932 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=1efd14e6&ps_id=356921&event=js_demand_error&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=641&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1706325893864&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=60ebe951-3f0e-4f9d-9dda-f0a0e798684c.1706325890689&uuid=1efd14e6-6041-4fe2-97e1-c1ae5264e741&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=3089189
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:53 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-cle.springserve.com/vd/ Frame 2932 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=1efd14e6&ps_id=356921&event=js_demand_opportunity&a_cc=s.356921-d.1183021&dtidx=1&cc_i=0&response_time=0&creative_type=JS_VPAID&_t1=1&timestamp=1706325893864&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=60ebe951-3f0e-4f9d-9dda-f0a0e798684c.1706325890689&uuid=1efd14e6-6041-4fe2-97e1-c1ae5264e741&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=6854036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.246.194.225 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-246-194-225.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:53 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-cle.springserve.com/vd/ Frame 2932 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=1efd14e6&ps_id=356921&event=js_demand_error&a_cc=s.356921-d.1183021&dtidx=1&cc_i=0&response_time=649&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1706325893864&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=60ebe951-3f0e-4f9d-9dda-f0a0e798684c.1706325890689&uuid=1efd14e6-6041-4fe2-97e1-c1ae5264e741&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=743058
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.246.194.225 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-246-194-225.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:53 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame 2932 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=1efd14e6&ps_id=356921&event=js_supply_error&time_on_page=1349&reason=NO_FILL&timeout=false&timestamp=1706325893864&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=60ebe951-3f0e-4f9d-9dda-f0a0e798684c.1706325890689&uuid=1efd14e6-6041-4fe2-97e1-c1ae5264e741&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&a_cc=s.356921&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=4899532
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:53 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame AB4D 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 Jan 2024 03:24:54 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 9243 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 Jan 2024 03:24:54 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame C240 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 Jan 2024 03:24:54 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 1FD8 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 Jan 2024 03:24:54 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame E845 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 Jan 2024 03:24:54 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame AD95 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 Jan 2024 03:24:54 GMT
syncframe
gum.criteo.com/ Frame A133 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:53 GMT
server
Kestrel
server-processing-duration-in-ticks
1168288
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame AB4D 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 Jan 2024 03:24:54 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame CE29 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 Jan 2024 03:24:54 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 372A 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 Jan 2024 03:24:54 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 2407 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 Jan 2024 03:24:54 GMT
syncframe
gum.criteo.com/ Frame 1C77 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:53 GMT
server
Kestrel
server-processing-duration-in-ticks
1068781
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 9243 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 Jan 2024 03:24:54 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 27 Jan 2024 03:24:54 GMT
server
nginx
t
t.lkqd.net/ Frame 8ED8 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:54 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
syncframe
gum.criteo.com/ Frame CB25 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:53 GMT
server
Kestrel
server-processing-duration-in-ticks
692992
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 6B72 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 Jan 2024 03:24:54 GMT
syncframe
gum.criteo.com/ Frame 0A1B 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:53 GMT
server
Kestrel
server-processing-duration-in-ticks
1301954
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
sid
mug.criteo.com/ Frame A133
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windsplay.com&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=qmk2iHx6blhNa3BWQ3BWSkVFbm1rNGlsVnVCbHhPdVVZSExzdlRFYVFnWTBYTTByaUVJVmg1K1lMdWpUcDdlRWJiclVRNklRTHBKNENTTjdyNWdZaExqaUVQb0VvVXNEU2s2aEZjajhFK01Nc3JpRlpZRWtFYmNydlZtTG...
425 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=qmk2iHx6blhNa3BWQ3BWSkVFbm1rNGlsVnVCbHhPdVVZSExzdlRFYVFnWTBYTTByaUVJVmg1K1lMdWpUcDdlRWJiclVRNklRTHBKNENTTjdyNWdZaExqaUVQb0VvVXNEU2s2aEZjajhFK01Nc3JpRlpZRWtFYmNydlZtTGFjOFYvMUlSQ0dFOFY5bkI2bm4zbmhEZko0OEJFUkZJaUxpbDdKOXpvUVh6U29Vbm50SWQ5SlcyaXdyQmtHeGR0b0wxazRXM2h2ZzN6cUZvZG4wNVZXQmwyTmZlR0xaRnFwZlFCMnpyMERnN0V3UU1ObWVxbHIrN2RIc1ZRYmRDLzJrdGgyT0UzVDJzU2VpTzU2OTZzOVE2U3c2SnpJNG9rZ1g2VnlXMjR3UzJGS1ovRUJEa3dhdmhiM3M1cEdEU2x0Q1V4YXcwS3w&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3ee40ff8c2809a5566f49fd4d7bac1381ee87b11978ad4df64d07c6f5cf53492
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:54 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1225777
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=qmk2iHx6blhNa3BWQ3BWSkVFbm1rNGlsVnVCbHhPdVVZSExzdlRFYVFnWTBYTTByaUVJVmg1K1lMdWpUcDdlRWJiclVRNklRTHBKNENTTjdyNWdZaExqaUVQb0VvVXNEU2s2aEZjajhFK01Nc3JpRlpZRWtFYmNydlZtTGFjOFYvMUlSQ0dFOFY5bkI2bm4zbmhEZko0OEJFUkZJaUxpbDdKOXpvUVh6U29Vbm50SWQ5SlcyaXdyQmtHeGR0b0wxazRXM2h2ZzN6cUZvZG4wNVZXQmwyTmZlR0xaRnFwZlFCMnpyMERnN0V3UU1ObWVxbHIrN2RIc1ZRYmRDLzJrdGgyT0UzVDJzU2VpTzU2OTZzOVE2U3c2SnpJNG9rZ1g2VnlXMjR3UzJGS1ovRUJEa3dhdmhiM3M1cEdEU2x0Q1V4YXcwS3w&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
695687
content-length
0
expires
0
syncframe
gum.criteo.com/ Frame ECE9 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:54 GMT
server
Kestrel
server-processing-duration-in-ticks
968159
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
syncframe
gum.criteo.com/ Frame 01D8 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:53 GMT
server
Kestrel
server-processing-duration-in-ticks
1052820
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
sid
mug.criteo.com/ Frame 1C77
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windsplay.com&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=Z7_TnHxsdmRJTndrd0sxZXlJTVVmcDBjQ3djc09aYWpBSGZKdm94dFA4YTc3cWlySDVhTW8zNDFmNER1aDdOa3BnT0hRNW5Vbk5QRlRmUGZJU2o3WHk5NURuNW5BM0phNG84V2hQeDRCczJlay9EeER0aldCQ3RsRk5hWW...
433 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Z7_TnHxsdmRJTndrd0sxZXlJTVVmcDBjQ3djc09aYWpBSGZKdm94dFA4YTc3cWlySDVhTW8zNDFmNER1aDdOa3BnT0hRNW5Vbk5QRlRmUGZJU2o3WHk5NURuNW5BM0phNG84V2hQeDRCczJlay9EeER0aldCQ3RsRk5hWW0rdlM1L1E4ZktXVEZRV2JLTWpnZDl4TDFDUzNKOHJ2ellpbm1kcEF3d1I2OVB5MWpYaUk0L3A2QnJLSVVrTTV4eGFtRVJ5K252alVQR2lhc09wdGFJN2Fad0R1OGhzN3hES2EyZllLMGtBdGpUSzg3OVNqRUx5UFo4UTlZWWUwTTNJaHVqTzFMWlh3TDY1MFZwZldQMk90N3RhMFBkUCt5aDYyZE1kMVhWSGNuSWNCQWJzbVlGZUhLK05PL1JLaVQrZmxoRDhIQ3w&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e58c57e76e9d40aafe12356206e7fa7dceb482dc748f214a0cb56275bf9d35aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1583794
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Z7_TnHxsdmRJTndrd0sxZXlJTVVmcDBjQ3djc09aYWpBSGZKdm94dFA4YTc3cWlySDVhTW8zNDFmNER1aDdOa3BnT0hRNW5Vbk5QRlRmUGZJU2o3WHk5NURuNW5BM0phNG84V2hQeDRCczJlay9EeER0aldCQ3RsRk5hWW0rdlM1L1E4ZktXVEZRV2JLTWpnZDl4TDFDUzNKOHJ2ellpbm1kcEF3d1I2OVB5MWpYaUk0L3A2QnJLSVVrTTV4eGFtRVJ5K252alVQR2lhc09wdGFJN2Fad0R1OGhzN3hES2EyZllLMGtBdGpUSzg3OVNqRUx5UFo4UTlZWWUwTTNJaHVqTzFMWlh3TDY1MFZwZldQMk90N3RhMFBkUCt5aDYyZE1kMVhWSGNuSWNCQWJzbVlGZUhLK05PL1JLaVQrZmxoRDhIQ3w&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
321133
content-length
0
expires
0
sid
mug.criteo.com/ Frame CB25
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windsplay.com&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=OZsu5XxwS2Y5WG9mOC8vT0dBZGlzKys4ZEFKdkZRcWY1WGNUazNhdHBqNXRWeHlwMGtWeUlsNHVNMGkrWDRpY0pOM2x3VVNyS25yMGRFVEhCQ2hYRWFsYzB4ZGU5cjRDOE1jYld3emsxbncwYkpzM0tuenlkZ3U1L3FEbn...
436 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=OZsu5XxwS2Y5WG9mOC8vT0dBZGlzKys4ZEFKdkZRcWY1WGNUazNhdHBqNXRWeHlwMGtWeUlsNHVNMGkrWDRpY0pOM2x3VVNyS25yMGRFVEhCQ2hYRWFsYzB4ZGU5cjRDOE1jYld3emsxbncwYkpzM0tuenlkZ3U1L3FEbnZ2MlR6Zkh1S0RzMDJnSUxjc1doei90Q20vamtBcjRwdGpPNzhPaUw5cm5XNHNrZ20xNnMwTDRKSWhic1pjcnRPUHdDOVhXRWFrMno1L1NtTU83N3ZDOXhrYkNqYXBYbkFJbjRsSkdxR1g5Tm44NmtpMDVoYmRTaWIrMmhUd0Rybk5nZVFrbDQ0eVNWdUs2V3Awb0hNRFZ4cE1tR29UbFJXTXRtaXRCTFgyUVRUZ2NkbnZNMlhjNUo4VEtFYXptU2cxQ3NwOHM5Rnw&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a3d4bc6b76b1d19c37b47453c37aba7a5bc7e4d5454b1c74906136de6f71f026
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:54 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1290658
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=OZsu5XxwS2Y5WG9mOC8vT0dBZGlzKys4ZEFKdkZRcWY1WGNUazNhdHBqNXRWeHlwMGtWeUlsNHVNMGkrWDRpY0pOM2x3VVNyS25yMGRFVEhCQ2hYRWFsYzB4ZGU5cjRDOE1jYld3emsxbncwYkpzM0tuenlkZ3U1L3FEbnZ2MlR6Zkh1S0RzMDJnSUxjc1doei90Q20vamtBcjRwdGpPNzhPaUw5cm5XNHNrZ20xNnMwTDRKSWhic1pjcnRPUHdDOVhXRWFrMno1L1NtTU83N3ZDOXhrYkNqYXBYbkFJbjRsSkdxR1g5Tm44NmtpMDVoYmRTaWIrMmhUd0Rybk5nZVFrbDQ0eVNWdUs2V3Awb0hNRFZ4cE1tR29UbFJXTXRtaXRCTFgyUVRUZ2NkbnZNMlhjNUo4VEtFYXptU2cxQ3NwOHM5Rnw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
309731
content-length
0
expires
0
syncframe
gum.criteo.com/ Frame 531B 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:53 GMT
server
Kestrel
server-processing-duration-in-ticks
1178591
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
syncframe
gum.criteo.com/ Frame C11E 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:54 GMT
server
Kestrel
server-processing-duration-in-ticks
4561434
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
sid
mug.criteo.com/ Frame 0A1B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windsplay.com&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=nht5E3xlWFhmRTJ2MUQzWEVmWEJkMUNBSFVmRlVJNHQ3WGRXMzF0Z3BtbTFYVm1DVW45T0N4alZqUFZDT1dzakpSa296US9wVmVoTElacC80SThEelFGL00vNk5BQWFtcG1JcDZ5TE5XcWZaRFVqdmsvaW1zSmdYMnlZWH...
441 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=nht5E3xlWFhmRTJ2MUQzWEVmWEJkMUNBSFVmRlVJNHQ3WGRXMzF0Z3BtbTFYVm1DVW45T0N4alZqUFZDT1dzakpSa296US9wVmVoTElacC80SThEelFGL00vNk5BQWFtcG1JcDZ5TE5XcWZaRFVqdmsvaW1zSmdYMnlZWHh1UmRoQ1FuRlY4ekdZYnUyNCtOS0s5VmRyVHMrbVRTRWpyWFQ1OGJGb0ZUREVRYUVTN0QzbDF5UGo0VDFrcUlaR0JIY05YYXljZzREeTdpTzR6V1g5enBLclNTT1Y0U1Uzc1k5TDYwOFlpYnBMVXNPUlVUSy9UWnh2a0xiLzRhZzZNM1I4aVFsZndwTVFBOUJONlRTbTJ4bDgvSjd6SFFYSkwzWksyUWFPZXRkOE9Vb2F0aHhkeDlxWWo5eW5Pc2ZRWnEyV2ZqT3w&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
5d410217f94472d80c19a1347dccae940ebff9f720e68109f1c788d98383a8ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:54 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1407880
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:54 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=nht5E3xlWFhmRTJ2MUQzWEVmWEJkMUNBSFVmRlVJNHQ3WGRXMzF0Z3BtbTFYVm1DVW45T0N4alZqUFZDT1dzakpSa296US9wVmVoTElacC80SThEelFGL00vNk5BQWFtcG1JcDZ5TE5XcWZaRFVqdmsvaW1zSmdYMnlZWHh1UmRoQ1FuRlY4ekdZYnUyNCtOS0s5VmRyVHMrbVRTRWpyWFQ1OGJGb0ZUREVRYUVTN0QzbDF5UGo0VDFrcUlaR0JIY05YYXljZzREeTdpTzR6V1g5enBLclNTT1Y0U1Uzc1k5TDYwOFlpYnBMVXNPUlVUSy9UWnh2a0xiLzRhZzZNM1I4aVFsZndwTVFBOUJONlRTbTJ4bDgvSjd6SFFYSkwzWksyUWFPZXRkOE9Vb2F0aHhkeDlxWWo5eW5Pc2ZRWnEyV2ZqT3w&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
410345
content-length
0
expires
0
syncframe
gum.criteo.com/ Frame C7BF 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:53 GMT
server
Kestrel
server-processing-duration-in-ticks
1274291
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
sid
mug.criteo.com/ Frame ECE9
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windsplay.com&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=tNUOTnxtYlZlTjJxNEJ2cGlMVndmdGV3cDZSeFNGRVJKVTJJQTBZbDIvakMzQ0M3Y1dyS3lTWDllczBLK2RrcnV3cDA2ZHNYcmVNLzM1TFhZeDVQZGVOMDhVQ0MxQTlIWnNDY0tKYUtveVcrUVNIVGtCTGU3U0ppZFhURk...
428 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=tNUOTnxtYlZlTjJxNEJ2cGlMVndmdGV3cDZSeFNGRVJKVTJJQTBZbDIvakMzQ0M3Y1dyS3lTWDllczBLK2RrcnV3cDA2ZHNYcmVNLzM1TFhZeDVQZGVOMDhVQ0MxQTlIWnNDY0tKYUtveVcrUVNIVGtCTGU3U0ppZFhURkxVeHJsM3doZWE4clp3b1RPbWR4bHdtTnRzUlM5YS9oZFpIWU1QZjcyUTluTFYwWnA0b2xkSmFBelhKYUdYRTdGa2k0M05xeTU1QVZkN2RtN3V1L0tvdDZKYWc0S3NiN0xpblZXRjdiVFF2a0lQNjJiTUdGSWtRQ1RTcFd1RlhBWUFEVlJkNXRpK1pRMVAzYXQ4SUtrc1dMZmxxYnRHQmhJSERKZ05WMGpuUWNsd3d3R2o2cHBUMXJTQjI1a0xIVHBCTndHK2pPcXw&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
842c5825b88ab5a30dcac9d30792aa2769e28ed738c3d262de2046fb2ec41b97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1032484
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:54 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=tNUOTnxtYlZlTjJxNEJ2cGlMVndmdGV3cDZSeFNGRVJKVTJJQTBZbDIvakMzQ0M3Y1dyS3lTWDllczBLK2RrcnV3cDA2ZHNYcmVNLzM1TFhZeDVQZGVOMDhVQ0MxQTlIWnNDY0tKYUtveVcrUVNIVGtCTGU3U0ppZFhURkxVeHJsM3doZWE4clp3b1RPbWR4bHdtTnRzUlM5YS9oZFpIWU1QZjcyUTluTFYwWnA0b2xkSmFBelhKYUdYRTdGa2k0M05xeTU1QVZkN2RtN3V1L0tvdDZKYWc0S3NiN0xpblZXRjdiVFF2a0lQNjJiTUdGSWtRQ1RTcFd1RlhBWUFEVlJkNXRpK1pRMVAzYXQ4SUtrc1dMZmxxYnRHQmhJSERKZ05WMGpuUWNsd3d3R2o2cHBUMXJTQjI1a0xIVHBCTndHK2pPcXw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
334245
content-length
0
expires
0
syncframe
gum.criteo.com/ Frame 3DBC 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wbz-tavnsz.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:24:54 GMT
server
Kestrel
server-processing-duration-in-ticks
1038358
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
sid
mug.criteo.com/ Frame 01D8
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windsplay.com&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=C9vyl3xqOWZnajd6b3FZNm1aaWdSbFM1ZFBlNkg5UHlzSE8wcUVzV1dnVTBXZWZQZzRuREgvWTg2MjVIVE5tUlBCQW9OSGwrWWNEZTNqdEtaeTJBNlNEaTkwWnZMSklLTWtIdFhPNFZyV3BIK1p2TXkwMDU4YTZvS0xpMj...
428 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=C9vyl3xqOWZnajd6b3FZNm1aaWdSbFM1ZFBlNkg5UHlzSE8wcUVzV1dnVTBXZWZQZzRuREgvWTg2MjVIVE5tUlBCQW9OSGwrWWNEZTNqdEtaeTJBNlNEaTkwWnZMSklLTWtIdFhPNFZyV3BIK1p2TXkwMDU4YTZvS0xpMjB5OEFuZGRickRPS3ZQSDdXZlgvT05YdUQ5bi9xbkVpKzYxT1pHUEdEVlVIQzh0TU1Tbkc3V1NoNDhkeStaWkFXaVRZTjJLbWd1Q0hVTXBNTDQyYkkxY2NIeDR0dFVvdEFyQ05ZSnJWZEhxVlVpamVWSSttLzVrajVFTzJLTTRHYkJHV08yQTVtRzB0UmptOEJ4bGRMaVdnVXNkbDA5UUZBWHhSb2trQTVpR1RsVVRWTVNDY3h4aG9GVGZYMDR0WTRZY0JOTzE5RHw&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
9b5f9b8c5579c88ee0277c25e2aa6b927bc3922cb81b622c8b5af7ca3de07029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:54 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1205053
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:54 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=C9vyl3xqOWZnajd6b3FZNm1aaWdSbFM1ZFBlNkg5UHlzSE8wcUVzV1dnVTBXZWZQZzRuREgvWTg2MjVIVE5tUlBCQW9OSGwrWWNEZTNqdEtaeTJBNlNEaTkwWnZMSklLTWtIdFhPNFZyV3BIK1p2TXkwMDU4YTZvS0xpMjB5OEFuZGRickRPS3ZQSDdXZlgvT05YdUQ5bi9xbkVpKzYxT1pHUEdEVlVIQzh0TU1Tbkc3V1NoNDhkeStaWkFXaVRZTjJLbWd1Q0hVTXBNTDQyYkkxY2NIeDR0dFVvdEFyQ05ZSnJWZEhxVlVpamVWSSttLzVrajVFTzJLTTRHYkJHV08yQTVtRzB0UmptOEJ4bGRMaVdnVXNkbDA5UUZBWHhSb2trQTVpR1RsVVRWTVNDY3h4aG9GVGZYMDR0WTRZY0JOTzE5RHw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
495393
content-length
0
expires
0
sid
mug.criteo.com/ Frame 531B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windsplay.com&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=bOSQ6HxRMkdwMi9hTFM3VTR3bUxyMmhwVjFHNHpudWZSYzZiWmpMRzk4YVBuQzlMWDBiVzFmZnBzb3FCc2hQVTAyY1BPTWRPOGpiMUJEQnR3RS8rSndXelFJY3RrclRoVmJSczYyS0dCeEFJWDlTVE9Wak9STVpIdDJKTF...
444 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=bOSQ6HxRMkdwMi9hTFM3VTR3bUxyMmhwVjFHNHpudWZSYzZiWmpMRzk4YVBuQzlMWDBiVzFmZnBzb3FCc2hQVTAyY1BPTWRPOGpiMUJEQnR3RS8rSndXelFJY3RrclRoVmJSczYyS0dCeEFJWDlTVE9Wak9STVpIdDJKTFhpYkw2SkZVNVFNZUovT2cyWVhEb0p4M255SEUzb1FLY1NGMFVNVjJkSjNyR1lSNzJreUg1V1dlR21pMnUySUxKWXY0NmFrUTU4U1JOd0M4VENCRFlxQXFxNm5zMytvazV1T3F0QjA0cXV1eFEyaDl1b1ZMRUl2MXIvQXExS1E1NS9MVW84VC8vTG42UWVBMFpJKzg0Ni9CS1VhRFk0WFVmOWVENjlEOXppTlY3TmYwR2dHMk4vUzkyVGNhRlJXalY4T0ZIc3kydHw&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6bcd571fb6cd520dca9d0a264c1e2c933cc1e42e447f6557904583c8fe05a454
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2482962
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:54 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=bOSQ6HxRMkdwMi9hTFM3VTR3bUxyMmhwVjFHNHpudWZSYzZiWmpMRzk4YVBuQzlMWDBiVzFmZnBzb3FCc2hQVTAyY1BPTWRPOGpiMUJEQnR3RS8rSndXelFJY3RrclRoVmJSczYyS0dCeEFJWDlTVE9Wak9STVpIdDJKTFhpYkw2SkZVNVFNZUovT2cyWVhEb0p4M255SEUzb1FLY1NGMFVNVjJkSjNyR1lSNzJreUg1V1dlR21pMnUySUxKWXY0NmFrUTU4U1JOd0M4VENCRFlxQXFxNm5zMytvazV1T3F0QjA0cXV1eFEyaDl1b1ZMRUl2MXIvQXExS1E1NS9MVW84VC8vTG42UWVBMFpJKzg0Ni9CS1VhRFk0WFVmOWVENjlEOXppTlY3TmYwR2dHMk4vUzkyVGNhRlJXalY4T0ZIc3kydHw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
264626
content-length
0
expires
0
sid
mug.criteo.com/ Frame C11E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windsplay.com&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=-a2SLnxROFN1K0Franc5Q0lQK2NxMVRDSmNhakVKMDluVUZma1ZOczM2VjZEcnV6NUoyZFF6NmVBZXRDZWlSVW9hSVErcDI4M1gyejl6bnNQUnVUT1hGQ2NjMWpHK2JPK3JrcHdpaUllaSttRlUrSHB5anAwblRuVXBnU2...
414 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=-a2SLnxROFN1K0Franc5Q0lQK2NxMVRDSmNhakVKMDluVUZma1ZOczM2VjZEcnV6NUoyZFF6NmVBZXRDZWlSVW9hSVErcDI4M1gyejl6bnNQUnVUT1hGQ2NjMWpHK2JPK3JrcHdpaUllaSttRlUrSHB5anAwblRuVXBnU2hKc0xHVW1lNnlBRm5PNVRQMDc0OG9tOGRLOTRuQnJQSU4waEFwTklkNlg5bUpJOGRVOXJ6cmtUTVVYUldQc05ISERqZXNYQlZDTDZtVURUN2pMOUNJYWVaN2pXMlhKUjNXbGlYMkI5K0J2dS8rSmJOMEZTbzFrSG1TNHhPRklNenZtZmpSUTNpcjlnZ09oUjhGN1VWRmplSDNmS04wNHRxNWdWQ0RGVXpzcWs0TURXZVcwZmRtN3A4dDJGMmpQYTUyWE1ua3lJd3w&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
47c2203c4a2afa1ee60adaeab464e0e1658f321ed3c2d8fc8bc605d1e29b82c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:54 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1007046
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=-a2SLnxROFN1K0Franc5Q0lQK2NxMVRDSmNhakVKMDluVUZma1ZOczM2VjZEcnV6NUoyZFF6NmVBZXRDZWlSVW9hSVErcDI4M1gyejl6bnNQUnVUT1hGQ2NjMWpHK2JPK3JrcHdpaUllaSttRlUrSHB5anAwblRuVXBnU2hKc0xHVW1lNnlBRm5PNVRQMDc0OG9tOGRLOTRuQnJQSU4waEFwTklkNlg5bUpJOGRVOXJ6cmtUTVVYUldQc05ISERqZXNYQlZDTDZtVURUN2pMOUNJYWVaN2pXMlhKUjNXbGlYMkI5K0J2dS8rSmJOMEZTbzFrSG1TNHhPRklNenZtZmpSUTNpcjlnZ09oUjhGN1VWRmplSDNmS04wNHRxNWdWQ0RGVXpzcWs0TURXZVcwZmRtN3A4dDJGMmpQYTUyWE1ua3lJd3w&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
268173
content-length
0
expires
0
sid
mug.criteo.com/ Frame C7BF
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windsplay.com&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=_agWp3x3dlAvVVVOWU1DUDE0alM3TEtpdGx3N2NhY1lvVTVpM3BoaE95NHY4MEdDT2RsRGdaeVFjM0VRdFRkZUhXZnBtQlI3QjJjOEpjbERzL1oreEpGSFZHdy9zSzltWTZVWmdvLzFHaER4VGhkellNVGNaMkMzZjhYRG...
430 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_agWp3x3dlAvVVVOWU1DUDE0alM3TEtpdGx3N2NhY1lvVTVpM3BoaE95NHY4MEdDT2RsRGdaeVFjM0VRdFRkZUhXZnBtQlI3QjJjOEpjbERzL1oreEpGSFZHdy9zSzltWTZVWmdvLzFHaER4VGhkellNVGNaMkMzZjhYRGpQc2VLYkhzUVAra2QyT0xXSndTYVY3S1pDeEtsd0psQlpzaWU4RXBSVkxuZUcrNWVMVEordUloakYwQW9jUm0rM2xkWU9hKzdwb3hLMWp6ZnpYTFdiUkcyM1Y2d3JzczZIVGtWWVNpV2JkdVNON2Q0RVVJR04zTk91T3V2MVJuMUhJUTlSeWN6NHh6VlNBQ2loSGR0cWFYOXI4VGp5cVZjSjJUTk9pdWNKWWhsUXUyaUdGbz18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
392ed00762e20f0f52216d47fb09081ea4dac5bc784609566330bdea8ced0b1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1205556
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=_agWp3x3dlAvVVVOWU1DUDE0alM3TEtpdGx3N2NhY1lvVTVpM3BoaE95NHY4MEdDT2RsRGdaeVFjM0VRdFRkZUhXZnBtQlI3QjJjOEpjbERzL1oreEpGSFZHdy9zSzltWTZVWmdvLzFHaER4VGhkellNVGNaMkMzZjhYRGpQc2VLYkhzUVAra2QyT0xXSndTYVY3S1pDeEtsd0psQlpzaWU4RXBSVkxuZUcrNWVMVEordUloakYwQW9jUm0rM2xkWU9hKzdwb3hLMWp6ZnpYTFdiUkcyM1Y2d3JzczZIVGtWWVNpV2JkdVNON2Q0RVVJR04zTk91T3V2MVJuMUhJUTlSeWN6NHh6VlNBQ2loSGR0cWFYOXI4VGp5cVZjSjJUTk9pdWNKWWhsUXUyaUdGbz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
560914
content-length
0
expires
0
sid
mug.criteo.com/ Frame 3DBC
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=windsplay.com&sn=ChromeSyncframe&so=0&topUrl=wbz-tavnsz.net&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=QsZ9H3xvNEJrWUhjOEc4dnJnOHRtNjVNVGk0allqZytibzlJMVhUZGtFblcwZ2xnS2VFKzFGRjJtTER1L00wZnlObWd2UzVuRmNVU083K2cxYlM2RlJIU0kwRExPbHlVTGN6QndyTXlWMkRBb2l3aXNacVRQNG5kUEVGTz...
430 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=QsZ9H3xvNEJrWUhjOEc4dnJnOHRtNjVNVGk0allqZytibzlJMVhUZGtFblcwZ2xnS2VFKzFGRjJtTER1L00wZnlObWd2UzVuRmNVU083K2cxYlM2RlJIU0kwRExPbHlVTGN6QndyTXlWMkRBb2l3aXNacVRQNG5kUEVGTzJtZmlyU0VMYzZxc3pld0ZQbWlCSk0weDVQSUtlSUt5UVFqZ0tZQlI2dmVMZEd5WmRSNHg5ZVgra1Y4Z0ZITUIyVVRCRzJlQVFYb0ZsV2VOVGRGbVVxcWRzUERaOVp3WkJsUkpSUEcwTlVBWFZzdVM5SEE4cjhHdkxOZGhldzB0bzlOQi9tNTVkKytuVmROUHlrSHpSd3VHeHRzL1ZJYitaYW9QeUFzR1BuaHZYT1Y3TDd3SHlzOE1vMmZBLytDSjUwZE0yVmRBTnw&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c0c44a65facc077d355cd30bfbcb304535c88d568b13ff11ff0c01e34e01ce8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:54 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
759760
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=QsZ9H3xvNEJrWUhjOEc4dnJnOHRtNjVNVGk0allqZytibzlJMVhUZGtFblcwZ2xnS2VFKzFGRjJtTER1L00wZnlObWd2UzVuRmNVU083K2cxYlM2RlJIU0kwRExPbHlVTGN6QndyTXlWMkRBb2l3aXNacVRQNG5kUEVGTzJtZmlyU0VMYzZxc3pld0ZQbWlCSk0weDVQSUtlSUt5UVFqZ0tZQlI2dmVMZEd5WmRSNHg5ZVgra1Y4Z0ZITUIyVVRCRzJlQVFYb0ZsV2VOVGRGbVVxcWRzUERaOVp3WkJsUkpSUEcwTlVBWFZzdVM5SEE4cjhHdkxOZGhldzB0bzlOQi9tNTVkKytuVmROUHlrSHpSd3VHeHRzL1ZJYitaYW9QeUFzR1BuaHZYT1Y3TDd3SHlzOE1vMmZBLytDSjUwZE0yVmRBTnw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
281419
content-length
0
expires
0
ad
v.lkqd.net/ Frame 587C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1181913&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C64027%2C1%2C&c4=true&c5=&c6=64027&c10=&c11=true&c12=&c13=true&c14=&c15=true&rnd=73029286&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
52c5f698ac20b6424d6d43adfad72065d918893742c79b89e6cc13e2046e0ac5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:54 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1446
vpaid.js
ad.lkqd.net/vpaid/ Frame 2692 		230 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.252.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.252.110.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
IktgKK_KJgLxSedeIEpHPiaaFUcsadbM
via
1.1 google
content-encoding
br
date
Thu, 04 Jan 2024 19:10:42 GMT
x-amz-request-id
476APBNJQQ3R1V1M
age
1930452
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57258
x-amz-id-2
p3uC/AaM/o90zq9/Clng77lZLO0wcy/XWxS2Fx8u8Yrk7UVdUreAvZTrRcul3C5YH6YyDFyDly4=
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
server
AmazonS3
etag
W/"88ca76abee51b1544e17b021f04aaaed"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=604800
accept-ranges
none
usync.html
ad.lkqd.net/cookie-sync/ Frame 79B4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.252.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.252.110.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
age
1815680
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=604800
content-encoding
br
content-length
1772
content-type
text/html
date
Sat, 06 Jan 2024 03:03:34 GMT
etag
W/"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 google
x-amz-id-2
L3LOmaJJVga2tk2X9AQfAwESA6eToYnwJFCBmMthhEVtyMCD8U/aFqIdkihDt7AooPQAoioCsVU=
x-amz-replication-status
COMPLETED
x-amz-request-id
CD9K3YB2GTBF13FA
x-amz-version-id
NI253OTV2M5oCpTwsHBLVZgCVbG2a6IX
ad
v.lkqd.net/ Frame 2692 		44 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1181913&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C64027%2C1%2C&c4=true&c5=&c6=64027&c10=&c11=true&c12=&c13=true&c14=&c15=true&rnd=73029286&m=&rtv=1&thost=wbz-tavnsz.net
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
6adfa7a3ff6215a94a52d45b430a20bd01b942fbb4af8d32944ec8d62a97fb8f

