www.webmail.co.za Open in urlscan Pro
195.154.207.108 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://executivemail.co.za/
Effective URL:
https://www.webmail.co.za/
Submission: On August 20 via api (August 20th 2021, 7:01:31 pm UTC) from US

Summary HTTP 322 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 73 IPs in 9 countries across 52 domains to perform 322 HTTP transactions. The main IP is 195.154.207.108, located in France and belongs to Online SAS, FR. The main domain is www.webmail.co.za.
TLS certificate: Issued by R3 on June 21st 2021. Valid for: 3 months.

This is the only time www.webmail.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	195.154.207.134 195.154.207.134	12876 (Online SAS) (Online SAS)
7	195.154.207.108 195.154.207.108	12876 (Online SAS) (Online SAS)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:452a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
53	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
1	13.224.96.116 13.224.96.116	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:4a00:b:3c99:a880:93a1	16509 (AMAZON-02) (AMAZON-02)
15	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.196.125 13.224.196.125	16509 (AMAZON-02) (AMAZON-02)
1	13.224.196.67 13.224.196.67	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.19 216.52.2.19	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	135.125.163.79 135.125.163.79	16276 (OVH) (OVH)
1	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
8	213.19.162.41 213.19.162.41	26667 (RUBICONPR...) (RUBICONPROJECT)
1 13	52.48.181.96 52.48.181.96	16509 (AMAZON-02) (AMAZON-02)
1	13.224.96.92 13.224.96.92	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:e000:1f:612c:5a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	34.194.97.217 34.194.97.217	14618 (AMAZON-AES) (AMAZON-AES)
1	54.36.109.155 54.36.109.155	16276 (OVH) (OVH)
1 1	3.237.175.195 3.237.175.195	14618 (AMAZON-AES) (AMAZON-AES)
8 10	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 1	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.48.137.92 52.48.137.92	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
1	99.81.82.31 99.81.82.31	16509 (AMAZON-02) (AMAZON-02)
2 6	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	217.79.188.60 217.79.188.60	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	217.79.188.54 217.79.188.54	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
36	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
17	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
5 9	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
4 6	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2600:1f18:612... 2600:1f18:612b:4264:a698:31e8:5977:4024	14618 (AMAZON-AES) (AMAZON-AES)
6 6	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	144.76.91.199 144.76.91.199	24940 (HETZNER-AS) (HETZNER-AS)
20	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
3 7	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
9	198.199.88.126 198.199.88.126	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
1 6	88.99.165.19 88.99.165.19	24940 (HETZNER-AS) (HETZNER-AS)
1	18.184.94.176 18.184.94.176	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6 7	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:7e05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:cb40:200... 2a02:cb40:200::202	20546 (SOPRADO-ANY) (SOPRADO-ANY)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3 4	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	178.79.242.245 178.79.242.245	22822 (LLNW) (LLNW)
2	145.239.2.103 145.239.2.103	16276 (OVH) (OVH)
2	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
2	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
4	159.69.70.9 159.69.70.9	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:303... 2606:4700:3036::ac43:9b70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	138.201.63.165 138.201.63.165	24940 (HETZNER-AS) (HETZNER-AS)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
3	46.236.13.147 46.236.13.147	24931 (DEDIPOWER) (DEDIPOWER)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	13.224.96.50 13.224.96.50	16509 (AMAZON-02) (AMAZON-02)
1	81.29.72.47 81.29.72.47	24931 (DEDIPOWER) (DEDIPOWER)
2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	52.215.101.139 52.215.101.139	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
322	73

1 195.154.207.134 (France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: web2.wmi2.net

executivemail.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 195.154.207.108 (France)

ASN12876 (Online SAS, FR)
PTR: web1.wmi2.net

www.webmail.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:452a (United States)

ASN13335 (CLOUDFLARENET, US)

adxbid.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c3.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-116.zrh50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:4a00:b:3c99:a880:93a1 (United States)

ASN16509 (AMAZON-02, US)

za-ssl.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.196.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-125.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.196.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-67.fra2.r.cloudfront.net

t.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.19 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.125.163.79 (France)

ASN16276 (OVH, FR)
PTR: ns3190286.ip-135-125-163.eu

nocf.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 213.19.162.41 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.48.181.96 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-181-96.eu-west-1.compute.amazonaws.com

collector.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-92.zrh50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:e000:1f:612c:5a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

detect-survey.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.194.97.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-97-217.compute-1.amazonaws.com

survey.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.109.155 (France)

ASN16276 (OVH, FR)
PTR: p05.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.237.175.195 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-237-175-195.compute-1.amazonaws.com

eus-api.ccgateway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.226 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.207 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.137.92 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-137-92.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.246 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.82.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-82-31.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.60 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.54 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: aa.adfarm1.adition.com

ad13.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.18.234.21 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.172.45 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f18:612b:4264:a698:31e8:5977:4024 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

taboola-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.94.180.125 (Amsterdam, Netherlands) 6 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.91.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 198.199.88.126 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

serverc.aivdesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 88.99.165.19 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de

ad28.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.94.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-94-176.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.111.239.217 (Frankfurt am Main, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:cb40:200::202 (Germany)