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 27 Jan 2024 03:24:54 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4902
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1181913&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C64027%2C1%2C&c4=true&c5=&c6=64027&c10=&c11=true&c12=&c13=true&c14=&c15=true&rnd=73029286&m=&rtv=1&thost=wbz-tavnsz.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Sat, 27 Jan 2024 03:24:54 GMT
server
nginx
33787225
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 9478 		786 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/33787225?schain=1.0%2C1%21vidoomy.com%2C64027%2C1%2C419732507811527649772319742,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
10ba7c8224185ada0f937fbd23c885e41b01d268a4b18f89171cc53d5a0be333

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 03:24:54 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://wbz-tavnsz.net
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1706325894859009-288
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 9478 		28 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473012&zone_id=2804598&size_id=203&p_aso.video.protocols=2,5,3,6,7,8,11,12&p_aso.video.maxduration=250&p_aso.video.mimes=%22application/javascript%22,%22video/3gpp%22,%22video/mp4%22,%22video/webm%22,%22video/x-flv%22&p_aso.video.playbackmethod=2&p_aso.video.api=2,7,8,9&rp_schain=1.0,1!vidoomy.com,64001,1,[CACHEBUSTER],,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.228.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-228-57.compute-1.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
d06c733ba42b81cd66c7fcaabc75b51c59292cdbccdcfb6a88bf2b57d262047b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:54 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 9478 		802 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C64027%2C1%2C7811527649772319742181334195%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
723067251672e826eacbe1fbbf782df196d5880e281cd45cec0b772dea6e994e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 03:24:54 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://wbz-tavnsz.net
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1706325894853072-1211
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 27 Jan 2024 03:24:54 GMT
server
nginx
t
t.lkqd.net/ Frame A476 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:54 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid_ef07200f.js
vpaid.springserve.com/production/ Frame 859F 		530 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_ef07200f.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24d7:ee00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0483daadda3d2e4c229fdce8d1f649cf6ad4176299867d4e66d4748ed7513bac