ASN20546 (SOPRADO-ANY, DE)

www.asmc.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 145.239.193.130 (France) 3 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.245 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-245.fra.llnw.net

asset.conrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.2.103 (France)

ASN16276 (OVH, FR)
PTR: ns3082036.ip-145-239-2.eu

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.250.30 (Bad Schwalbach, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.69.70.9 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.9.70.69.159.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:9b70 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.adxbid.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.165 (Lingenfeld, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de

hal90005.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-50.zrh50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.29.72.47 (Epsom, United Kingdom)

ASN24931 (DEDIPOWER, GB)

diapi.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.101.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-101-139.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	taboola.com cdn.taboola.com trc.taboola.com 15.taboola.com images.taboola.com vidstat.taboola.com imprammp.taboola.com c3.taboola.com am-match.taboola.com wf.taboola.com am-vid-events.taboola.com sync-t1.taboola.com pips.taboola.com cds.taboola.com am-wf.taboola.com	1 MB
55	googlesyndication.com ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	575 KB
36	doubleclick.net 8 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net	228 KB
20	ampproject.org cdn.ampproject.org	405 KB
18	effectivemeasure.net 1 redirects za-ssl.effectivemeasure.net t.effectivemeasure.net collector.effectivemeasure.net detect-survey.effectivemeasure.net survey.effectivemeasure.net	14 KB
12	google.com 5 redirects adservice.google.com www.google.com	2 KB
11	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	23 KB
9	aivdesk.com serverc.aivdesk.com	6 KB
9	spotxchange.com 6 redirects sync.search.spotxchange.com search.spotxchange.com	8 KB
9	casalemedia.com 5 redirects dsum-sec.casalemedia.com	8 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net hal90005.redintelligence.net	57 KB
7	ad-srv.net 1 redirects ad.ad-srv.net ad28.ad-srv.net	7 KB
7	webmail.co.za www.webmail.co.za	170 KB
6	adnxs.com 4 redirects ib.adnxs.com	6 KB
6	adsrvr.org 2 redirects match.adsrvr.org	2 KB
5	gstatic.com fonts.gstatic.com	94 KB
5	awin1.com 4 redirects www.awin1.com	3 KB
5	googleusercontent.com lh3.googleusercontent.com	307 KB
5	googletagservices.com www.googletagservices.com	165 KB
4	webgains.com track.webgains.com diapi.webgains.com	16 KB
4	medialead.de 3 redirects pv.medialead.de	4 KB
4	tremorhub.com taboola-supply-partners.tremorhub.com	729 B
4	criteo.com 1 redirects bidder.criteo.com gum.criteo.com mug.criteo.com	6 KB
3	webgains.io analytics.webgains.io api.webgains.io	61 KB
3	adition.com imagesrv.adition.com ad13.adfarm1.adition.com	11 KB
3	adform.net 2 redirects adx.adform.net dmp.adform.net	1 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	62 KB
3	google-analytics.com www.google-analytics.com	58 KB
3	googleapis.com ajax.googleapis.com fonts.googleapis.com	34 KB
2	criteo.net static.criteo.net	54 KB
2	ad-server.eu ad-server.eu	13 KB
2	media01.eu pb.media01.eu	874 B
2	contentspread.net cdn.contentspread.net	89 KB
2	zenaps.com 2 redirects www.zenaps.com	1 KB
2	crwdcntrl.net 2 redirects bcp.crwdcntrl.net	1017 B
2	googletagmanager.com www.googletagmanager.com	85 KB
1	office-partner.de adv.office-partner.de	1 KB
1	adxbid.me analytics.adxbid.me
1	conrad.com asset.conrad.com	28 KB
1	asmc.de www.asmc.de	357 B
1	conrad.de www.conrad.de	707 B
1	bidswitch.net x.bidswitch.net	146 B
1	krxd.net beacon.krxd.net	338 B
1	mathtag.com 1 redirects pixel.mathtag.com	586 B
1	ccgateway.net 1 redirects eus-api.ccgateway.net	619 B
1	id5-sync.com id5-sync.com	1 KB
1	google.de adservice.google.de	853 B
1	adxpremium.services nocf.adxpremium.services user-sync.adxpremium.services Failed	626 B
1	lijit.com ap.lijit.com	758 B
1	crazyegg.com script.crazyegg.com
1	adxbid.info adxbid.info	72 KB
1	executivemail.co.za 1 redirects executivemail.co.za	194 B
322	52