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:08:40 GMT
content-encoding
gzip
via
1.1 a598fd731d305353a077e1766dac2884.cloudfront.net (CloudFront)
last-modified
Thu, 26 Oct 2023 22:19:09 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P3
age
526575
x-amz-server-side-encryption
AES256
etag
W/"bcb9a826fdf2c845d2e7400c960d5f69"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2678400
x-amz-cf-id
f6cUhDLJXqvJ1YOm1qvE3IrCs32AWcocvSwMFHpzRY8Q0EhwreyVxQ==
t
t.lkqd.net/ Frame A476 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:54 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 27 Jan 2024 03:24:54 GMT
server
nginx
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 859F 		964 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9a31db1f7e19011485fdacab88ac013632f3a9e8b7a211cfa2622b0f39f56cc5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:55 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
600
expires
Sat, 27 Jan 2024 03:24:55 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 859F 		979 B
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325894803,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43ac0ac8b82f2ea26936cae2d4e779f63665a1a0ae6bc4b525b97fdb0d3b5385

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:55 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
606
expires
Sat, 27 Jan 2024 03:24:55 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 695E 		159 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:55 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0D72 		39 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40017
content-encoding
gzip
content-length
14529
content-type
text/html
date
Sat, 27 Jan 2024 03:24:55 GMT
expires
Sat, 27 Jan 2024 14:31:52 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 695E 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:55 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=40017
accept-ranges
bytes
content-length
14529
expires
Sat, 27 Jan 2024 14:31:52 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 695E 		27 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,&us_privacy=&cb=1706325895036&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwbz-tavnsz.net%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwbz-tavnsz.net%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2024-1-26%2017:24:55&ranreq=0.03853480389083175&timezone=-10&sua_br=[]&sua_mob=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:55 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://wbz-tavnsz.net
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame 695E 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325896&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.36 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame A8B1 		159 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325894803,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:55 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
track
aktrack.pubmatic.com/ Frame 859F 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325895&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:55 GMT
content-length
0
content-type
text/html
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5B79 		39 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325894803,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40017
content-encoding
gzip
content-length
14529
content-type
text/html
date
Sat, 27 Jan 2024 03:24:55 GMT
expires
Sat, 27 Jan 2024 14:31:52 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame A8B1 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325894803,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:55 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=40017
accept-ranges
bytes
content-length
14529
expires
Sat, 27 Jan 2024 14:31:52 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame A8B1 		27 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325894803,,&us_privacy=&cb=1706325895621&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwbz-tavnsz.net%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwbz-tavnsz.net%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2024-1-26%2017:24:56&ranreq=0.5145754441994359&timezone=-10&sua_br=[]&sua_mob=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325894803,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:56 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://wbz-tavnsz.net
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame A8B1 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325896&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.36 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
track
aktrack.pubmatic.com/ Frame 859F 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325895&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:56 GMT
content-length
0
content-type
text/html
i
vid-io-dub.springserve.com/vd/ Frame 859F 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-dub.springserve.com/vd/i?suuid=a0d1c007&ps_id=357265&event=js_opportunity&time_on_page=1&num_bq_pt=1&num_dt_pt=2&timestamp=1706325896166&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=7057e216-87cb-455b-aca4-60503f7b6e52.1706325894803&uuid=a0d1c007-b88e-4680-9823-8390dbe2ec0e&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&a_cc=s.357265&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=6922656
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.245.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-245-60.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:56 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame 859F 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=a0d1c007&ps_id=357265&event=cm_js_demand_req_resp&a_cc=s.357265-d.1183021&dtidx=1&cc_i=0&response_time=27&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1706325896166&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=7057e216-87cb-455b-aca4-60503f7b6e52.1706325894803&uuid=a0d1c007-b88e-4680-9823-8390dbe2ec0e&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=2572630
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:56 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame 859F 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=a0d1c007&ps_id=357265&event=js_demand_opportunity&a_cc=s.357265-d.1183021&dtidx=1&cc_i=0&response_time=0&creative_type=JS_VPAID&_t1=1&timestamp=1706325896166&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=7057e216-87cb-455b-aca4-60503f7b6e52.1706325894803&uuid=a0d1c007-b88e-4680-9823-8390dbe2ec0e&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=3049624
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:56 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-dub.springserve.com/vd/ Frame 859F 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-dub.springserve.com/vd/i?suuid=a0d1c007&ps_id=357265&event=cm_js_demand_req_resp&a_cc=s.357265-d.437974&dtidx=1&cc_i=0&response_time=40&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1706325896166&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=7057e216-87cb-455b-aca4-60503f7b6e52.1706325894803&uuid=a0d1c007-b88e-4680-9823-8390dbe2ec0e&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=4242441
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.245.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-245-60.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:56 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-cle.springserve.com/vd/ Frame 859F 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=a0d1c007&ps_id=357265&event=js_demand_error&a_cc=s.357265-d.1183021&dtidx=1&cc_i=0&response_time=572&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1706325896166&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=7057e216-87cb-455b-aca4-60503f7b6e52.1706325894803&uuid=a0d1c007-b88e-4680-9823-8390dbe2ec0e&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=528600
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.246.194.225 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-246-194-225.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:56 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-cle.springserve.com/vd/ Frame 859F 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=a0d1c007&ps_id=357265&event=js_demand_opportunity&a_cc=s.357265-d.437974&dtidx=1&cc_i=0&response_time=0&creative_type=JS_VPAID&_t1=1&timestamp=1706325896166&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=7057e216-87cb-455b-aca4-60503f7b6e52.1706325894803&uuid=a0d1c007-b88e-4680-9823-8390dbe2ec0e&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=8851913
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.246.194.225 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-246-194-225.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:56 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-dub.springserve.com/vd/ Frame 859F 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-dub.springserve.com/vd/i?suuid=a0d1c007&ps_id=357265&event=js_demand_error&a_cc=s.357265-d.437974&dtidx=1&cc_i=0&response_time=584&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1706325896166&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=7057e216-87cb-455b-aca4-60503f7b6e52.1706325894803&uuid=a0d1c007-b88e-4680-9823-8390dbe2ec0e&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=5048500
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.245.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-245-60.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:56 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-sin.springserve.com/vd/ Frame 859F 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-sin.springserve.com/vd/i?suuid=a0d1c007&ps_id=357265&event=js_supply_error&time_on_page=1189&reason=NO_FILL&timeout=false&timestamp=1706325896166&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=7057e216-87cb-455b-aca4-60503f7b6e52.1706325894803&uuid=a0d1c007-b88e-4680-9823-8390dbe2ec0e&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&a_cc=s.357265&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=8195020
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.125.59 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-125-59.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:56 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
vpaid_ef07200f.js
vpaid.springserve.com/production/ Frame 5005 		530 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_ef07200f.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24d7:ee00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0483daadda3d2e4c229fdce8d1f649cf6ad4176299867d4e66d4748ed7513bac

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:08:40 GMT
content-encoding
gzip
via
1.1 a598fd731d305353a077e1766dac2884.cloudfront.net (CloudFront)
last-modified
Thu, 26 Oct 2023 22:19:09 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P3
age
526577
x-amz-server-side-encryption
AES256
etag
W/"bcb9a826fdf2c845d2e7400c960d5f69"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2678400
x-amz-cf-id
WMYsSFPdSz4L5FDOqoWt77TA0gWo2fY6gOTfY3FF8bZ8IO6E9Duz9w==
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 5005 		979 B
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325894787,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7cc89b00ea093dcfa55ab1267187456a60d1e963f5de6700a4194f94378829f8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:56 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
606
expires
Sat, 27 Jan 2024 03:24:56 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 5005 		964 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4a790e3b0eb08aa46ad9f046db35200708e66dfd0fbe5ecae2f572ef486173c2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:56 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
599
expires
Sat, 27 Jan 2024 03:24:56 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 27 Jan 2024 03:24:56 GMT
server
nginx
t
t.lkqd.net/ Frame A476 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:56 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame CA6C 		159 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:56 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
showad.js
ads.pubmatic.com/AdServer/js/ Frame 251D 		39 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40016
content-encoding
gzip
content-length
14529
content-type
text/html
date
Sat, 27 Jan 2024 03:24:56 GMT
expires
Sat, 27 Jan 2024 14:31:52 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame CA6C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:56 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=40016
accept-ranges
bytes
content-length
14529
expires
Sat, 27 Jan 2024 14:31:52 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame CA6C 		27 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,&us_privacy=&cb=1706325896592&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwbz-tavnsz.net%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwbz-tavnsz.net%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2024-1-26%2017:24:57&ranreq=0.8568472730893668&timezone=-10&sua_br=[]&sua_mob=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:57 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://wbz-tavnsz.net
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame CA6C 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325897&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.36 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame A2D8 		159 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325894787,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:57 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
track
aktrack.pubmatic.com/ Frame 5005 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325896&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:57 GMT
content-length
0
content-type
text/html
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6531 		39 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325894787,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40015
content-encoding
gzip
content-length
14529
content-type
text/html
date
Sat, 27 Jan 2024 03:24:57 GMT
expires
Sat, 27 Jan 2024 14:31:52 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame A2D8 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325894787,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:57 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=40015
accept-ranges
bytes
content-length
14529
expires
Sat, 27 Jan 2024 14:31:52 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame A2D8 		27 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325894787,,&us_privacy=&cb=1706325897152&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwbz-tavnsz.net%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwbz-tavnsz.net%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2024-1-26%2017:24:57&ranreq=0.1684388339019216&timezone=-10&sua_br=[]&sua_mob=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325894787,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:57 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://wbz-tavnsz.net
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame A2D8 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325898&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.36 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
track
aktrack.pubmatic.com/ Frame 5005 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325896&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:57 GMT
content-length
0
content-type
text/html
i
vid-io-sin.springserve.com/vd/ Frame 5005 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-sin.springserve.com/vd/i?suuid=37890c76&ps_id=356921&event=js_opportunity&time_on_page=1&num_bq_pt=1&num_dt_pt=2&timestamp=1706325897685&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=faa589af-e0a6-4093-9f0a-d6a126a63af5.1706325894787&uuid=37890c76-aeed-4d3a-9591-841078c80d4d&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&a_cc=s.356921&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=4716265
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.125.59 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-125-59.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:57 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame 5005 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=37890c76&ps_id=356921&event=cm_js_demand_req_resp&a_cc=s.356921-d.1183021&dtidx=1&cc_i=0&response_time=16&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1706325897685&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=faa589af-e0a6-4093-9f0a-d6a126a63af5.1706325894787&uuid=37890c76-aeed-4d3a-9591-841078c80d4d&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=1499644
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:57 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-cle.springserve.com/vd/ Frame 5005 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=37890c76&ps_id=356921&event=js_demand_opportunity&a_cc=s.356921-d.1183021&dtidx=1&cc_i=0&response_time=0&creative_type=JS_VPAID&_t1=1&timestamp=1706325897685&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=faa589af-e0a6-4093-9f0a-d6a126a63af5.1706325894787&uuid=37890c76-aeed-4d3a-9591-841078c80d4d&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=3861506
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.246.194.225 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-246-194-225.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:57 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame 5005 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=37890c76&ps_id=356921&event=cm_js_demand_req_resp&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=36&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1706325897685&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=faa589af-e0a6-4093-9f0a-d6a126a63af5.1706325894787&uuid=37890c76-aeed-4d3a-9591-841078c80d4d&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=4745145
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:57 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-cle.springserve.com/vd/ Frame 5005 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=37890c76&ps_id=356921&event=js_demand_error&a_cc=s.356921-d.1183021&dtidx=1&cc_i=0&response_time=592&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1706325897685&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=faa589af-e0a6-4093-9f0a-d6a126a63af5.1706325894787&uuid=37890c76-aeed-4d3a-9591-841078c80d4d&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=554275
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.246.194.225 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-246-194-225.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:57 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame 5005 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=37890c76&ps_id=356921&event=js_demand_opportunity&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=0&creative_type=JS_VPAID&_t1=1&timestamp=1706325897685&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=faa589af-e0a6-4093-9f0a-d6a126a63af5.1706325894787&uuid=37890c76-aeed-4d3a-9591-841078c80d4d&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=8455196
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:57 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-sin.springserve.com/vd/ Frame 5005 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-sin.springserve.com/vd/i?suuid=37890c76&ps_id=356921&event=js_demand_error&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=561&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1706325897685&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=faa589af-e0a6-4093-9f0a-d6a126a63af5.1706325894787&uuid=37890c76-aeed-4d3a-9591-841078c80d4d&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=2151281
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.125.59 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-125-59.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:57 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame 5005 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=37890c76&ps_id=356921&event=js_supply_error&time_on_page=1172&reason=NO_FILL&timeout=false&timestamp=1706325897685&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=faa589af-e0a6-4093-9f0a-d6a126a63af5.1706325894787&uuid=37890c76-aeed-4d3a-9591-841078c80d4d&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&a_cc=s.356921&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=6978835
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:24:57 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 27 Jan 2024 03:24:57 GMT
server
nginx
t
t.lkqd.net/ Frame A476 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:57 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
ad
v.lkqd.net/ Frame 587C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1181913&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C64027%2C1%2C&c4=true&c5=&c6=64027&c10=&c11=true&c12=&c13=true&c14=&c15=true&rnd=65396890&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a809c48c0b079029948ecb3ef8a0dbc6dd8df6690880ec09e789b491f5829a0e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:58 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1445
vpaid.js
ad.lkqd.net/vpaid/ Frame 266F 		230 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.252.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.252.110.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
IktgKK_KJgLxSedeIEpHPiaaFUcsadbM
via
1.1 google
content-encoding
br
date
Thu, 04 Jan 2024 19:10:42 GMT
x-amz-request-id
476APBNJQQ3R1V1M
age
1930456
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57258
x-amz-id-2
p3uC/AaM/o90zq9/Clng77lZLO0wcy/XWxS2Fx8u8Yrk7UVdUreAvZTrRcul3C5YH6YyDFyDly4=
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
server
AmazonS3
etag
W/"88ca76abee51b1544e17b021f04aaaed"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=604800
accept-ranges
none
usync.html
ad.lkqd.net/cookie-sync/ Frame 6E0F 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.252.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.252.110.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
age
1815684
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=604800
content-encoding
br
content-length
1772
content-type
text/html
date
Sat, 06 Jan 2024 03:03:34 GMT
etag
W/"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 google
x-amz-id-2
L3LOmaJJVga2tk2X9AQfAwESA6eToYnwJFCBmMthhEVtyMCD8U/aFqIdkihDt7AooPQAoioCsVU=
x-amz-replication-status
COMPLETED
x-amz-request-id
CD9K3YB2GTBF13FA
x-amz-version-id
NI253OTV2M5oCpTwsHBLVZgCVbG2a6IX
ad
v.lkqd.net/ Frame 266F 		43 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1181913&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C64027%2C1%2C&c4=true&c5=&c6=64027&c10=&c11=true&c12=&c13=true&c14=&c15=true&rnd=65396890&m=&rtv=1&thost=wbz-tavnsz.net
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
22cf041e1526f16bfae87e8886a35990295a632a285cc9c60d009f05cdc7c1c2

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 27 Jan 2024 03:24:58 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4541
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1181913&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C64027%2C1%2C&c4=true&c5=&c6=64027&c10=&c11=true&c12=&c13=true&c14=&c15=true&rnd=65396890&m=&rtv=1&thost=wbz-tavnsz.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Sat, 27 Jan 2024 03:24:58 GMT
server
nginx
33787225
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 9478 		788 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/33787225?schain=1.0%2C1%21vidoomy.com%2C64027%2C1%2C16879230773564252349555180812,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
29cf40a666a2673b8b5668b1553fb9645db03661cf4422bd37aace1682f74b49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 03:24:58 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://wbz-tavnsz.net
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1706325898652009-281
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 9478 		28 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473012&zone_id=2804598&size_id=203&p_aso.video.protocols=2,5,3,6,7,8,11,12&p_aso.video.maxduration=250&p_aso.video.mimes=%22application/javascript%22,%22video/3gpp%22,%22video/mp4%22,%22video/webm%22,%22video/x-flv%22&p_aso.video.playbackmethod=2&p_aso.video.api=2,7,8,9&rp_schain=1.0,1!vidoomy.com,64001,1,[CACHEBUSTER],,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.228.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-228-57.compute-1.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
d06c733ba42b81cd66c7fcaabc75b51c59292cdbccdcfb6a88bf2b57d262047b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:58 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 9478 		803 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C64027%2C1%2C35642523495551808121544488207%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a98a958b8c0616c2202abdeb174747b1485b8382ba2deb34f0fc7dadca6ee97e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wbz-tavnsz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 03:24:58 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://wbz-tavnsz.net
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1706325898639071-317
t
t.lkqd.net/ Frame 2E5C 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:58 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
prebid
ib.adnxs.com/ut/v3/ Frame F698 		298 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
8748dd515b70822b76baa23b031e6186b0a6cbdb837b6573a052e34e2fbc00f7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:59 GMT
an-x-request-uuid
90e19116-af25-4b8c-aa0b-8363a6b3a755
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
298
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame F698 		296 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
d38eec8a99ba878db5cc52196253219fc649236693c9efc9817cde7fb0dd7c43
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:59 GMT
an-x-request-uuid
25facaac-cc2f-48cf-a4e7-60a9d5ae805f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
296
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame F698 		299 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
a72d2a5ed4614253019a16bbb65dc9cc3328ea83aa3bfa144121c94b7e20add8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:59 GMT
an-x-request-uuid
4810e353-57fa-4a88-9a78-51a8b593e511
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
299
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
exchange
ssc.33across.com/api/ 		141 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/exchange
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
cd82e3a9915fd443e2a7483301d21a4801798aebceb3ddcc73cdebce25963b50

Request headers

Referer
https://wbz-tavnsz.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 27 Jan 2024 03:24:59 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://wbz-tavnsz.net
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 27 Jan 2024 03:24:58 GMT
server
nginx
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 27 Jan 2024 03:24:59 GMT
server
nginx
t
t.lkqd.net/ Frame 2E5C 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:59 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame 266F 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_ef07200f.js
vpaid.springserve.com/production/ Frame D758 		530 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_ef07200f.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24d7:ee00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0483daadda3d2e4c229fdce8d1f649cf6ad4176299867d4e66d4748ed7513bac

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:08:40 GMT
content-encoding
gzip
via
1.1 a598fd731d305353a077e1766dac2884.cloudfront.net (CloudFront)
last-modified
Thu, 26 Oct 2023 22:19:09 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P3
age
526580
x-amz-server-side-encryption
AES256
etag
W/"bcb9a826fdf2c845d2e7400c960d5f69"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2678400
x-amz-cf-id
u6C_NwRi3G70hMme9LOrp0iyEQCEIkBvZks_ktuqZLjy44LsBuJNAQ==
t
t.lkqd.net/ Frame 2E5C 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:24:59 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 27 Jan 2024 03:24:59 GMT
server
nginx
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame D758 		964 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
379f28bf09d71dacef5e39ed6625b2cbe56408cb121cab128af45fab2c9d2b5b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:59 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
600
expires
Sat, 27 Jan 2024 03:24:59 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame D758 		979 B
844 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325898597,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ab4eef4f72754ff1d1df73ab69de8a8e25dceb5ee90c78504fbdd8d4155792d2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:24:59 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
608
expires
Sat, 27 Jan 2024 03:24:59 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame AAC8 		159 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325898597,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:59 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
showad.js
ads.pubmatic.com/AdServer/js/ Frame 253A 		39 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325898597,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40013
content-encoding
gzip
content-length
14529
content-type
text/html
date
Sat, 27 Jan 2024 03:24:59 GMT
expires
Sat, 27 Jan 2024 14:31:52 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame AAC8 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325898597,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:59 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=40013
accept-ranges
bytes
content-length
14529
expires
Sat, 27 Jan 2024 14:31:52 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame AAC8 		27 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325898597,,&us_privacy=&cb=1706325899415&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwbz-tavnsz.net%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwbz-tavnsz.net%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2024-1-26%2017:24:59&ranreq=0.14610352783825942&timezone=-10&sua_br=[]&sua_mob=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325898597,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:59 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://wbz-tavnsz.net
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame AAC8 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325900&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.36 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 27 Jan 2024 03:24:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 3BDB 		159 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:25:00 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
track
aktrack.pubmatic.com/ Frame D758 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325899&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:24:59 GMT
content-length
0
content-type
text/html
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3177 		39 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40012
content-encoding
gzip
content-length
14529
content-type
text/html
date
Sat, 27 Jan 2024 03:25:00 GMT
expires
Sat, 27 Jan 2024 14:31:52 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3BDB 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:25:00 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=40012
accept-ranges
bytes
content-length
14529
expires
Sat, 27 Jan 2024 14:31:52 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 3BDB 		27 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,&us_privacy=&cb=1706325900031&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwbz-tavnsz.net%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwbz-tavnsz.net%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2024-1-26%2017:25:0&ranreq=0.162658341226098&timezone=-10&sua_br=[]&sua_mob=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:25:00 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://wbz-tavnsz.net
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame 3BDB 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325901&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.36 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 27 Jan 2024 03:25:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
track
aktrack.pubmatic.com/ Frame D758 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325899&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:25:00 GMT
content-length
0
content-type
text/html
i
vid-io-iad.springserve.com/vd/ Frame D758 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=2b5eb6e1&ps_id=357265&event=js_opportunity&time_on_page=1&num_bq_pt=1&num_dt_pt=2&timestamp=1706325900731&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=dd74590d-7413-4119-942f-3747692352ac.1706325898597&uuid=2b5eb6e1-c2ee-4cc5-8282-e8286b113eb5&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&a_cc=s.357265&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=1585836
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:25:00 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-dub.springserve.com/vd/ Frame D758 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-dub.springserve.com/vd/i?suuid=2b5eb6e1&ps_id=357265&event=cm_js_demand_req_resp&a_cc=s.357265-d.437974&dtidx=1&cc_i=0&response_time=28&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1706325900731&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=dd74590d-7413-4119-942f-3747692352ac.1706325898597&uuid=2b5eb6e1-c2ee-4cc5-8282-e8286b113eb5&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=4651308
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.245.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-245-60.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:25:00 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame D758 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=2b5eb6e1&ps_id=357265&event=js_demand_opportunity&a_cc=s.357265-d.437974&dtidx=1&cc_i=0&response_time=0&creative_type=JS_VPAID&_t1=1&timestamp=1706325900731&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=dd74590d-7413-4119-942f-3747692352ac.1706325898597&uuid=2b5eb6e1-c2ee-4cc5-8282-e8286b113eb5&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=4853741
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:25:00 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-cle.springserve.com/vd/ Frame D758 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=2b5eb6e1&ps_id=357265&event=cm_js_demand_req_resp&a_cc=s.357265-d.1183021&dtidx=1&cc_i=0&response_time=46&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1706325900731&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=dd74590d-7413-4119-942f-3747692352ac.1706325898597&uuid=2b5eb6e1-c2ee-4cc5-8282-e8286b113eb5&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=9150752
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.246.194.225 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-246-194-225.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:25:00 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame D758 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=2b5eb6e1&ps_id=357265&event=js_demand_error&a_cc=s.357265-d.437974&dtidx=1&cc_i=0&response_time=590&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1706325900731&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=dd74590d-7413-4119-942f-3747692352ac.1706325898597&uuid=2b5eb6e1-c2ee-4cc5-8282-e8286b113eb5&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=1707521
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:25:00 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame D758 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=2b5eb6e1&ps_id=357265&event=js_demand_opportunity&a_cc=s.357265-d.1183021&dtidx=1&cc_i=0&response_time=1&creative_type=JS_VPAID&_t1=1&timestamp=1706325900731&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=dd74590d-7413-4119-942f-3747692352ac.1706325898597&uuid=2b5eb6e1-c2ee-4cc5-8282-e8286b113eb5&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=9521394
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:25:00 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-dub.springserve.com/vd/ Frame D758 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-dub.springserve.com/vd/i?suuid=2b5eb6e1&ps_id=357265&event=js_demand_error&a_cc=s.357265-d.1183021&dtidx=1&cc_i=0&response_time=754&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1706325900731&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=dd74590d-7413-4119-942f-3747692352ac.1706325898597&uuid=2b5eb6e1-c2ee-4cc5-8282-e8286b113eb5&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=7862382
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.245.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-245-60.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:25:00 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame D758 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=2b5eb6e1&ps_id=357265&event=js_supply_error&time_on_page=1374&reason=NO_FILL&timeout=false&timestamp=1706325900731&ip=5.181.234.133&_kvp=1&_disyn=1&ssid=dd74590d-7413-4119-942f-3747692352ac.1706325898597&uuid=2b5eb6e1-c2ee-4cc5-8282-e8286b113eb5&url=https%3A%2F%2Fwbz-tavnsz.net%2F&did=1b53fa5b-0c55-00ed-d6dd-7bd5abc27bb0&full_page_brasil=https%3A%2F%2Fwbz-tavnsz.net%2F&_rcc=bs.162387_vp.139523&d=wbz-tavnsz.net&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&a_cc=s.357265&d_m=wbz-tavnsz.net&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=481911
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.88.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-88-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 03:25:00 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
vpaid_ef07200f.js
vpaid.springserve.com/production/ Frame B692 		530 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_ef07200f.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24d7:ee00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0483daadda3d2e4c229fdce8d1f649cf6ad4176299867d4e66d4748ed7513bac

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:08:40 GMT
content-encoding
gzip
via
1.1 a598fd731d305353a077e1766dac2884.cloudfront.net (CloudFront)
last-modified
Thu, 26 Oct 2023 22:19:09 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P3
age
526581
x-amz-server-side-encryption
AES256
etag
W/"bcb9a826fdf2c845d2e7400c960d5f69"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2678400
x-amz-cf-id
h5m49jw-b4S5IVBcvVlVa_mjL2R5uDajyqGYiNmuVe0Rbav0mGi7lw==
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame B692 		979 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325898598,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c1a10a0c3b390629fcfd77b1cdfd93558fa6e0880fe76ec9363c8883ea5207ce

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:25:00 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
609
expires
Sat, 27 Jan 2024 03:25:00 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame B692 		964 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_ef07200f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d5324fdfaf4184309dc0b54d1818ea6a01794195b0633b92d669f62e7fd9bd0c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 03:25:00 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://wbz-tavnsz.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
599
expires
Sat, 27 Jan 2024 03:25:00 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 200C 		159 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325898598,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:25:00 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
t
t.lkqd.net/ Frame 2E5C 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://wbz-tavnsz.net
date
Sat, 27 Jan 2024 03:25:00 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wbz-tavnsz.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://wbz-tavnsz.net
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 27 Jan 2024 03:25:00 GMT
server
nginx
showad.js
ads.pubmatic.com/AdServer/js/ Frame 9CA5 		39 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325898598,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40012
content-encoding
gzip
content-length
14529
content-type
text/html
date
Sat, 27 Jan 2024 03:25:00 GMT
expires
Sat, 27 Jan 2024 14:31:52 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 200C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325898598,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:25:00 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=40012
accept-ranges
bytes
content-length
14529
expires
Sat, 27 Jan 2024 14:31:52 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 200C 		27 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325898598,,&us_privacy=&cb=1706325900956&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwbz-tavnsz.net%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwbz-tavnsz.net%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2024-1-26%2017:25:1&ranreq=0.21790455207453374&timezone=-10&sua_br=[]&sua_mob=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,1706325898598,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:25:01 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://wbz-tavnsz.net
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame 200C 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325902&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.36 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 27 Jan 2024 03:25:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame D314 		159 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:25:01 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
track
aktrack.pubmatic.com/ Frame B692 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1706325900&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:25:01 GMT
content-length
0
content-type
text/html
showad.js
ads.pubmatic.com/AdServer/js/ Frame 68C6 		39 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40011
content-encoding
gzip
content-length
14529
content-type
text/html
date
Sat, 27 Jan 2024 03:25:01 GMT
expires
Sat, 27 Jan 2024 14:31:52 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame D314 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwbz-tavnsz.net%2F&schain=1.0,1!vidoomy.com,64027,1,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:25:01 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=40011
accept-ranges
bytes
content-length
14529
expires
Sat, 27 Jan 2024 14:31:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.tidaltv.com
URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3162
Domain
gu.dyntrk.com
URL
https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=
Domain
sync.tidaltv.com
URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
Domain
mediazone.rtb.pixad.com.tr
URL
https://mediazone.rtb.pixad.com.tr/pb
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=9ed7d566-bcc3-11ee-9d27-bceb8ac44083
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir?partneruserid=AAG88U7LaO8AABO1UKlYcA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

222 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| MynetGlobal object| MYNET_MAIN_GLOBAL boolean| isPremiumUser object| visitor_subscriptions function| myChecker object| dataLayer object| WebFontConfig string| MynetObject function| mynetReady object| _sf_async_config number| _sf_startpt object| pbjs object| googletag object| MynetAds object| Criteo function| CriteoAdblock function| slugify function| refreshAd object| _newsroom object| _taboola object| bodyElement object| clickElements object| presitial function| setEvent object| sondakika object| videoWallData object| videoContainer number| videoContainerOffsetTop number| videoContainerHeight boolean| isVideoPlay boolean| isVideoPause object| observer object| videoListItems function| iframeVideoSetPause function| iframeVideoSetPlay object| signData object| mySigns function| fbs_click boolean| hasFocus object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_149 object| Criteo_149 object| ggeac object| google_tag_data object| google_js_reporting_queue object| _cb_shared undefined| google_measure_js_timing object| _cbm number| gWidth object| pbjsChunk object| _pbjsGlobals number| google_unique_id object| gaGlobal object| WebFont number| newsroomStartsLoadingTime object| tbNewsroom function| _typeof object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| google_tag_manager string| GoogleAnalyticsObject function| gapGlobal object| mynetChangeFinanceData object| _mynetLS undefined| dailyVisitCount undefined| specialForYouClickCount undefined| userPageViewCount undefined| userLastViewDate undefined| isSanaOzelView undefined| userAgent undefined| isApp undefined| windowWidth undefined| htmlTemplate function| overlayRemove function| clickSpecialForYou function| promotionClose function| isIE11 function| setIEWarning function| stickyOpenAppFunc number| scrollTimer function| scrollFinished object| preloadImages boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd boolean| _tb_vautop function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| gaplugins object| gaData function| onYouTubeIframeAPIReady object| placementData function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Ah object| _pm_mcg object| image string| nam boolean| _min_launcher_active object| _minUnifiedSessionToken10 object| _min_tv object| _tvp boolean| _editor_tv_loaded object| _min boolean| _minAlreadyLoaded object| GoogleGcLKhOms object| adpnExecutions object| aliveChecks boolean| adpnLoaded object| _33Across function| __uspapi object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| _tynt_jp number| ac object| lkqd object| tbopt number| _tynt_gpt_iframe_id object| google_image_requests