	Domain	Requested by
36	tpc.googlesyndication.com	ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.webmail.co.za securepubads.g.doubleclick.net cdn.ampproject.org
20	cdn.ampproject.org	securepubads.g.doubleclick.net
16	images.taboola.com	www.webmail.co.za
15	pagead2.googlesyndication.com	ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.webmail.co.za www.googletagservices.com securepubads.g.doubleclick.net
15	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.webmail.co.za
14	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com www.webmail.co.za
13	collector.effectivemeasure.net	1 redirects www.webmail.co.za t.effectivemeasure.net
11	www.google.com	5 redirects ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com www.webmail.co.za tpc.googlesyndication.com
10	googleads.g.doubleclick.net	ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com www.webmail.co.za
10	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
10	cdn.taboola.com	www.webmail.co.za cdn.taboola.com
9	serverc.aivdesk.com	vidstat.taboola.com
9	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
8	fastlane.rubiconproject.com	adxbid.info
7	am-vid-events.taboola.com	www.webmail.co.za vidstat.taboola.com
7	www.webmail.co.za	www.webmail.co.za
6	ad28.ad-srv.net	1 redirects ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com ad28.ad-srv.net
6	sync.search.spotxchange.com	6 redirects
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	match.adsrvr.org	2 redirects imprammp.taboola.com am-match.taboola.com
5	fonts.gstatic.com	fonts.googleapis.com
5	www.awin1.com	4 redirects ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
5	trc.taboola.com	cdn.taboola.com www.webmail.co.za
5	lh3.googleusercontent.com	www.webmail.co.za
5	www.googletagservices.com	www.webmail.co.za securepubads.g.doubleclick.net ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
4	am-wf.taboola.com	vidstat.taboola.com
4	hal90005.redintelligence.net	1 redirects ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com hal90005.redintelligence.net
4	hal9000.redintelligence.net	ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com hal90005.redintelligence.net
4	pv.medialead.de	3 redirects ad28.ad-srv.net
4	taboola-supply-partners.tremorhub.com	imprammp.taboola.com am-match.taboola.com
4	ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	track.webgains.com	www.webmail.co.za ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com analytics.webgains.io
3	search.spotxchange.com	vidstat.taboola.com
3	sync-t1.taboola.com	imprammp.taboola.com am-match.taboola.com
3	am-match.taboola.com	vidstat.taboola.com
3	www.google-analytics.com	www.webmail.co.za www.google-analytics.com
2	gum.criteo.com	1 redirects static.criteo.net
2	api.webgains.io	analytics.webgains.io
2	eus.rubiconproject.com	adxbid.info eus.rubiconproject.com
2	static.criteo.net	adxbid.info static.criteo.net
2	ad-server.eu	ad28.ad-srv.net ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
2	pb.media01.eu	pv.medialead.de hal90005.redintelligence.net
2	cdn.contentspread.net	ad28.ad-srv.net
2	fonts.googleapis.com	tpc.googlesyndication.com hal90005.redintelligence.net
2	www.zenaps.com	2 redirects
2	wf.taboola.com	vidstat.taboola.com
2	ad13.adfarm1.adition.com	ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com ad13.adfarm1.adition.com
2	imprammp.taboola.com	www.webmail.co.za vidstat.taboola.com
2	dmp.adform.net	2 redirects
2	bcp.crwdcntrl.net	2 redirects
2	15.taboola.com	cdn.taboola.com
2	survey.effectivemeasure.net	t.effectivemeasure.net
2	www.googletagmanager.com	www.webmail.co.za adv.office-partner.de
1	mug.criteo.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	diapi.webgains.com	track.webgains.com
1	analytics.webgains.io	track.webgains.com
1	adv.office-partner.de	hal90005.redintelligence.net
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	analytics.adxbid.me	adxbid.info
1	asset.conrad.com	ad28.ad-srv.net
1	www.asmc.de	ad28.ad-srv.net
1	www.conrad.de	ad28.ad-srv.net
1	x.bidswitch.net	am-match.taboola.com
1	ad.ad-srv.net	www.webmail.co.za
1	imagesrv.adition.com	ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
1	c3.taboola.com	www.webmail.co.za
1	beacon.krxd.net	www.webmail.co.za
1	pixel.mathtag.com	1 redirects
1	eus-api.ccgateway.net	1 redirects
1	id5-sync.com	www.webmail.co.za
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	detect-survey.effectivemeasure.net	t.effectivemeasure.net
1	vars.hotjar.com	static.hotjar.com
1	adx.adform.net	adxbid.info
1	nocf.adxpremium.services	adxbid.info
1	bidder.criteo.com	adxbid.info
1	ap.lijit.com	adxbid.info
1	t.effectivemeasure.net	za-ssl.effectivemeasure.net
1	script.hotjar.com	static.hotjar.com
1	script.crazyegg.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	za-ssl.effectivemeasure.net	www.webmail.co.za
1	static.hotjar.com	www.webmail.co.za
1	adxbid.info	ajax.googleapis.com
1	ajax.googleapis.com	www.webmail.co.za
1	executivemail.co.za	1 redirects
0	user-sync.adxpremium.services Failed	adxbid.info
322	90

This site contains links to these domains. Also see Links.