270 Cookies

Domain/Path Name / Value
.taboola.com/mynetnewtr-mynet/ Name: taboola_session_id
Value: v2_86ff096d1bf7dffbeab1ca4e70327222_a97e2e8f-df44-4563-ac9f-ac49f65f62eb-tuctcadfcf8_1706325880_1706325880_CIi3jgYQ4d1TGMraysfUMSABKAEw4QE4kaQOQJjyDkjDwNsDUIAEWABgAGibw5uko5yDwdIBcAE
map.go.affec.tv/map/ttd Name: oo
Value: 1
map.go.affec.tv/map/an Name: oo
Value: 1
i.liadm.com/s Name: _li_ss
Value: ChoKBgjSARCJFwoFCAwQkxcKCQj_____BxCTFw
i6.liadm.com/s Name: _li_ss
Value: CgA
.criteo.com/ Name: uid
Value: 4702a7c3-4a31-4856-b9d9-3ab63a55712b
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.rubiconproject.com/ Name: khaos
Value: LRVIDF5G-1Y-53O3
.wbz-tavnsz.net/ Name: _gid
Value: GA1.2.534304240.1706325880
apv-launcher.minute.ly/ Name: AWSALBCORS
Value: IOIxgvXooq3TBVlcJcanwQJ43M7gBM0CFNijrgqK08MHCN0OHDubyegziT3UEAGXwYwkWn9jC0ygEss14kxLEfBAsMgg56OzbgIcWB5zb3bqqaF44X5LdgZofhJf
.wbz-tavnsz.net/ Name: _gat_UA-72961156-1
Value: 1
.taboola.com/ Name: t_gid
Value: a97e2e8f-df44-4563-ac9f-ac49f65f62eb-tuctcadfcf8
.taboola.com/ Name: t_pt_gid
Value: a97e2e8f-df44-4563-ac9f-ac49f65f62eb-tuctcadfcf8
.wbz-tavnsz.net/ Name: _ga_4SD1QQV4KB
Value: GS1.1.1706325880.1.0.1706325880.60.0.0
.wbz-tavnsz.net/ Name: _ga
Value: GA1.1.267516988.1706325880
wbz-tavnsz.net/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Da97e2e8f-df44-4563-ac9f-ac49f65f62eb-tuctcadfcf8
.wbz-tavnsz.net/ Name: minUnifiedSessionToken10
Value: %7B%22sessionId%22%3A%229b828baa97-ffaa1cc34d-c933b4f072-9ffa0e6215-76ec6c5716%22%2C%22uid%22%3A%2253d2986837-db07181438-7437b7fe57-01d399cd22-f8892af0ae%22%2C%22__sidts__%22%3A1706325880334%2C%22__uidts__%22%3A1706325880334%7D
wbz-tavnsz.net/ Name: minVersion
Value: {"experiment":1171680397,"minFlavor":"Mynet Prod - Tags Updatemi-scraper-1.17.0.99.js100"}
.wbz-tavnsz.net/ Name: __gads
Value: ID=61adaafcd0f89351:T=1706325879:RT=1706325879:S=ALNI_MYYT4xoHRn0Ew4K67KwwZw9FH7Fug
.wbz-tavnsz.net/ Name: __gpi
Value: UID=00000a098b45138c:T=1706325879:RT=1706325879:S=ALNI_MYyMY7voGEMV7vv6zT_RppnhglA0g
.doubleclick.net/ Name: IDE
Value: AHWqTUlX3FO-EMJVaNIDzM5a5g2InX8O0gb0ZZNAbtun2VbMU8YCg68Di6gpOwttefY
.udmserve.net/ Name: udmts
Value: 1706325881.0
.udmserve.net/ Name: dt
Value: 58968A9E-0914-3E6B-8D6B-C1DA81AE2CFF
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: CMPS
Value: 5662
.scorecardresearch.com/ Name: UID
Value: 1E6f57dc7aa8247a25f94c71706325881
.casalemedia.com/ Name: CMID
Value: ZbR3ecQnBUX4gzpBRIBRpQAA
.casalemedia.com/ Name: CMPRO
Value: 5662
.bidswitch.net/ Name: tuuid
Value: 5520a5b8-4f14-47af-8167-705984949485
.bidswitch.net/ Name: c
Value: 1706325881
.bidswitch.net/ Name: tuuid_lu
Value: 1706325881
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: DQuphXWN1ECtQskc-dPmg9Y-lljWmYFl7h9nEO1ul2qwmY50_RIoS1vRoa55PbcFcSpTnffJeHVf11lWDrbNj6qVLgPeT42jThDfClBpvxA.
.adnxs.com/ Name: uuid2
Value: 5554114585976271850
.tynt.com/ Name: uid
Value: CoIKSWW0d3lnEWOeDWTzAg==
.ads.stickyadstv.com/ Name: UID
Value: 951a42e392669c4be6be0a44656433f
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: b24fc8fc-8b1d-531b-b0fb-873ed54ff047
.betweendigital.com/ Name: ss
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1706325881946%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1706325881946%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1706325881946%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1706325881946%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1706325881946%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1706325881946%7D%5D
.lkqd.net/ Name: lkqdidts
Value: 1706325882
.lkqd.net/ Name: lkqdid
Value: TK3fIZEzRKA
.lkqd.net/ Name: sr103
Value: 1||1706325882
.tapad.com/ Name: TapAd_TS
Value: 1706325882520
.tapad.com/ Name: TapAd_DID
Value: 7c557dde-d608-4ba1-a19b-be5a365c1632
.go.affec.tv/ Name: ck
Value: 65b4777a4c66c10001d8bb8a
.go.affec.tv/ Name: oo
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-db0e75fa-ac9f-585e-6b79-66f8c6a2ac98.7LkcQes3nUuml3cz6jSOz2Wus4thl6pW%2FjSsC6xOWyU
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-db0e75fa-ac9f-585e-6b79-66f8c6a2ac98.7LkcQes3nUuml3cz6jSOz2Wus4thl6pW%2FjSsC6xOWyU
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A2w51-qyfWF5reWb4xqKsmAW16oU.040tKWaktr%2BZ%2FaykV7I%2FPwO5NP%2B%2BbxgdKBa18PHZyL0
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A2w51-qyfWF5reWb4xqKsmAW16oU.040tKWaktr%2BZ%2FaykV7I%2FPwO5NP%2B%2BbxgdKBa18PHZyL0
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIACP0kVyoBj_SP9w6vvQv4Rnavk9L1eb4JeL0JNhZ5eTEHwYBCD67tGtBjABOgQ7vvenQgSO8t4u.jw4oKAkJ28BE%2BXw1zmoMMkdYC4h4HapNG0Gj%2BPnQW8M
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIACP0kVyoBj_SP9w6vvQv4Rnavk9L1eb4JeL0JNhZ5eTEHwYBCD67tGtBjABOgQ7vvenQgSO8t4u.jw4oKAkJ28BE%2BXw1zmoMMkdYC4h4HapNG0Gj%2BPnQW8M
.eyeota.net/ Name: mako_uid
Value: 18d48f2b6b9-26b00000010a59e6
.eyeota.net/ Name: SERVERID
Value: 23014~DM
.krushmedia.com/ Name: krm_r
Value: 57
.krushmedia.com/ Name: krm_usr
Value: 4d7615b4-be95-5d57-b504-b94b8d751387
.33across.com/ Name: 33x_ps
Value: u%3D212458785817304%3As1%3D1706325882552%3Ats%3D1706325882552
.lkqd.net/ Name: sr93
Value: 1|2w51-qyfWF5reWb4xqKsmAW16oU|1706325882
.lkqd.net/ Name: sr102
Value: 1|43f0b14c-94f8-5f2d-a463-f84ac04fbf2a|1706325882
.clientgear.com/ Name: mkuuid
Value: mkb8356a6879bb45c58c870d8881463eb9
.linkedin.com/ Name: li_sugr
Value: bcfd732b-b564-4b60-8804-acba379c52d9
.linkedin.com/ Name: bcookie
Value: "v=2&4a40dbe2-3b8f-4dee-8099-d367001b4f10"
.linkedin.com/ Name: lidc
Value: "b=OGST03:s=O:r=O:a=O:p=O:g=3110:u=1:x=1:i=1706325882:t=1706412282:v=2:sig=AQGPYNVw78uFXdyzSURVjTKxY7Q5OCsd"
.adsrvr.org/ Name: TDID
Value: ea18b846-2890-45b5-bb97-1db97e1acc8a
.turn.com/ Name: uid
Value: 7830607249730030491
.lkqd.net/ Name: sr94
Value: 1|7830607249730030491|1706325882
.go.affec.tv/ Name: pt
Value: eyJhbiI6eyJkdCI6MTcwNjMyNTg4MiwiaWQiOiI1NTU0MTE0NTg1OTc2MjcxODUwIiwibHMiOjE3MDYzMjU4ODJ9LCJ0dCI6eyJkdCI6MTcwNjMyNTg4MiwiaWQiOiJDb0lLU1dXMGQzbG5FV09lRFdUekFnPT0iLCJscyI6MTcwNjMyNTg4Mn0sInRkIjp7ImR0IjoxNzA2MzI1ODgyLCJpZCI6ImVhMThiODQ2LTI4OTAtNDViNS1iYjk3LTFkYjk3ZTFhY2M4YSIsImxzIjoxNzA2MzI1ODgyfSwidiI6MH0=|1706325882|e4c2362f68d0dac996af1e86304d83fecc6cbff5
.doubleclick.net/ Name: DSID
Value: NO_DATA
sic.33across.com/ Name: JSESSIONID
Value: dsic-001-chi~h5tjk67g-gsbsliuz-83vf9p8v-3hyjkinl
.3lift.com/ Name: tluid
Value: 2664641436242888384639
.yahoo.com/ Name: A3
Value: d=AQABBHp3tGUCEEBtgKq1iLw9wzMcPR_N0eoFEgEBAQHItWW-ZdxX0iMA_eMAAA&S=AQAAAg8b9RxPUczxU4_2lZQRIqI
.mathtag.com/ Name: uuid
Value: 3a8765b4-777a-4700-b6f1-8334dac4d9f0
.lkqd.net/ Name: sr6
Value: 1||1706325882
.lkqd.net/ Name: sr23
Value: 1||1706325882
.lkqd.net/ Name: sr25
Value: 1||1706325882
.lkqd.net/ Name: sr45
Value: 1||1706325882
.lkqd.net/ Name: sr55
Value: 1||1706325882
.lkqd.net/ Name: sr86
Value: 1||1706325882
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bkpa
Value: KJpEnXTLu5Dl1MzN+nEwEnWN1Mx01qDy+pYN1exlBMOHv6G+Lz6G0zNHv6g1uX7w+ED6Bp9pBMvNLe9Y917KeXz=
.bluekai.com/ Name: bku
Value: 4tL99col+sDWwfDk
.csync.loopme.me/ Name: viewer_token
Value: f13ff11e-70c9-48d5-9f0d-aff05ede43a5
.googleadservices.com/ Name: ar_debug
Value: 1
.krxd.net/ Name: _kuid_
Value: QD1uVbaq
.contextweb.com/ Name: V
Value: CxTYaqsNLmpX
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 46a3965a6bd7ead4
.lkqd.net/ Name: sr22
Value: 1|ea18b846-2890-45b5-bb97-1db97e1acc8a|1706325883
.lkqd.net/ Name: sr53
Value: 1|CxTYaqsNLmpX|1706325883
.lkqd.net/ Name: sr59
Value: 1|CAESEECs5P1_GZI5BvvvQ1zbK6k|1706325883
.lkqd.net/ Name: sr54
Value: 1|f13ff11e-70c9-48d5-9f0d-aff05ede43a5|1706325883
.lkqd.net/ Name: sr13
Value: 1|f13ff11e-70c9-48d5-9f0d-aff05ede43a5|1706325883
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrIwsDQ3NTYzMjAzNDezNDA2MxbiM9T1KPMK8jRKyowvN88AAOMl_7YlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrIwsDQ3NTYzMjAzNDezNDA2MxbiM9T1KPMK8jRKyowvN88AAOMl_7YlAAAA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZbR3ewAAX5lxcQBK
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_9cf28c52-bcc3-11ee-b38e-126da42bc963
.quantserve.com/ Name: mc
Value: 65b4777b-45d31-1935d-29111
.sabio.us/ Name: sbid
Value: 7290042619747241509
.lijit.com/ Name: ljt_reader
Value: IDysABZH09shtSIaQpS-Rf3s
.adhaven.com/ Name: uid
Value: 4c_ecdcfb41-5f05-4835-a680-1212fdf19aad
.lkqd.net/ Name: sr52
Value: 1|ZbR3ewAAX5lxcQBK|1706325883
.lkqd.net/ Name: sr76
Value: 1|v-_lWb7tsA-k7rIJuuuqXLDpsgmk6L5cuOuWxMOs|1706325883
.lkqd.net/ Name: sr39
Value: 1|7290042619747241509|1706325883
.bidr.io/ Name: bito
Value: AAG88U7LaO8AABO1UKlYcA
.bidr.io/ Name: bitoIsSecure
Value: ok
.lkqd.net/ Name: sr90
Value: 1|4c_ecdcfb41-5f05-4835-a680-1212fdf19aad|1706325883
.sitescout.com/ Name: ssi
Value: 0a28d24a-cf74-430f-bb09-6fcd90d36213#1706325883351
.lkqd.net/ Name: sr12
Value: 1|5520a5b8-4f14-47af-8167-705984949485|1706325883
.lkqd.net/ Name: sr80
Value: 1|AAG88U7LaO8AABO1UKlYcA|1706325883
.lkqd.net/ Name: sr43
Value: 1|5520a5b8-4f14-47af-8167-705984949485|1706325883
.lkqd.net/ Name: sr46
Value: 1|5520a5b8-4f14-47af-8167-705984949485|1706325883
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 432131=5822124
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pid
Value: 4027850678975933537
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1500031714%3B%24ql%3DUnknown%3B%24qt%3D152_0_0t%3B%24dma%3D501%3B%24qo%3D6&c=1&l=908530559&lo=-1530083348&lt=638419226832893807&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1500031714%3B%24ql%3DUnknown%3B%24qt%3D152_0_0t%3B%24dma%3D501%3B%24qo%3D6
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005%22%7D
.lkqd.net/ Name: sr7
Value: 1|RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005|1706325883
.lkqd.net/ Name: sr85
Value: 1|18072662067896561467|1706325883
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: fef5431877f1ef48862f4c1625d18c4a
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSEtNMzUxNrQwN08zTE0zsbAwM0ozSTY0MzJNMbRINklkAILULeXVIBoKAFa%2BCs4%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI3VJeDaSgAAAZmQIM"
.lkqd.net/ Name: sr97
Value: 1|0a28d24a-cf74-430f-bb09-6fcd90d36213-65b4777b-5553|1706325883
.yandex.ru/ Name: yandexuid
Value: 2809771921706325883
.wbz-tavnsz.net/ Name: cto_bidid
Value: 0reGgl9JV09CJTJCUmxQM0ZvbnBDeWRNdWFCd0RjejVPYXdGb0NIYnFyM2VHcU9JTFZTeXlVZzdlUHlkZzVqV3YlMkZud3NyVUlXU2VFSzVUdFNFYkRrUmlER1BDaHNlckhPYiUyRjBKSk0xc1E2ZGhWVDc3ZlQlMkJQJTJGTmp3cVJvZFRXc1B5MEhlaUo
.adnxs.com/ Name: icu
Value: ChgI4eY-EAoYASABKAEw--7RrQY4AUABSAEKGAjqqnEQChgBIAEoATD87tGtBjgBQAFIARD87tGtBhgB
.adnxs.com/ Name: anj
Value: dTM7k!M40]D>6NRF']wIg2In:rh+ye!]tb.8i_iqf!oN/@E'zz<*Z0Q.90XVKO9k)e4V.oCqzWR/iZ?WQf5nhrp4gWTD._*Pl[h>o'uTXn^*dj%Q2D_4Rm?/R:=cFu/@hc#([#<>w-/6eexYS
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxSVklERjVHLTFZLTUzTzMiLCJleHBpcmVzIjoiMjAyNC0wNC0yNlQwMzoyNDo0NFoifX0sImJpcnRoZGF5IjoiMjAyNC0wMS0yN1QwMzoyNDo0NFoifQ==
.sharethrough.com/ Name: stx_user_id
Value: 57406687-8359-414a-ba2e-983339914e7d
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: ef2ef9c7-b597-4329-934f-36941de273b9
.prebid.a-mo.net/ Name: sd_amuid2
Value: ef2ef9c7-b597-4329-934f-36941de273b9
.ipredictive.com/ Name: cu
Value: 9937cf25-d733-49e9-a224-fe71af373a0d|1706325884671
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.connatix.com/ Name: cnx_userId
Value: b39b1ae42c0946a087ca7ae349b368dc
cpm.programattik.com/ Name: DSP2F_94
Value: 5
cpm.programattik.com/ Name: DSP2F_53
Value: 8
cpm.programattik.com/ Name: SSPZ
Value: 924
.yandex.ru/ Name: yuidss
Value: 2809771921706325883
.amazon-adsystem.com/ Name: ad-id
Value: A52mlZdEXUIVvfUc7V5T65o
.bing.com/ Name: MUID
Value: 277E04142DA8661800B610072C2267AA
.pubmatic.com/ Name: PUBMDCID
Value: 2
.pubmatic.com/ Name: pp
Value: 156498
.pubmatic.com/ Name: PMDTSHR
Value: cat:
cpm.programattik.com/ Name: ADKUID
Value: T8292404068245487557
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 7A05A1EB-E839-419A-981D-8D23A8FF1E05
.analytics.yahoo.com/ Name: IDSYNC
Value: "190u~2ger:18z8~2ger"
.simpli.fi/ Name: suid
Value: E57B5237F775449FBB25A116396F8954
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-ea18b846-2890-45b5-bb97-1db97e1acc8a&KRTB&22918-ea18b846-2890-45b5-bb97-1db97e1acc8a&KRTB&22926-ea18b846-2890-45b5-bb97-1db97e1acc8a&KRTB&23031-ea18b846-2890-45b5-bb97-1db97e1acc8a
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5554114585976271850&KRTB&23339-5554114585976271850
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEAirZUZi-uraAcrnq-r_QKI&KRTB&23025-CAESEAirZUZi-uraAcrnq-r_QKI&KRTB&23386-CAESEAirZUZi-uraAcrnq-r_QKI
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:E57B5237F775449FBB25A116396F8954&KRTB&23486-uid:E57B5237F775449FBB25A116396F8954&KRTB&23489-uid:E57B5237F775449FBB25A116396F8954&KRTB&23539-uid:E57B5237F775449FBB25A116396F8954
.adgrx.com/ Name: ADGRX_UID
Value: 9ed7d566-bcc3-11ee-9d27-bceb8ac44083
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-2809753620617690363
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-2w51-qyfWF5reWb4xqKsmAW16oU&KRTB&23334-2w51-qyfWF5reWb4xqKsmAW16oU&KRTB&23417-2w51-qyfWF5reWb4xqKsmAW16oU&KRTB&23426-2w51-qyfWF5reWb4xqKsmAW16oU
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-oCZVl6EkAMG7JwLHpSIakq8gAse7IQ6SpyK-4HVe&KRTB&19420-oCZVl6EkAMG7JwLHpSIakq8gAse7IQ6SpyK-4HVe&KRTB&22979-oCZVl6EkAMG7JwLHpSIakq8gAse7IQ6SpyK-4HVe&KRTB&23462-oCZVl6EkAMG7JwLHpSIakq8gAse7IQ6SpyK-4HVe
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-9937cf25-d733-49e9-a224-fe71af373a0d&KRTB&23011-9937cf25-d733-49e9-a224-fe71af373a0d&KRTB&23355-9937cf25-d733-49e9-a224-fe71af373a0d
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwNjMyNTg4NzE2NCwiMzkiOjE3MDYzMjU4ODMzNjksIjciOjE3MDYzMjU4ODMzNjksIjc1IjoxNzA2MzI1ODgzMzY5fQ
.deepintent.com/ Name: CDIUSER
Value: di_0dd1033260c04e41befde
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220240127%22%7D
.dotomi.com/ Name: DotomiTest
Value: 1f5742648788243b
.tribalfusion.com/ Name: ANON_ID
Value: aJnvYxp26Ua8e4OCaUoUxP1X9ZacNQyDSUWEanD4d7mXT3HG4QpjaICGSfmFa7v4428TfU6cZdCWZbTaDXOfiBmvCTN3xEveWL03o5rZcSZaGVZbIBQIRM
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:3a8765b4-777a-4700-b6f1-8334dac4d9f0
.pubmatic.com/ Name: KRTBCOOKIE_964
Value: 20918-cuid_9cf28c52-bcc3-11ee-b38e-126da42bc963&KRTB&23354-cuid_9cf28c52-bcc3-11ee-b38e-126da42bc963&KRTB&23415-cuid_9cf28c52-bcc3-11ee-b38e-126da42bc963&KRTB&23542-cuid_9cf28c52-bcc3-11ee-b38e-126da42bc963
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-0a28d24a-cf74-430f-bb09-6fcd90d36213-65b4777b-5553&KRTB&23418-0a28d24a-cf74-430f-bb09-6fcd90d36213-65b4777b-5553
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7830607249730030491&KRTB&23150-7830607249730030491&KRTB&23527-7830607249730030491
.mxptint.net/ Name: mxpim
Value: R33646_10FECF050_A65EACC2.1.000000000000000065B4777F
.acuityplatform.com/ Name: auid
Value: 881709339909
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRlIeLEemmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUZSHixHpo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.openx.net/ Name: i
Value: e474499c-4a69-481f-afb2-b0573b01c628|1706325887
.ctnsnet.com/ Name: cid_58374382ee7649bb880130c636a2b16e
Value: 1
.creativecdn.com/ Name: g
Value: 0yGOpJYZWlKhy8MoSHWI_1706325887207
.creativecdn.com/ Name: ts
Value: 1706325887
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-881709339909&KRTB&23428-881709339909
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33646_10FECF050_A65EACC2&KRTB&23092-R33646_10FECF050_A65EACC2
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAACcDz2cVEWJQN6pBHbAAAAAAA&KRTB&22713-AAACcDz2cVEWJQN6pBHbAAAAAAA&KRTB&22715-AAACcDz2cVEWJQN6pBHbAAAAAAA&KRTB&23519-AAACcDz2cVEWJQN6pBHbAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-2b264bda-1995-43f9-82fb-d30181d4ae55&KRTB&23340-2b264bda-1995-43f9-82fb-d30181d4ae55&KRTB&23498-2b264bda-1995-43f9-82fb-d30181d4ae55
.bfmio.com/ Name: __187_cid
Value: 7A05A1EB-E839-419A-981D-8D23A8FF1E05
.bfmio.com/ Name: __io_cid
Value: d9114a054ae2c83174ad8735fbc9d3ca13f2a4aa
.kargo.com/ Name: ktcid
Value: 23a2fe59-32f2-099c-54aa-68dab4ca6e89
.thrtle.com/ Name: mc
Value: eyJpZCI6ImM5YWIwZDg1LWZkNTctNGU1OS05MWM3LTg1YTNiNDk5ZjQ5MiIsImwiOjE3MDYzMjU4ODcyNTksInQiOjF9
.w55c.net/ Name: wfivefivec
Value: AkhEhhiT1Rtzjh5
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: matchpubmatic
Value: 5
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 6b4c6b50-cead-48f4-9745-37e06019d35f
beacon.lynx.cognitivlabs.com/ Name: ss
Value: AHPlWw0CGBL%2F4REdnKK7nWyOGmsQyMoHEsBTzzf5x6IYzOQ81EDO6M%2BZrbjecShHFfWxH7E7NWSLsuPps1777w%3D%3D
.adform.net/ Name: uid
Value: 481039510169595972
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:AkhEhhiT1Rtzjh5&KRTB&23421-uid:AkhEhhiT1Rtzjh5
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005&KRTB&17107-RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005
.richaudience.com/ Name: pdid
Value: 60aa20a9-e486-49a7-826c-1zz1706325785
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-481039510169595972&KRTB&23263-481039510169595972&KRTB&23481-481039510169595972
.demdex.net/ Name: demdex
Value: 42104034399028679712155648240527062714
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7596122872025351995P
.owneriq.net/ Name: pmc
Value: 1
.dpm.demdex.net/ Name: dpm
Value: 42104034399028679712155648240527062714
ads.adlook.me/ Name: adlm_userId
Value: e7931392255b4d1eb5817ada86475dab
ads.adlook.me/ Name: adlk_cmatch
Value: btw%3Ab24fc8fc-8b1d-531b-b0fb-873ed54ff047
.pubmatic.com/ Name: KRTBCOOKIE_632
Value: 23041-GxYHZq_DnYR8peAn_851_xrMe7PO2nbX7azw4MAivjA&KRTB&23047-GxYHZq_DnYR8peAn_851_xrMe7PO2nbX7azw4MAivjA&KRTB&23234-GxYHZq_DnYR8peAn_851_xrMe7PO2nbX7azw4MAivjA&KRTB&23361-GxYHZq_DnYR8peAn_851_xrMe7PO2nbX7azw4MAivjA
.pubmatic.com/ Name: PugT
Value: 1706325887
.adx.opera.com/ Name: UID
Value: OPU8bf0252287024404b335b3ba67fa6f9d
.richaudience.com/ Name: raibs
Value: 1
.adhigh.net/ Name: gi_u
Value: gRgb5CTQoW0.AikABlGNSPLJcg
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!651-2!651-3!651
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU8bf0252287024404b335b3ba67fa6f9d&KRTB&23485-OPU8bf0252287024404b335b3ba67fa6f9d&KRTB&23524-OPU8bf0252287024404b335b3ba67fa6f9d
pool.admedo.com/ Name: tuuid
Value: 0720d1d8-a8b6-4457-9ba7-7cfe8ceb61a0
pool.admedo.com/ Name: c
Value: 1706325887
pool.admedo.com/ Name: tuuid_lu
Value: 1706325887
.adhigh.net/ Name: btw_sync
Value: L7Cf
.richaudience.com/ Name: avcid-ttd-uid
Value: ea18b846-2890-45b5-bb97-1db97e1acc8a
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-5520a5b8-4f14-47af-8167-705984949485
.server.cpmstar.com/ Name: USER_ID
Value: %8d%8b%10o%c3%7c%af%8c%edhOa%d9%f6%f5
.c.appier.net/ Name: _auid
Value: _POTYpxSAz2mj1OEf3e0ZQ
.smaato.net/ Name: SCM
Value: 7e92928104
.smaato.net/ Name: SCMsas
Value: 7e92928104
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IkxSVklERjVHLTFZLTUzTzMiLCJleHBpcmVzIjoxNzA4OTE3ODg3fX19
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 23554-_POTYpxSAz2mj1OEf3e0ZQ&KRTB&23557-_POTYpxSAz2mj1OEf3e0ZQ
.admanmedia.com/ Name: ac_r
Value: CS159
.id5-sync.com/ Name: id5
Value: 63ea478c-3b7d-7748-a799-6fe7247d9787#1706325885868#3
.rubiconproject.com/ Name: audit
Value: 1|tcR/wBEzWcLQYJOgSH8xDFMG4C6D/t+3x5H4/Al95QV1n8s9Vhf95jCA9gV4B0tqdHUIGMBJLsc9oKjcm46TqOBxGCOXoSK1wDXllotuCB6yqVI1k5poNA==
.admanmedia.com/ Name: admtr
Value: 5b7e0147-082c-4b5d-92cf-2fe7fb610a19
.quantserve.com/ Name: d
Value: EBABGQGAK_ijCP_8EJuowQA
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCOrW7Z-xvM88EAUSFwoIcHVibWF0aWMSCwjcy9izsbzPPBAFGAEgASgCMgsI_OqQ8se8zzwQBTgBWgc4aDl1MTFoYAI.
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1pcm|7GB.0.1|7dN.0.AAG88U7LaO8AABO1UKlYcA
.zemanta.com/ Name: zuid
Value: nmeEaVjnU38KmSVrV-bu
.richaudience.com/ Name: avcid-bsw-uid
Value: 5520a5b8-4f14-47af-8167-705984949485
.richaudience.com/ Name: avcid-adf-uid
Value: 481039510169595972
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmBmbGRqYWFuaGy4igXBtzAyMAEAPkE2nSAAAAA
.omnitagjs.com/ Name: ayl_visitor
Value: 323ac30330a93ceb331e0fd5eb382862
.rqtrk.eu/ Name: browser_id
Value: 1:f769ae62-aa89-408c-af0d-7179ea057677
.adotmob.com/ Name: uid
Value: 0a16220400d2b5865bd61592
.adotmob.com/ Name: uuid
Value: 0a16220400d2b5865bd61592
.adotmob.com/ Name: partners
Value: SMA%3A1706325888246
.richaudience.com/ Name: avcid-rub-uid
Value: LRVIDF5G-1Y-53O3
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005%22%2C%22nxtrdr%22%3Afalse%7D
.adfarm1.adition.com/ Name: UserID1
Value: 7328613885282941086
.audrte.com/ Name: arcki2
Value: 2gaGcgYDIxFTzikd-tURhXyHA!20220908!1706325888447!ip#5.181.234.133
.semasio.net/ Name: SEUNCY
Value: B86DEE7BEC4EECF0
.audrte.com/ Name: arcki2_ddp2
Value: 2gaGcgYDIxFTzikd-tURhXyHA!20220908!1706325888591
.audrte.com/ Name: arcki2_adform
Value: 481039510169595972!20220908!1706325888717
.audrte.com/ Name: arcki2_smart
Value: 4027850678975933537!20220908!1706325888939
.w55c.net/ Name: matchid5
Value: 5
.id5-sync.com/ Name: 3pi
Value: 112#1706325888630#-306335226#B86DEE7BEC4EECF0|2#1706325887328#1056402658#5554114585976271850|163#1706325889080#-2083341474|102#1706325887206#-1240200526|264#1706325888006#1722724709#ea18b846-2890-45b5-bb97-1db97e1acc8a|104#1706325888968#-412483315#5520a5b8-4f14-47af-8167-705984949485|10#1706325888751#135338508#481039510169595972|155#1706325887474#844804670#AAG88U7LaO8AABO1UKlYcA|123#1706325888245#-1583880914
.pubmatic.com/ Name: SPugT
Value: 1706325889
.pubmatic.com/ Name: SyncRTB3
Value: 1708905600%3A224%7C1707609600%3A35%7C1707523200%3A56_214_266_55_220_48_240_264_71_21_165_176_22_8_250_3_96_54_46_7_81_231_233_249_13_243_166_99_238_5_234_178_104%7C1707177600%3A63%7C1711497600%3A69%7C1706918400%3A223_38_2_15
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
sync-dmp.mobtrakk.com/ Name: pid
Value: NDYxM2MxNDA0NzQ0YTA2YQ
.rlcdn.com/ Name: rlas3
Value: AGj83cZJgDXz6hw6V94ILToBX53qAcKDPv+HUYtrWIw=
.rlcdn.com/ Name: pxrc
Value: CIHv0a0GEgUI6EcQAA==
.pippio.com/ Name: did
Value: 9aUtC_WiQ7J-xS72
.pippio.com/ Name: didts
Value: 1706325889
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CIHv0a0GEgYIgr0rEAA=
.smartadserver.com/ Name: csync
Value: 31:5520a5b8-4f14-47af-8167-705984949485|49:7328613885283858585|113:RX-6db02d9c-30dd-4c5d-9287-813b93805cd3-005|133:7e92928104|139:0|141:2gaGcgYDIxFTzikd-tURhXyHA
.adsby.bidtheatre.com/ Name: __kuid
Value: b5cd31c0-6b62-4732-961f-d87a56fbf45a.475539889
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: DPSync3
Value: 1706918400%3A265_253_252%7C1707523200%3A256_261_258_245_201_259_236_262_263_260%7C1707350400%3A257%7C1706400000%3A248_255
.betweendigital.com/ Name: ut
Value: ZbR3ggADX0jOlkB28tGayvQKoJY1CBUd5VWDVA==
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1706347490231
.liadm.com/ Name: lidid
Value: a221e901-8812-4609-91e3-12008b376dd4
io.narrative.io/ Name: io.narrative.guid.v2
Value: a1205780-bcc3-11ee-b039-16c962239a11
.smaato.net/ Name: SCMv
Value: 7e92928104
.lkqd.net/ Name: sr109
Value: 1|7e92928104|1706325890
.criteo.com/ Name: partitioned_bundle
Value: mBz-s19TMmVDQXpNQVg5Z3A4Y1QlMkZ2VzFFdk5VV2Y0SUhCRjJQNkpOY0VwbllBaGZHJTJCMmNwTndubkNxWXByRTJmVUtlcXVLenNvaFhZQkhlZUhiTW9SRlRzbEZlWng4UTZCWDNmSVRQVEJpaGM2dWdIQTVOWTA4M3k0S1hnTlVqNFJJcUNxbU1NVDU0c0tBT3RyY1psMk00NDNFMCUyQjdtaUtQJTJGNDhtRm16aG94bFZyRWU5VGFHUFFuMHBrS2xENUVJJTJCbk5v
.wbz-tavnsz.net/ Name: cto_bundle
Value: mJ2Otl9TMmVDQXpNQVg5Z3A4Y1QlMkZ2VzFFdk5VV2Y0SUhCRjJQNkpOY0VwbllBaGZHJTJCMmNwTndubkNxWXByRTJmVUtlcXVLenNvaFhZQkhlZUhiTW9SRlRzbEZlWng4UTZCWDNmSVRQVEJpaGM2dWdIQTVOWTA4M3k0S1hnTlVqNFJJcUNsVHFreWR4WTBBeCUyQjVmb2NtZjVyWUElM0QlM0Q