Domain
www.sowetanlive.co.za
popup.taboola.com
partners.etoro.com
de.heute-vital.com
see.curitypower.com
cdn.hoergeraeteexperten.de
www.enpal.de
cdn.hoergeraete.hoeren-heute.de
next.primeweekly.com
safesly.com
www.7reelz.com

Subject Issuer	Validity	Valid
webmail.co.za R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-13` - `2022-06-12`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.effectivemeasure.net Amazon	`2021-02-02` - `2022-03-03`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2021-08-05` - `2022-09-05`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.id5-sync.com R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G2	`2021-04-15` - `2022-05-17`	a year	crt.sh
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G2	`2021-05-21` - `2022-06-22`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
ad-srv.net R3	`2021-08-20` - `2021-11-18`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.aivdesk.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-18` - `2021-10-17`	2 years	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
www.conrad.de Cloudflare Inc ECC CA-3	`2021-05-17` - `2022-05-16`	a year	crt.sh
*.asmc.de Thawte RSA CA 2018	`2020-09-16` - `2021-10-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
pv.medialead.de R3	`2021-06-25` - `2021-09-23`	3 months	crt.sh
asset.conrad.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-21` - `2022-08-20`	a year	crt.sh
contentspread.net R3	`2021-08-03` - `2021-11-01`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
ad-server.eu R3	`2021-08-17` - `2021-11-15`	3 months	crt.sh
redintelligence.net R3	`2021-08-20` - `2021-11-18`	3 months	crt.sh
adv.office-partner.de R3	`2021-07-10` - `2021-10-08`	3 months	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 33 frames:

Primary Page: https://www.webmail.co.za/
Frame ID: F89D18B15376F14537E70B97697032CE
Requests: 149 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 783F6AB6FB0D260EFB7134DF9DD961CC
Requests: 1 HTTP requests in this frame

Frame: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1F992878D91009CAF13EF6CCEC2D7023
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=9AA3C1E5161336375811787146421&cicmp=1337627&cijs=1&dast=V7OEACFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHLlgcDaMFWsxW2w2s81uNRxsFqvJcrObzZaQMIvFYjSZrYZTMNjC53R3t0EDTafD57rX636_u-5lcTucZrvGb5c-_HIAAAAAeAAgaomG2PFtaI8AAAAAkOAZuVagCKj4txC4AAAAAMAAIBAL1wCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhghADQTWyIAAAAAIwAAAAAkAAIJBaWADjcLZoAAATskcEHhJ8AAAAc1Mk8bbP8____xwDkvTfJAFCkbdwY9AA8-AA8CAEAAFwM2SjKFfR6AhESFSgWMQIAAAAYrnXNOprUCZVF1f___78VwBUAQMAeGXxAfdbNSTFrGAAAAMDYAj0sfr_ZYdf43S77_________zf7PwNAE0Iq_EgLUsCVUuMZuVZY-wUEAGB7NwCAtwC4mAOwAwAAALj7____zwMAAODZo2R7rcazR1nvM9jC53R312_CFqPVZLJZDmfLxWQwHA1Ho_0J4HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6Ro0WCyGo0mi8lwNZqsZsvFbrdBilatZqPNYLiaTWa73Wo4GC5HI5ywxWg1mWyWw9lyMRkMR8PRaIgHVefS-bw6FQ_m43Luaxc-OsRyNVcMF3PFbjQXLlcJAAAAAAAAAGAJU-ZNAAAAAE6DmM0mu92KG2_2TBBrtVrWAAAAANy6kQM!&excid=22&tst=1&docw=0&cs=false
Frame ID: 319CBC0BD608E42F2156211A060F6A1F
Requests: 1 HTTP requests in this frame

Frame: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DAA0F36E8E139A9BA8E8F3F141C2DDCD
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhi8ls-yATAB&v=APEucNWrvIQRZsRNGpe7hgssZnNAHWMb9MoM3TMab3Kn70aLnHHwjPgCZQ6EMr5_wrb0zypa77ikGCdW88TJUANEUr-iSJ1cUUc3u2h6IFqJY8u8HYcAZ9pt56iHIE-qAT6ft19GvW759dTmn6dThPDDdP6eegwE3X66KTVpc6gShpBM_gOmG5w
Frame ID: D864B70E6D2E41E12AD0A04FA3E807B6
Requests: 5 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66501725&crid=6271935&dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&cmcv=&pix=undefined&cb=1629486056226&uv=3005&tms=1629486056226&abt=206725b_vA!adh5c-1_vA!insc_vA!scec9_vB!smbs!spa2_vA!t45!uga_vB!ul95973_vE&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=9AA3C1E516133637529596707499&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: F0791F9C804BEFC3B7F817E896DF6DCC
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 64D997C7F56EEBCDE77181CF7997EBE3
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 23D28B5296AE47406BDDE8FD501298E6
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Frame ID: 4EB90FBA92ED90D8A7C6D02D3568DCD1
Requests: 15 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: FF3F5AA41B984DEC2BC90ACCC16BF53A
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Frame ID: B69DB763CA732B2287712E26468F8CA3
Requests: 15 HTTP requests in this frame

Frame: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4F66AC919DC651032011FBC77A4C1BA5
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNXPKKshbDsWzvjpMwqkLAr4YinlBhJ53yZE2CK4jO0xOlz67KqEOLLOIAqVZA7_8RWWDqWVOZmL3HmIZV8SSAjGjD-406_yeYQ8eb4vfNeZKUCP0YFKebLe4d61fSxlRPbXEmQKLhLyMMIDVvNauxHtbDPv8DuAQjJzJSElVT3z7qB_S4g
Frame ID: E418CD1FAF2C81DF40523A40343D472B
Requests: 5 HTTP requests in this frame

Frame: https://www.conrad.de/ztpv.php?awc=11354_473322_1629486056_f364c231-01e8-11ec-9723-692d00a25ac2&insert=AW
Frame ID: FF6E2BF6C967C2A3A24B3BD988EFA01D
Requests: 1 HTTP requests in this frame

Frame: https://www.asmc.de/web/12d89144075752ca3c73c924a3dca46b.html
Frame ID: DE8397ACA28ACF30F8788755174ABA91
Requests: 1 HTTP requests in this frame

Frame: https://ad28.ad-srv.net/request_content.php?s=38187000132810000383832011692028&a=5c14399e
Frame ID: 8C0BF42D5431FCE746BE7672B85B4927
Requests: 9 HTTP requests in this frame

Frame: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 01561C6485AF0B7CC6D847652524A820
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html
Frame ID: 0EFD3A647B8E46B9240470DFA9288DDE
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: B8650F59D5D87A614E2F9C5C8B705161
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Frame ID: 984A0FE6D2CA43CBCAE81ACF00272985
Requests: 12 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=50099&dt_subid2=38187000132810000383832011692028&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: F812DBA8773162F5C3365DFDB3679377
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 537C783D37AB097D0CC3C27C60EAE336
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Frame ID: EC861CB4EA244CE9A9F44B26773A1FCC
Requests: 13 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=79416800156334100710616011692005&actionid=731824&produktid=businessgiro&dt_url=
Frame ID: 7DB3E45E39825A56996AC3448B2D6C21
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 02B0A5F6ED0B8D41F0D53DF05C2E3722
Requests: 2 HTTP requests in this frame

Frame: https://hal90005.redintelligence.net/request_content.php?s=79416800156334100710616011692005&a=f2008bb6
Frame ID: F573854F0AC3A41C53DB8527AA9F9711
Requests: 8 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Frame ID: FD0B14AF5F4F9E15603634535FCBF2AC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 251CD1430623358A4C93AA55BE92776B
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 73C632AFF6FC020337526C7856309366
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.webmail.co.za
Frame ID: 80B7D38F677E6C34A7D478920EA950D1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: BFB91C1B694BA5FD376F70E672EFAFC3
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BAEFDBD4BA037ABF337126B99932F8A8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Webmail | Free email, file storage, sms and more.

Page URL History Show full URLs

http://executivemail.co.za/ HTTP 301
https://www.webmail.co.za/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

322
Requests

99 %
HTTPS

36 %
IPv6

52
Domains

90
Subdomains

73
IPs

9
Countries

3941 kB
Transfer

9283 kB
Size

0
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sowetanlive.co.za/news/south-africa/2021-08-20-western-cape-education-mec-disputes-parliaments-claim-that-pupil-died-in-crash-outside-its-gates/?utm_source=webmail

Search URL Search Domain Scan URL

URL: https://www.sowetanlive.co.za/news/south-africa/2021-08-20-i-dont-plan-to-leave-my-job-says-investment-banker-who-won-r7m-lotto/?utm_source=webmail

Search URL Search Domain Scan URL

URL: https://www.sowetanlive.co.za/news/south-africa/2021-08-20-sfiso-buthelezi-is-adamant-popo-molefe-is-no-victim-of-state-capture/?utm_source=webmail
Title: Sfiso Buthelezi is adamant: Popo Molefe is no victim of state capture

Search URL Search Domain Scan URL

URL: https://www.sowetanlive.co.za/news/south-africa/2021-08-20-crime-stats-cash-in-transit-heists-residential-robberies-increase/?utm_source=webmail
Title: Crime stats: Cash-in-transit heists, residential robberies increase

Search URL Search Domain Scan URL

URL: https://www.sowetanlive.co.za/sport/soccer/2021-08-20-psl-is-back-and-no-surprise-that-sundowns-start-with-a-win/?utm_source=webmail

Search URL Search Domain Scan URL

URL: https://www.sowetanlive.co.za/sport/rugby/2021-08-20-boks-brace-for-physical-assault-from-argentina/?utm_source=webmail
Title: Boks brace for physical assault from Argentina

Search URL Search Domain Scan URL

URL: https://www.sowetanlive.co.za/sport/soccer/2021-08-20-davids-and-ncikazi-aim-to-bring-back-the-orlando-pirates-style-of-play2/?utm_source=webmail
Title: Davids and Ncikazi aim to ‘bring back the Orlando Pirates style of play’

Search URL Search Domain Scan URL

URL: https://www.sowetanlive.co.za/entertainment/2021-08-20-atlang-lays-herself-bare-in-soapie-dream/?utm_source=webmail