11 Console Messages

Source Level URL
Text
network error URL: https://udmserve.net/udm/img.fetch?sid=14018;tid=1;dt=6;
Message:
Failed to load resource: the server responded with a status of 412 (Precondition Failed)
network error URL: https://udmserve.net/udm/img.fetch?sid=14018;tid=1;dt=6;
Message:
Failed to load resource: the server responded with a status of 412 (Precondition Failed)
network error URL: https://udmserve.net/udm/img.fetch?sid=14018;tid=1;dt=6;
Message:
Failed to load resource: the server responded with a status of 412 (Precondition Failed)
network error URL: https://udmserve.net/udm/img.fetch?sid=14018;tid=1;dt=6;
Message:
Failed to load resource: the server responded with a status of 412 (Precondition Failed)
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3162
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://bs.yandex.ru/prebid/2591347?imp-id=1&target-ref=wbz-tavnsz.net&ssp-id=10500&ssp-cur=TRY
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bs.yandex.ru/prebid/2591347?imp-id=2&target-ref=wbz-tavnsz.net&ssp-id=10500&ssp-cur=TRY
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%207A05A1EB-E839-419A-981D-8D23A8FF1E05&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://id5-sync.com/k/264.gif?puid=ea18b846-2890-45b5-bb97-1db97e1acc8a&ttl=%%TTL%%
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20cfee68952ad1854658d6f70f9e7502.safeframe.googlesyndication.com
33across-match.dotomi.com
a.audrte.com
a.tribalfusion.com
a.vidoomy.com
aax-eu.amazon-adsystem.com
acdn.adnxs-simple.com
acdn.adnxs.com
ad.doubleclick.net
ad.lkqd.net
ad.mrtnsvr.com
ad.turn.com
ade.googlesyndication.com
adl.mynetreklam.com
ads.adlook.me
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
adsdk.microsoft.com
adx.adform.net
adx2.adform.net
ajax.googleapis.com
aktrack.pubmatic.com
an.yandex.ru
analytics.google.com
ap.lijit.com
apv-launcher.minute.ly
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bpi.rtactivate.com
bs.yandex.ru
c.amazon-adsystem.com
c1.adform.net
c2.taboola.com
capi.connatix.com
cdn-sic.33across.com
cdn.adnxs.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.taboola.com
cdn.tynt.com
ch-trc-events.taboola.com
choices.trustarc.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
core.iprom.net
counter.snackly.co
cpm.programattik.com
crb.kargo.com
creativecdn.com
cs.admanmedia.com
cs.krushmedia.com
cs.lkqd.net
csync.loopme.me
d.turn.com
dcdn.adnxs.com
de.tynt.com
dis.criteo.com
dmp.adform.net
dp1.33across.com
dp2.33across.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
event.clientgear.com
events-ssc.33across.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gocm.c.appier.net
googleads.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hb.adpone.com
hbopenbid.pubmatic.com
i.clean.gg
i.liadm.com
i6.liadm.com
ib.adnxs.com
ic.tynt.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img7.mynet.com
img7.mynet.com.tr
imgmyntv.mynet.com
imgrosetta.mynet.com.tr
io.narrative.io
ipac.ctnsnet.com
lb.eu-1-id5-sync.com
mab.chartbeat.com
map.go.affec.tv
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
media.sabio.us
mediazone.rtb.pixad.com.tr
mts0.google.com
mug.criteo.com
nr-events.taboola.com
nxd.adhaven.com
nym1-ib.adnxs.com
optimized-by.rubiconproject.com
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm-widget.taboola.com
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prg.smartadserver.com
ps.eyeota.net
pubmatic-match.dotomi.com
px.adhigh.net
px.ads.linkedin.com
px.owneriq.net
r.bidswitch.net
redcarpat.com
rt.marphezis.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.openx.net
rtb.programattik.com
s.ad.smaato.net
s.amazon-adsystem.com
s.mynet.com.tr
s.richaudience.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
sc.tynt.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
server.cpmstar.com
shb.richaudience.com
sic.33across.com
simage2.pubmatic.com
simage4.pubmatic.com
snippet.minute.ly
ssc-cms.33across.com
ssc.33across.com
ssp-service.pixad.com.tr
ssum-sec.casalemedia.com
st.pubmatic.com
static.cdn.pixad.com.tr
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
sync-dmp.mobtrakk.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.bfmio.com
sync.crwdcntrl.net
sync.dmp.otm-r.com
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
t.lkqd.net
tags.bluekai.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
trc.taboola.com
udmserve.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
usermatch.krxd.net
v.lkqd.net
vid-io-cle.springserve.com
vid-io-dub.springserve.com
vid-io-iad.springserve.com
vid-io-sin.springserve.com
vid.pubmatic.com
vid.vidoomy.com
visitor.omnitagjs.com
vpaid.pubmatic.com
vpaid.springserve.com
vpaid.vidoomy.com
wbz-tavnsz.net
windsplay.com
wt.rqtrk.eu
www.bing.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ad.mrtnsvr.com
ads.pubmatic.com
gu.dyntrk.com
mediazone.rtb.pixad.com.tr
rtb-csync.smartadserver.com
simage2.pubmatic.com
sync.tidaltv.com
104.18.34.83
104.18.41.104
104.36.115.111
104.36.115.113
107.178.254.65
108.139.15.86
108.156.152.115
131.153.168.132
134.122.57.34
135.148.55.194
141.226.124.48
141.95.98.65
142.250.80.2
142.251.32.98
142.251.40.198
142.251.41.2
147.135.119.115
147.28.129.37
151.101.129.44
151.101.130.49
151.101.193.108
151.101.193.44
159.69.72.5
162.19.138.119
162.248.18.34
162.248.18.36
162.248.18.37
168.119.72.236
169.197.150.8
172.105.220.23
172.240.127.128
172.64.151.101
172.64.152.89
176.122.21.139
178.128.135.204
18.160.60.23
18.160.83.5
18.214.54.215
18.235.96.255
18.246.194.225
184.86.146.172
185.167.164.43
185.167.164.49
185.184.8.90
193.232.148.141
195.142.105.15
195.244.31.10
195.5.165.20
198.148.27.131
199.232.211.52
199.38.167.131
2001:4860:4802:32::181
207.198.113.87
208.115.232.150
212.36.83.245
216.137.45.118
216.200.232.253
23.56.162.249
23.56.163.106
23.56.163.14
23.62.105.110
23.66.169.40
23.83.76.89
23.88.86.2
2600:1f18:4e9:5a05:efc0:d7f0:30f1:7edd
2600:1f18:ed:550f:6f5e:c54f:5770:5695
2600:9000:24d7:ee00:15:6f6c:b180:93a1
2600:9000:24ff:fa00:18:1fcd:353:c61
2600:9000:269e:ec00:1b:5138:8a40:93a1
2602:803:c002:200::32
2606:4700:10::6816:49ae
2606:4700:20::681a:658
2606:4700:20::681a:b19
2606:4700:20::ac43:48f0
2606:4700:20::ac43:4a93
2606:4700:3034::ac43:d132
2606:4700::6812:19ad
2606:ae80:1471:11::440
2607:f8b0:4004:c08::9d
2607:f8b0:4006:807::2002
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::2004
2607:f8b0:4006:817::2001
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81e::200e
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::2006
2607:f8b0:4006:821::2001
2607:f8b0:4006:821::200a
2607:f8b0:4006:823::200a
2607:f8b0:4006:824::2001
2607:f8b0:4006:824::2008
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
2620:1ec:48:1::40
2620:1ec:c11::200
2a02:6b8::90
2a02:6ea0:c400::11
2a02:6ea0:c400::12
2a04:4e42::485
2a04:4e42::714
3.1.125.59
3.133.85.98
3.161.150.40
3.209.233.220
3.219.123.12
3.227.88.109
3.33.220.150
34.107.184.81
34.110.252.168
34.111.113.62
34.117.239.71
34.149.20.76
34.197.147.123
34.199.67.71
34.200.65.202
34.202.222.101
34.233.39.191
34.95.69.49
35.186.193.173
35.186.253.211
35.194.66.159
35.210.53.219
35.211.118.13
35.211.178.172
35.214.175.163
35.244.154.8
35.244.159.8
37.157.2.229
37.157.2.230
38.98.69.175
40.76.134.238
44.195.106.99
44.208.159.189
45.137.176.88
47.252.78.131
5.161.187.67
50.19.82.102
50.57.31.206
51.222.241.100
52.16.166.255
52.2.244.166
52.223.22.214
52.46.143.56
52.71.187.23
52.71.57.44
52.87.109.38
52.94.223.37
54.145.121.220
54.163.145.250
54.172.228.57
54.194.245.60
54.197.121.110
54.205.114.77
54.83.168.181
54.86.26.94
63.251.28.234
64.31.24.174
67.202.105.22
67.202.105.23
67.202.105.34
68.67.160.75
68.67.161.182
68.71.249.118
69.173.151.100
69.173.151.96
69.194.240.13
69.20.43.192
69.90.254.78
70.42.32.31
74.119.119.139
74.119.119.150
8.2.110.134
8.28.7.79
8.43.72.97
80.77.87.161
82.145.213.8
85.111.6.48
85.111.6.50
85.114.159.93
0109081dce9108ac53720abf6934457dd2f80c7ce1161c6d843c5d92a9f910b0
0390e9862fadc96ca99eb73e69e26ffa9fdcb9d4fc3335087ae563e77183ac3c
03f176d100a509e97621f940aad0d2a6daabe13037d2d10dfef03d69e0c92753
045888aa0edf3fa12417fb977511f0f5e36b2242aab412075c7d745d747712fd
0483daadda3d2e4c229fdce8d1f649cf6ad4176299867d4e66d4748ed7513bac
053af35daeecf01efcd97a28c8db7ead089ef31131786d4af3c23ee4dd5dd338
053cf97ba2428be75b9a9ba980e6e2ba54c7b8320d321559e2282743b071c986
062e7c29b1c3e36f8684e7e298346efe23cd760daf282103361b0645d843c686
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
075c19e8bfd08072fcfe14dddd4fde1d69737880192e0ef05ab111105c72c9aa
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08aa3dda4bcfb433e10503b42f453a34aa9cf7328a03bae21986343bd4a93fcd
09aa176404e29bff9a0ec1b4862ea7a62f1a86bb1e7a045f141a46b8d809f675
0b2a316f7137cd3a66d8138a29ddd82ae0b2cd60d420b179640645f29bd0b0ab
0b3cb59a25f05b0280818127f46f01ac0f9ae22c8a5a9ecdac9b4c6e30b9f35e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba8dd1271630b11abc53a8aafbbc2ad15402ca40a99ce1749e4a6ddd0d32805
0baf7a1da813741aa38fdb6d0b3acdfef3cf087257e94c92b2837fea94089f96
0c17cb36d6e7dab8669bfc0c92545308cb383d775b8c1a8edc5ead84345cc661
0f4a047d2d4276ef16799a4ae590d3753bfe740c307f81df0a1b1d667c40b736
0f613e1c7aa6e5d33b8709293844dcae58b9fc0ace76bf910aa77dbe12453a20
0f7c4eab2553dbf1bfc43da6223b5d1417242b7f4e428c41659b4dfa6bb09eb3
10ba7c8224185ada0f937fbd23c885e41b01d268a4b18f89171cc53d5a0be333
1394c05c578e2ce3d2f09e3c335da4e88cc950a2bb93b9db7afa732c4330face
140568a4319a4d3668bde04f2c02dd99e614d94606e7805bdd22b04cee0025f5
1408a82786c2cfe9bc7edc6d3bfee3243ca994b47abd64b9f1020af9683a0eb7
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
14240ce58e4a8c0a5ccb80529d63f0f6b3ff40ffde43e6c3ec6bec4e95d966b0
161a31dcb0aeb9a6e179b5d22e783590e948a918e580a50e6c83f7652c0d6c23
16519f02cd04c7d61dd738385238629dd5d90a7137468c88bfd31c4ea8c77fb9
17a3413d639a5a535f4d66dd33249f5e286177e086e752eed8222f10cc809569
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18a840c1cbe2c8666325ff8f5c12484ec8e79cbcb5ec861ecfd72bda6f953230
18abd7644b1f571904abefaa48a1b70e44fc18cd99cf278056a6b24c762a3a99
1987b8161006317895c30c4064d3dee5e9f8fd77c19f4f5652c3e574cd508c8f
1a15b9f9cdecef5ac547b83ba2a25604adce447ed6bc62945b4c6111eeff9f86
1a8635c7077b20e45b38d58f63b6562a47630e137c0e2c68b5b31611a8524a15
1ab7836fb485ac3e6c58b81a8a0fa51bcc68f25da92b87885ea77898a3669a03
1bac21d2a029df774b4b60e379e8b80407a6654038997af8e9fe572ed363e16c
1d62470abcbb79765f7d5451ba0bbc27696e360ef607e3e1a31ef24e94e85b66
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
1f4fd9ad329677ab75a20d16e52912e93faec9b6ef732e8a1fcfd4cca8bd6085
1fb5461062b4e4a15fe380e40e97be274d1f0ae71e111cafce959a9412b796bd
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
21964db47a16930f55f7439b2a9b4e3397898a588e594a4f4acff52d3c0f89a2
21c4a40c93e36ba2a5e2a2150ad3e2c1284c46800ff323ae3d7de67736f8c4e9
22cf041e1526f16bfae87e8886a35990295a632a285cc9c60d009f05cdc7c1c2
24d69ea234223aad8f23712bc26cce41772e17c19f1fa149fc625f20cf0dc3d5
24ddcbd452f49bcf5352c50cdd7cb55e451741b97da80ef6463dbad2db99de0f
273bd41dde068f207f6496bf08063353f3728e08f0f1cb4f149c5bcf020aa9f6
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
290f87df1e9a62e2fe6feed98d939d3f5ef0b69ae5f2349391e383c319209df5
29cf40a666a2673b8b5668b1553fb9645db03661cf4422bd37aace1682f74b49
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b4bba8870cf94fc31ed157c03fa8f9c13620e2f15cc6a7d26251c8558627441
2b68f66c6ab686c34982023db84e89448ef7263afc42aa9e24d9df37ed964e89
2dc1e68c13c864d9d83effe504c6cc2a4b7cc56794368478cd092b18322bc7bd
2de6e01fba69a95d6526545d083344d7aea6e005e7ce4b0d84f1d084cb1857af
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eec5afb214dfaa8b0d71e0a4f96527842db15f908120e94fe6d74fbb6f3d939
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775
2f80a00ca15d89e26e2ea5b1b2726a75c24c86f4c648bfbc2c61eec52617c4b3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
32b8fd285a050ceafc09d599dd63d9ac7c813a67ba5e5f07b3a28e861d05124c
330ac8eedc1311969de6292480e2810d201c8f067b303f19b944ee881eb557c2
34763cea16553d52221f7a1fd359da3dd9794ac0c4a728af6ab053eb8e2f5275
351c1c3d5c2adb66b7e287b1b9e9ea8ae2a7346aaf1e8d458c7fd52f5cf169ba
35953b4bac82e85cb8906b0cc4c3c01d457109a9ba529a2fe0439418780c14c9
36726fd194e9e08908bb49a382c3fe0b70ee41d480b09869b5aa70c81fcabe7f
367ad7f3579c263a3474b190cf27adecf9b82dcbc668b8960e0f80fba8c6509b
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36dd646710632215e5d0645f2e3d6f56f7e0a19ef5d68b7d236dcda7168679af
37898befed06ec2091ab7a5bae371e7859e9e063b10decfed5bc3c6b1ae212f7
379f28bf09d71dacef5e39ed6625b2cbe56408cb121cab128af45fab2c9d2b5b
392ed00762e20f0f52216d47fb09081ea4dac5bc784609566330bdea8ced0b1f
395006755e7f8a9f68f93120ae12fcd995ab523d9e0bd2eb775a66d63092c8e7
3a3c74e0cf785a90f1d62b2e6750d04c8f1bc2e94c56bc31ba67d20b71b5fd46
3a43a7741c56562fc85455affa72d65903fa9944fae349c61d0fc6cfefc7b9c0
3b2f19e0a9e9b115af904a216ee89b5029be6829491bf37e965c52bc617cdc7b
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b
3e9e6ce6b6811d6b55c9f92346fec735ac7a61484ebfee63a0e74471312a5a36
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ee40ff8c2809a5566f49fd4d7bac1381ee87b11978ad4df64d07c6f5cf53492
3fbd9f061c09f9d7bcd81865c28114a683368d40bdc4c990ea56c7deb3b5ece6
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40286952645aab5649fca9c2577f51aa78e4fdf91621f0018c02e34b2ab5aec4
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41df5d1ca4906b7391e455f7e427b34a0c6d357bcc127a04b31f6f455a502d81
430e8ebc98532cfcdb0ce803e7b13bda4617aced1f111443667e0d2e95d23810
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43ac0ac8b82f2ea26936cae2d4e779f63665a1a0ae6bc4b525b97fdb0d3b5385
43c93b68643ec0d35801b2d8b770734d1ab9d6bbf4accc1a25f7769d11d01b29
44f3ede27c619ceefd34f1ee6504ab56af27947aa9ae09c3235f55c4f10acf57
450513e41b24681b566b69cb1b8bbd8db946f0eb5cf7281fefaebdb5b8be3c33
458bb3a60559f5c11cce4ce12b4a829f5f25a3b43531d2ee7a43565ccede7f18
45a56a8f0e8448108990ac41fb0b66edfb1a0b0ca58197e7966d97a598c896f3
45b201b8ec9c7d89bc9bf573b6f8f99c2eea9a1c3da43b111d4d8ba439111a2d
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4698a5587efd1f3544a044f47d5730376e448834c1c7912a52d2a3960ff2e8ed
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47072f1e6ae104c1fb2dcae8da2181b82c9b824902431c117e7c01c392dce774
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b
470cd2732c986b47395462f0b80a05f88b944f7a3a921e97cb6c006a6fbcb206
4750994865d74cad784e2ec6afd323ec8255a8fd8f02f236eb115e8e2bb47414
47c2203c4a2afa1ee60adaeab464e0e1658f321ed3c2d8fc8bc605d1e29b82c7
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49aaaced371e37547be2c1c11d111beb962cf2baef824954a4069c8f3ccbc7dd
4a790e3b0eb08aa46ad9f046db35200708e66dfd0fbe5ecae2f572ef486173c2
4b13b8918cbdfebdbc7727fdb82a83fdd77465b002501f6d718ee871b16fe9c6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c5b97d9532dee1660600ed702de9be74b905c0c6b270e15c9d065c0581ca5d9
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768
4cddeb9d6db2c3743f14a9fb3ef986c8db4ad16cc7c664efcf5120639d3dd236
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f23b8d6f510707d4e05c9620c881857e254f729caefddab6bc914b5504eba99
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f999891facbc65204286bde7858127c18e7476caecb2315a139e05d26aad2c8
4f9c0b644bad659bf548fd90c92dde166a731890ea5866ccb4ebab50fb3fcaed
5019e7824540e0911d52b32986b1e7a3758ba10122dca001b6404644e3782321
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
52c5f698ac20b6424d6d43adfad72065d918893742c79b89e6cc13e2046e0ac5
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