Search URL Search Domain Scan URL

URL: https://www.sowetanlive.co.za/entertainment/2021-08-20-underdog-muso-madosini-elated-after-being-honoured-with-mural/?utm_source=webmail
Title: 'Underdog' muso Madosini elated after being honoured with mural

Search URL Search Domain Scan URL

URL: https://www.sowetanlive.co.za/entertainment/2021-08-20-rapper-goes-from-high-school-dropout-to-dropping-hits/?utm_source=webmail
Title: Rapper goes from high school dropout to dropping hits

Search URL Search Domain Scan URL

URL: https://www.sowetanlive.co.za/good-life/2021-08-20-tayste-kitchen-dishes-up-food-filled-with-soul/?utm_source=webmail

Search URL Search Domain Scan URL

URL: https://www.sowetanlive.co.za/good-life/2021-08-17-native-the-mix-breaks-the-mould-in-waterfall-city/?utm_source=webmail
Title: The Mix breaks the mould in Waterfall City

Search URL Search Domain Scan URL

URL: https://www.sowetanlive.co.za/good-life/food/2021-08-20-native-can-an-avo-a-day-keep-the-doctor-at-bay/?utm_source=webmail
Title: Can an avo a day keep the doctor at bay?

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=webmailza&utm_medium=referral&utm_content=thumbnails-home:Below%20Homepage%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://partners.etoro.com/aw.aspx?A=45729&Task=Click&SubAffiliateID=DE_HF_Desk_LP_Stocks_Amazon_29-07-21_Taboola_AFFID_45729&TargetURL=https://go.etoro.com/de/dynamic?symbol=amzn&utm_source=taboola&utm_medium=referral&tblci=GiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSCY_EgogrnDwuq3wOUC#tblciGiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSCY_EgogrnDwuq3wOUC
Title: eToro

Search URL Search Domain Scan URL

URL: https://de.heute-vital.com/1ffb7b26-4f41-49f2-8a00-e2f010889956?utm_campaign=9667652&utm_content=2986977279&utm_medium=Desktop&utm_source=webmailza&site_domain=http%3A&site_id=1372681&image=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F1922f0dc8699bf8edcf7c727cbc43d75.jpg&title=Frankfurt+Am+Main+in+Aufregung%3A+CBD+Frucht-Drops+machen+%C3%84rzte+sprachlos+-+Jetzt+Lesen%21&utm_network=taboola&click_id=GiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSCO01MoqvHJ0_-Bi_8w&tblci=GiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSCO01MoqvHJ0_-Bi_8w#tblciGiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSCO01MoqvHJ0_-Bi_8w
Title: Sarah's Blessing

Search URL Search Domain Scan URL

URL: https://see.curitypower.com/795e1586-3c62-4dbb-98a1-4076c43bfb98?utm_medium=webmailza&utm_campaign=8362078&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F9acdca7a604979ffcdd64381c0a297dc.jpg&taboolaclickid=GiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSD92UUoz8-jp9mtuameAQ&tblci=GiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSD92UUoz8-jp9mtuameAQ#tblciGiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSD92UUoz8-jp9mtuameAQ
Title: Circa Knee

Search URL Search Domain Scan URL

URL: https://cdn.hoergeraeteexperten.de/horizon_reveal/?utm_content=3023898428&utm_publisher_ID=webmailza&mkt_tool_id=93e648&utm_term=93e648&act=ACT0000034211ACT&utm_source=taboola&utm_medium=display&utm_campaign=de_de_hoergeraete-expe_display_taboola_de_hh_horizon_reveal_acq_desktop_cw27_audibene-de-he-sc_ACT0000034211ACT&utm_creative_ID=3023898428&aud_adcopy=Frankfurt+Am+Main%3A+Das+ist+der+Tesla+unter+den+H%C3%B6rger%C3%A4ten&tbclid=GiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSDjv1QoqPjR5NHiw5K8AQ#tblciGiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSDjv1QoqPjR5NHiw5K8AQ
Title: Hörgeräte Experten

Search URL Search Domain Scan URL

URL: https://www.enpal.de/artikel/erste-50-euro-solaranlage?utm_source=taboola2.0&utm_medium=referral&utm_campaign=9098277&utm_site_t=webmailza&utm_thumbnail_t=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fe3487bd2dcb476f4b52181802d6aea5d.jpg&utm_title_t=Hessen%3A+Deutscher+erfindet+50%E2%82%AC-Solaranlage+-+unglaublicher+Ansturm&utm_time_t=2021-08-20+19%3A00%3A55&utm_term=Desktop&utm_content=3012762476&utm_site-id_t=1372681&tblci=GiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSCc01MoosfdgfSr9un3AQ#tblciGiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSCc01MoosfdgfSr9un3AQ
Title: Solaranlagen für Hauseigentümer

Search URL Search Domain Scan URL

URL: https://cdn.hoergeraete.hoeren-heute.de/native-state/?aud_h=zadsyyBFZqt3sX6V3v5Pt&utm_content=3007359858&utm_publisher_ID=webmailza&mkt_tool_id=90a364&utm_term=90a364&act=ACT0000033383ACT&utm_source=taboola&utm_medium=display&utm_campaign=de_de_hoe_display_taboola_hh_native_state_acq_desktop_cw23_audibene-de2-sc_ACT0000033383ACT&utm_creative_ID=3007359858&aud_adcopy=%5BKrankenkasse%5D+So+hoch+ist+die+Kosten%C3%BCbernahme+f%C3%BCr+H%C3%B6rger%C3%A4te+wirklich&tbclid=GiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSDrvUIozNn81ezt0MVa#tblciGiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSDrvUIozNn81ezt0MVa
Title: Hören heute

Search URL Search Domain Scan URL

URL: https://www.enpal.de/artikel/grosskonzerne-erschuettert-solar-guenstiger-als-strom?utm_source=taboola2.0&utm_medium=referral&utm_campaign=9098511&utm_site_t=webmailza&utm_thumbnail_t=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Ff382193be302f73ac35f1ee3bcd98539.png&utm_title_t=Enth%C3%BCllung+in+Hessen%3A+Diese+Solaranlage+ist+g%C3%BCnstiger+als+Strom&utm_time_t=2021-08-20+19%3A00%3A55&utm_term=Desktop&utm_content=3003199527&utm_site-id_t=1372681&tblci=GiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSCc01MozLqgx8-Q2e9f#tblciGiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSCc01MozLqgx8-Q2e9f
Title: Enpal

Search URL Search Domain Scan URL

URL: https://next.primeweekly.com/go.php?key=rngxtdd&clickid=GiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSD7wUgooJK6uNTasPLWAQ&site=webmailza&campaign={campaign}&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa554c3dc4b256760a45c3481d5866381.jpg&title=WLAN-Verst%C3%A4rker%2C+den+Internetkonzerne+gerne+verbieten+m%C3%B6chten.&adid=2968180024&tblci=GiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSD7wUgooJK6uNTasPLWAQ#tblciGiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSD7wUgooJK6uNTasPLWAQ
Title: RangeXTD

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=webmailza&utm_medium=referral&utm_content=thumbnails-rr-home:Right%20Rail%20Thumbnails:
Title: Sponsored Links

Search URL Search Domain Scan URL

URL: https://partners.etoro.com/aw.aspx?A=45729&Task=Click&SubAffiliateID=DE_HF_Desk_Blogpost_Stocks_Cannabis_16-08-21_Taboola_AFFID_45729&TargetURL=https://www.etoro.com/de/news-and-analysis/investing/cannabis-industry-how-to-invest/&utm_source=taboola&utm_medium=referral&tblci=GiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSCY_EgojpTZ1LLiyJ8V#tblciGiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSCY_EgojpTZ1LLiyJ8V
Title: eToroAdvertisement

Search URL Search Domain Scan URL

URL: https://cdn.hoergeraeteexperten.de/horizon_reveal/?utm_content=3025615434&utm_publisher_ID=webmailza&mkt_tool_id=942bd3&utm_term=942bd3&act=ACT0000034211ACT&utm_source=taboola&utm_medium=display&utm_campaign=de_de_hoergeraete-expe_display_taboola_de_hh_horizon_reveal_acq_desktop_cw27_audibene-de-he-sc_ACT0000034211ACT&utm_creative_ID=3025615434&aud_adcopy=Unsichtbare+H%C3%B6rger%C3%A4te%2C+die+sich+jeder+leisten+kann%21&tbclid=GiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSDjv1QovNaeiILjq-XEAQ#tblciGiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSDjv1QovNaeiILjq-XEAQ
Title: Hörgeräte Experten

Search URL Search Domain Scan URL

URL: https://www.enpal.de/artikel/grosskonzerne-erschuettert-solar-guenstiger-als-strom?hl=Deutsche%20Erfindung%20macht%20Hausbesitzer%20sprachlos%3A%20Solaranlage%20endlich%20g%C3%BCnstiger%20als%20Strom&utm_source=taboola2.0&utm_medium=referral&utm_campaign=9098511&utm_site_t=webmailza&utm_thumbnail_t=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F21db703edbc88eb3df7b80efecf070be.png&utm_title_t=Hessen%3A+Deutsche+Erfindung+macht+Hausbesitzer+sprachlos&utm_time_t=2021-08-20+19%3A00%3A55&utm_term=Desktop&utm_content=3015835512&utm_site-id_t=1372681&tblci=GiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSCc01Mo_MyU1OHv18CpAQ#tblciGiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSCc01Mo_MyU1OHv18CpAQ
Title: Enpal

Search URL Search Domain Scan URL

URL: https://safesly.com/579e1305-bcf2-4562-9f87-91dd2b5e975f?site=webmailza&title=Experten+sprachlos%3A+So+viel+sind+Immobilien+in+Deutschland+jetzt+wert&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F1db2c66926cb08bce2bc57516b340910.jpg&campaign=DE_McMakler_LP_Desktop1&utm_content=3016989125&conversionname=6H_Lead&click_id=GiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSC4y0AooIbU0cPZiL8B&tblci=GiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSC4y0AooIbU0cPZiL8B#tblciGiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSC4y0AooIbU0cPZiL8B
Title: Immo Helden