545a8e29cad37a8eaf4da20d81c90a423c34585df265e78ac39959476d36d005
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c14772f5457443acfa70c0d63054297d423c343ea265f213a7306f20f244ad
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
54e45670c0d4a16548720e3cb5b0c4bcc9dc10b46a987a60f6a582915c6cfdf4
5591dba835b0de0e764ff94ad8aa2afd3905e71f935afbe374849727f010e5b7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56958d9de87f48a810ddd17a0d5c90af4428637a6dde138d34e9307920fd3891
56ab6b29646315f6b094297b45752ae23fe18430c8eb531edaa6297d917eb5f7
56b5a3daf9fb430cb2e5c37557f22f7f3f58e7cfb66e8d8ad1abcdde03918cd8
575be3ca740bf0086c64dab7fdbcd22bb7bc5b731a735ec17ab6371c8d4f4e95
57d9785952ab5b73d421569dfafe39bf3143d4fb52abc19fe681c20ebba9a30d
5a11a7698898cba7edb4737e2d1d556b10ab052aca9365ef0b462bf78f3c9920
5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94
5ba4dd27cff7711073ca3f538abadcc4e358b3936f2d8f9cb75d24093caaa739
5baf9227251bca529ade2d7defc1433aecc69f7fb66abe6db9f978631fe3ce1d
5cfa4afdbef4f9b5d33790abf8244348412a27e7c166328b50fc5e7f5e8bdceb
5d410217f94472d80c19a1347dccae940ebff9f720e68109f1c788d98383a8ab
5e56911ff61cf32ab1f834569af30ae29454fd68d7493a330371e0be1cc90991
5eeb0a78ac81ce525947382bec81d5e37cd8f80b73537378faa4dba2013303fb
5f23deed1fa696bf900ffdfc8132b58a400292d74684e3a561260c09c95708df
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6022d5ac7b098e715cf546b615fc3f75aba2160551b84714841c53a5bb61d3e4
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61c19e1fc4613677b53ca3996111d2df798786a02f712c811cae4e04eebd3fce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628b5c3776a49d80b9e123fb1d7e7be732689c84527ff00e127243830be8166d
631c09483102f313bbe4525037944ff75a43fdbafc5e596261b491bfa4b7a6e6
63c883386442213e5f1742f75ed55016563eb44eb9011db2988de2b96afec237
643fe707091c6e32630daf29adabf146aea6096d30af0367bcddbe54c19bcad0
65022d5f76d6e8ca21971c6b00bd7af6533c705aedfbae57a94d44a9f4839e3c
650414e044fef66b3f67c4053d73e56f025ffd7ab7538382070f0da1409fcd9a
65c8c8f808419b33126ff7d9f5673db0bb11ebe66ad3fa536d2a8de66e4b1759
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
66f96fd80a187ec3244df82a2ee055d49ba59b978c8744a0a9c8370e955b0c51
674c1c11a195dbdc15f1e67ced3a6f51e0d568403baa7429e18cbfc94cb7745b
681d84804a45210f24dfc092854b38cd245bc1cc5cc7eb3c16f17a87bc3a1dd9
6937f4ccde7684dfa45c6a3910b867e0b20b11f43b11b149d6c057e84e6237ba
6ad13dda96d8f3e800f880920650dbeaacf1f80d43056707e983390882b97ce9
6adfa7a3ff6215a94a52d45b430a20bd01b942fbb4af8d32944ec8d62a97fb8f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b8e5c8a13d677fb6c5065529452663141b011884d341d2ee21114a2c34bac77
6bcd571fb6cd520dca9d0a264c1e2c933cc1e42e447f6557904583c8fe05a454
6cf4db24bc73d881b3d5396b4322430b21f907a3cf9bc96285a14b6e6044ef23
6d9f75c5b16017512bc908c460ab81f74855b621f8baf46968d86382a6ecd54a
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d
6e5aeadecb57dfeb8fa94fd8fb3b7feda13d73a4c0a7663ca1626cf7e879edd9
6e874111442f36d488f5e4a7f742391a8c02b70c60b333454fe4f85a3b26e3d5
705f78a3e8fae21fd33949b2cf4d27cd0952e6e26b02008fcfed07ea69fc541f
71aa7fcb701f7091226fb8638d1cf37f693ba4a749b89d70590933a31b577a79
71c406b841dba79e6a1723744ba4fec0d6324a292bab2c2336e69a1d4d3c958a
723067251672e826eacbe1fbbf782df196d5880e281cd45cec0b772dea6e994e
730cc6d288c0b65181df2ed1b8f0facd0093c6a978f1d46a29906316dd515dea
732a107498a381e9b30fb2fa33571b8b33c7fe8ad8b644615c57d35035b3cf30
73dbbef2ed15d2b8e95bdf001ffb624b678b2cc42840e51e0db228dd056dc0f5
74e69698b41d638f93198a599d0e853ffa3c70e9f421063028aab0dba8cdf15b
759ce2a2ce00d61d23c78b075f72880dba5cec69876073fc1313ccfe536c7101
76a0cef65b91884f2fc208ebc599c6693755ea98a5c4cf96d0c77e1f35fff412
793f9f7be2a6c2da3251b3071e2ef9f80ee76a07b2302a040ebe0a2aef04c76a
7afe1a64b661e16a5bfb3cd4737e7f272c65268bdd2a19b937e6e833ea6f7915
7bd76a0a3b4639c022b49b3081648b9264bd31d574b8569935c0c7340c316dd6
7cc89b00ea093dcfa55ab1267187456a60d1e963f5de6700a4194f94378829f8
7cf04b80a0ca8f1334f44596a8e59fa721095ad0ca1792a2dc5d3dd6523b50ce
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7e25add94195047c4d04eb063f97e308db44b32093cc19010a71e3acb234e81c
7f051859d3a393b3f69af3f11a3975bf14c66567311e2e7b1544165a923c5685
803c04148537f982098ecddf47bf6cf8bdb124933bbfee5fa3ef2c528db20683
80ad7da0d1b996b68fe3e4c851fe2a75282238da481e6b7a3aed4605d498f8d4
81d1890c21fabc0c4cd5a7c4507e30e8d4dfbaaf55234be94aca0fc34c711d0b
828767fbeb1fd6669664e2017314c590e3ed617df4a258a6ad788f8328c37999
830a5f83a7785740c7a163718c599b5a3391bcd697046f382970d016ccf471c3
831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842c5825b88ab5a30dcac9d30792aa2769e28ed738c3d262de2046fb2ec41b97
85ed4284f4265536d1ee7cf85771a133ee662fa6d3b8654f72cae4ed7c3efd42
860becd8f262c4ac54a520551bf669ac2a8dd2bb91e9f55548e2deb30e877ba6
8686eebd0bb820ad8dcde3c11ff92a614641f1f4cf2d233e903d341a18823204
87301f139a48566970a0a3796f7d58f388a16b35485a324b9dc69c498893fc42
8748dd515b70822b76baa23b031e6186b0a6cbdb837b6573a052e34e2fbc00f7
886401e74470d23fa8155b4c2676154e88095a72fd673f2105c10bf638cde39c
895d1281c0fe9c342eccbd0d30b2766f567bac2be840f40e2fe91c38858a4dcb
895e3da892c21ab130ea76b5988939aa656bbeb9d3a49808dab87903e5e2aad8
89be99b9f1c2eaf66055e87d96e907811dd2df193fff43ea6ef39d7d52bd8a10
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
8c48b299f78411314bd8799bd1459c5591ffef8067eb075aede8bb8694963259
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f37ef9f928013256f418451c4748f0c5b245fc1c6d945aecc291545754ccd21
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
90762d71f06d1c82e918e159fe30b7cb2ce62451c8ea943943be2ced0b4d884b
91f304ecd9691c55f724ecb159a9b1b803485e1fc460bb625bf2a22be20b9780
92489ab0e3f21bb382c0ecfb44824c8800232f0d82adf1efe3e5d6091be11b74
925c732f1e1b3fe1bd3f2e8e2eead6f9110784c1efe9a866bc33529ce85605e6
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
93bb7fa4a1cdfea8182c76cbb1a1932d37d9b0b1fb59ba861b128849d204eca1
94a728d8edf2cb13e5d4996c6b1fe79d34b6a349808ee87a0a7bc61c59029e12
94f151a7964f65d87bcaf4b5758d541c80a8fba0bb34d8ddc5ab9f8f4122f7c4
95acaa393a26bd1c5d32e38f928f4f5454e81901bcd52ad9d54076c8dd63b30d
978a6720c46899319bcaf543b4a88ca153ce91f224a3392ee23a4de7bad7aafe
97a6c6a88dabfb26c2387ffd82de82fc9d7bcf4242c6be4a5d26918838fef0ce
9804cc7a04217d781b77d8b879807e4d013fcbc1681df1fb8c7d1c08a5e31836
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
996891e63f0025b546f457df41836d9e2dfbed89b51e5faaea9db4d8cd88e62b
999f1cc5cfbf6cddc426d2381ddc6c5e33ac58ed1ecbb677e1586956ced9bb70
99c1685c3ff410b61b002ea6a9b0027441ce0192218fb8cdd6c04741c44d3410
9a31db1f7e19011485fdacab88ac013632f3a9e8b7a211cfa2622b0f39f56cc5
9a8d2582902ec338d24026190d2102df55a577b780a02484f91947daaa6a3040
9ada0f1c08c6e818b4287101844436a50df24b58a743aeeb827b6d9f461126c6
9b5f9b8c5579c88ee0277c25e2aa6b927bc3922cb81b622c8b5af7ca3de07029
9b7ac554e776d024e32a0654ebb72450659ba1d9eea30417cb895d5b9c9df6aa
9b8b6c264f7962c6914f72061c60092057ccea26ef2f0e9fc8bed1598f683dc8
9bae3be0d6aecb8eca72cd54447304386c1e739a6bf78ca354a86a0290685af6
9c15db234ed83ecb86b0f195a31a7ade2326f7e0bf70c2109c9e44e4944e741f
9cd0eab5265791d8f79794da7b8ae4395a75fffc9be55e243e26f9945aadbac0
9d2e31bada568b3eed7992547c55ac77a90fe91a7776322a71b262472263b662
9db1ce7488682bc1d31de275e811269e544697f4612e8cbead0f78f667e4fdd8
9db9ff5cf7743937b33d2929fbceccfe44e696bef7c79255c7c15faaf76d17ff
9dcfb04f8d33520607b73740a1ed3c05c423d8334fd8735a5febbd44e76a2b01
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31
a158a71a6fe142164016effeddf9651a602140ebb34d2fcc888681f71e57b4c2
a19c80b98875cef753f597118bdb5bd92fb9382fb12ade47aadcf316e50dac82
a1a635df2e37f2e83ef80aab643358014182d71b79a676edbc0f8e8b9074033b
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a1deaa2463a9b9e2f7fca14eccef98c030b0af2ced39220eceda6fb3654b4b04
a25542a33708ce4883717ca5df9f9055c0f8f35fea7e0d71bc306b0036497ddc
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
a2a8fdc243cb6032b4a84073845fe8847041d44e02925c7c906156b08882ed7f
a3b16936a8c1ffbb61115d3d13c880421ba0b8decd62290b9924b7acfd9eccbe
a3d4bc6b76b1d19c37b47453c37aba7a5bc7e4d5454b1c74906136de6f71f026
a41680bcdd579f2172bb0fdc6a88245a9b0e6330941d3544f5cf1975d1123bdd
a42a04355bd43398fb68db0a21fd5d42bd472fa4942ddb1587d6ac1ab8f8e873
a54397e21e3e0b7c6fb2d9f89f891cf57710b1786aa74c9cedb257006d85cdf6
a5440147c494bb87fa48e4591f10c8ab73e6bde14482823a8cc14f3743e88cba
a6200a85ae167495981cef97ab78e244b0b5e410e834bdbfb929a7bd0fb5cbea
a62ef51520a05baeaab1defd1bdc9a8aac33f00e4bf6af50dc4872c7e1cf7e21
a6403d0b09b366d353e382e346d54e2911c8481867e617b27e18ad691ef1964e
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a72d2a5ed4614253019a16bbb65dc9cc3328ea83aa3bfa144121c94b7e20add8
a7c5d71830d0eddd0c9df6bc17a13081a845a9ee419a89e0df7324462c632fb6
a809c48c0b079029948ecb3ef8a0dbc6dd8df6690880ec09e789b491f5829a0e
a82ae3ccbc347d2d0ae12acff505162fc136433c44220d660af7c196f89e9824
a856541f12215fa454ac10c3acbf85cfce706e43f07cd020277c472ebb59bed4
a9848fc39945bf074c77566678cfc3f849b7ea17e99ed408a6951a69d656d897
a98a958b8c0616c2202abdeb174747b1485b8382ba2deb34f0fc7dadca6ee97e
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab4eef4f72754ff1d1df73ab69de8a8e25dceb5ee90c78504fbdd8d4155792d2
acb947e2eebaa33f79022a4f09c62a2aa2fe66d14bbe5b3e526496e79e2e7bc6
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
adfa9ed6cab5b45f73b544c5566a733903eb4c073325c8c1746f34f4d2ca9c06
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afba5908ecc55e92c75706cd3c3eddca71cea144f4084a5ab3fd4cdc231ada78
b04f62243c642157a9de155351f9d3639969dd2c4c01de67a26bf96566750681
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8
b05c10a4a81f50f8208f2a1c4e540120e49cc08d042a0ec774e6f2890c9a8344
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7
b151a02b05f0e74942112f0e39e13cd6ba205fbba4e792b4d60841b1c51a450b
b4490b9d78fdf93f085ca22b2678d67df9de7a3c497885e6087761f26d204bdc
b652c7af4cda3d8395a637b1b9f615ef6ec3c6dea7c73cd70393ab5a054eb69b
b791e33c6f800838e1a44adedd2b4de995daa09e7088e06d706ea2ecfe394fce
b811bba243402dd0f4e387efc1134be758728283b481cce3deb139d868245010
b9bb737b195f440f7eee2c9d7116ed0326a43da4390b4863d5aba3b8970031ac
ba004247d787602ed6a3746ddd295613ad2de75b46d9e0027fcfd6c1cab3f9c2
ba25789ed63bf87b60e08cd803b89a0966a2847a3b5f3e867c5b418ce8d5882c
ba86814ef22351aa88538588afbe9ca4c4d558c30c40996aa41c0a685392089d
ba9e25e37254ff1bb724c334aaba8f4fc4fb0fbfa382d20d36703312bb144012
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbc5041579b574064ba464d1c4e572b82b29e8cab0dfc71bd0a793d459576452
bd3fffcf8090daf5007f4a1fca5b2cad3900f3b053c4f0022c2480fd9c6cbdb8
be29cfb407bc4e24051d062066348ce8d2a2e1d73f444a74e7475cfe874e61a7
be31671458ccb62ec81327fcea50613b2b45a5642ea938782e14cbba6c4c9264
bfeb517d0e6a70708458568a22d6324948620da4b5300c4ade4745a44fbb3b7b
c051035d3e52525bbb88488852e434c26dd11aeac6219359f2202fdd741b13fa
c052f5fdfa421272dd54e7c69d5f71a80e0de7037376170dadcaa151a214fdc3
c0c44a65facc077d355cd30bfbcb304535c88d568b13ff11ff0c01e34e01ce8c
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11
c17d601c3937af2adc326571b230ca4e56e04cee88d9cead9237737c9a1249f7
c18f41156c4dfe104b965dd56955733fa021c3e37be0b359bfcea9f51559e213
c1a10a0c3b390629fcfd77b1cdfd93558fa6e0880fe76ec9363c8883ea5207ce
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2a8f2e8029ca54c97e80477dcc7c884ed775613c42c1e5ed93479b7531ed28c
c3c7da109b652b5319c51a39037ba1c2c7a8329c1278b6c47d36d1e4e35dbc0f
c5f39c5f92ffbbd5bb3052a029d608560c31e04bef6b59e2d95bb4c6afe11794
c8bf73dc1f21b72403e8498a767342578f65dd57a489f33cd701249280ca2638
c8ce764186ba03e617f017c5d3ea825e5036fbd912b4afc3f121d56f18919bb6
ca54da7405b66bd186a7f18e1b6fc69db4bdcbb3223552155bff97eba8a71867
ca72f7517a3025fd4ad2e42c5e6b309b7d9c206742e04f695263c1e8522b3513
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc23b4fef892485b4da35faecdabd6b5ec5f364a3e4172f44e966cfc07c96c22
cc60f24889ab5a265e365fae995bd94953d08b1e20efb7283461923b68d923ee
cd1229c3c8ff5e3ea1855145e7491b244ddc9cfa17887cb8ab7036181b1215ca
cd135495db38f7be16a5d67d9854f22b451b6dd91a8e74c222572e9d9d7bd4fc
cd82e3a9915fd443e2a7483301d21a4801798aebceb3ddcc73cdebce25963b50
ce9d5af22bb35f36961a1878be5183fc342c38d7b2f2e8cf9e0da52352673650
cf3a9acf57d42999f72ea2b8c89fb8f3099e345c722fa6f097b1e07426cd1d5a
d06c733ba42b81cd66c7fcaabc75b51c59292cdbccdcfb6a88bf2b57d262047b
d1d1548403513a9dfac12d19482f0b6f353080ca42562c0030c2387da87e48a0
d283b225c3577a200e3e049ff1484ba8b8b772981be6c53cd916099d5c9eaf00
d2b51cd55841eb72aa64acbe4be49eb5e2dac7ae75af691c51ed2fa1b5cd0dee
d38eec8a99ba878db5cc52196253219fc649236693c9efc9817cde7fb0dd7c43
d39a00c302f3a8860587e592d2c954f44d082b7971c61e99ec631232d69c054d
d3fa6a0001bbe5bb523b2ce5cc489f09cda290eff30ea93a9ac33a338205c32b
d4186d66c3a74108f2ff4dc97f5a5173653f33a2909def5b1c8aafbeb15784bc
d4848c50ab9d9657b83ba377e848e7485bc1f65a6dc7340b2f53692f16832c88
d498232b7db07e6e7480e1e67483e011207c96039ca5ffdf118242a4b321aa60
d5324fdfaf4184309dc0b54d1818ea6a01794195b0633b92d669f62e7fd9bd0c
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d79a688e4e23466eeee3ab0d7d3a99a0588b1aa1c7ae0f4fedfbd498c9022eb4
d8a356ae7ad51af25f41e9529ed11b1da27f59c8de35ba04c7d66aa2146fbdfc
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df4158b26fd967828e058b3c5e3248b24a2323c6cb53fa52382a73aae489612f
e00d38903a23f4005c9c12b16e8af8e8ae4b4fca2af8a0fc39cced3de3281d5e
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e16851eb4d6890fa1ea32ba17f901324ae7209fae117df5382fccb60c9efee63
e1811c8ec160bac8bb528eedae97a1299c2c59cc4aaae38b237f9b755e8f98bf
e22957ff3644522f17da060484eae66a19121a8d5ea588777ab50bbef17fb880
e33ecd361c65ce9e5832859f1870de5516a65918bedf7b0897f74fe9d9d9c5ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57eed97b19a7b770dd3aa55cdbde01e5d83de9d25ffc1fca6a38c96fe4c7aff
e58c57e76e9d40aafe12356206e7fa7dceb482dc748f214a0cb56275bf9d35aa
e72b1a7791a6a89e8cbef367a7eeb744bfbcf2098076e560215cf391da3b460e
e7a8e0f3dd4712276e0efd1bc02bf9973215776867311ffc1acd88ab9b74481c
e8bc21a2f5c045f875af5f2f12df2822a60c4046116565845c5445c0e75835e9
eafd87520de9a62ab2a8752e6f71da7ef0f007f76a7c929ca04a4f2f9ee47de2
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee6183ab6be9da0fdefb8052d6d4574f6886401cc325dafe2ac8dd119a30b9b4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
efa4c9a1505ecdc023d44710c0d75f8ecb819d7cbc797d0cfebe34584c36cc65
f032bd7ae7af56c63d7a9440e95a957b0d413619794e09ca663f9120f0d5189e
f0641c955bc37ac722aadf1b4ef786f3980e39697dcc6d8e335973e169b1d5ed
f0ba300e202bc07720b8262d0900fa60fa58b4cd2a61c094fb7a208d9d3f8a57
f0bfc081bebdda05a4db8a05f4b7eb31ac5890ccbf1a1121fef6aac78cf3a427
f0e53b74506b4bb5012cb85266b761f24b7772f52b6372b490b025fb4855ab5f
f136c2b2f7a9c50314ed05dab812fadd13729c2ce2fe4bbf329997b4b2ea8eab
f1afb6f415fd545753fdb37277ae67733cd31f7ce1991b0c20f0df10278b28fd
f2216586c8870f29a5ba1deb47870c08ac2faca02b9465fa789ee8c23dfb0f69
f3aca747cbfd2fa0187d75195723930af56197fae8532a785a6b3f86b35e6e91
f3f3bac55a34bf74cb853f3454ab20e32288a0e0322d758c40443d17482b62eb
f467d3a42d902cd3b08867caadb05d540700f1a653f3d4b1fe547ab1a1374b51
f51b6be7724eefc74e784dc166d5e38ec28e3638b30aa3f5b2d21dea6c00161e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f938e477475e150ae0f1dcccd684ff3433289e1dd36a9b7c21217aafad000b9c
fb60e2977a05927766b7552bb7a37e5ae72e1c61112245138cd740c56c022b5c
fcfa1695ee31c550ed74be2842429e7c53df6657534dce28c7e4beba6d1c59e3
fe4088d4b42b8e852bf0de960f1d674581e3a58205e9b8e5a107cc0cf64710bb
feae0140363329b375a93e08c4fe572f5d87132eb2efba26fd424bc60d321fcc
ff0c7736eae96e8fa5d35871a5530833c0b0eba4ded324d4d8bef20c1701e03d
ffb67a45e219131bf2837288df509b62c1c0799fa32ab790f9292ba577f34ed5