Search URL Search Domain Scan URL

URL: https://www.7reelz.com/?/de/lp/slotgames9d-wildz?aid=7reelz-tbl-de&utm_source=webmailza&utm_medium=native&utm_campaign=DE_082021_7reelz&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F97d46c3c5be6ef12b46c63984a431a35.jpg&utm_term=3025119521&tblci=GiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSD5zUYoodLo48C-qfbcAQ#tblciGiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSD5zUYoodLo48C-qfbcAQ
Title: 7reelz Casino

Search URL Search Domain Scan URL

URL: https://partners.etoro.com/aw.aspx?A=45729&Task=Click&SubAffiliateID=DE_HF_Desk_LP_Stocks_Amazon_29-07-21_Taboola_AFFID_45729&TargetURL=https://go.etoro.com/de/dynamic?symbol=amzn&utm_source=taboola&utm_medium=referral&tblci=GiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSCY_Egoh_i-iabkz6fmAQ#tblciGiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSCY_Egoh_i-iabkz6fmAQ
Title: eToro

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=webmailza&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://de.heute-vital.com/1ffb7b26-4f41-49f2-8a00-e2f010889956?utm_campaign=9667652&utm_content=2986977279&utm_medium=Desktop&utm_source=webmailza&site_domain=http%3A&site_id=1372681&image=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F1922f0dc8699bf8edcf7c727cbc43d75.jpg&title=Frankfurt+Am+Main+in+Aufregung%3A+CBD+Frucht-Drops+machen+%C3%84rzte+sprachlos+-+Jetzt+Lesen%21&utm_network=taboola&click_id=GiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSCO01Mot4-Z8Yuig7Ec&tblci=GiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSCO01Mot4-Z8Yuig7Ec#tblciGiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSCO01Mot4-Z8Yuig7Ec
Title: Sarah's Blessing

Search URL Search Domain Scan URL

URL: https://see.curitypower.com/795e1586-3c62-4dbb-98a1-4076c43bfb98?utm_medium=webmailza&utm_campaign=8362078&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F9acdca7a604979ffcdd64381c0a297dc.jpg&taboolaclickid=GiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSD92UUojPiAo8TD5NLDAQ&tblci=GiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSD92UUojPiAo8TD5NLDAQ#tblciGiDBbAit7Tsk__EQc5VOLsLsZKPhCmrW7D_jb_ZJI1lMxSD92UUojPiAo8TD5NLDAQ
Title: Circa Knee

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en
Title: Ad

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://executivemail.co.za/ HTTP 301
https://www.webmail.co.za/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://collector.effectivemeasure.net/beacon/get?cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1629486055572_1 HTTP 302
https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1629486055572_1

Request Chain 67

https://eus-api.ccgateway.net/v1/s/narratiive-syndication?puid=f11e3612-e3a2-4770-9cb6-e8c275fb1dc6&rdurl=https://collector.effectivemeasure.net/sync_webhook/carbon/{{ccuid}} HTTP 302
https://collector.effectivemeasure.net/sync_webhook/carbon/ac766dfe-11d1-4683-a72a-efabac9f61a2

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=emi_ddp&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=emi_ddp&google_cm=&google_tc= HTTP 302
https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?google_gid=CAESEH5TEO5L8uUkcwlthKj6veY&google_cver=1

Request Chain 69

https://pixel.mathtag.com/sync/img?redir=https://collector.effectivemeasure.net/sync_webhook/mediamath/[MM_UUID] HTTP 302
https://collector.effectivemeasure.net/sync_webhook/mediamath/adf1611f-fbe7-4c00-819b-87e855e7b66f

Request Chain 70

https://bcp.crwdcntrl.net/5/c=10063?https://collector.effectivemeasure.net/sync_webhook/lotame/${profile_id} HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=10063?https://collector.effectivemeasure.net/sync_webhook/lotame/${profile_id} HTTP 302
https://collector.effectivemeasure.net/sync_webhook/lotame/8ae0abada057ce997ccdf2ea171db9c6

Request Chain 71

https://dmp.adform.net/serving/cookie/match?party=1181 HTTP 302
https://dmp.adform.net/serving/cookie/match?CC=1&party=1181 HTTP 302
https://collector.effectivemeasure.net/sync_webhook/adform/8360960001071592462

Request Chain 73

https://match.adsrvr.org/track/cmf/generic?ttd_pid=effective-measure&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=effective-measure&ttd_tpi=1 HTTP 302
https://collector.effectivemeasure.net/sync_webhook/ttd/b5dfb98b-f0dd-4f58-b692-160cd5a8291e

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEPKE5s0_DHRpKHFQQyJ-Hg&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEPKE5s0_DHRpKHFQQyJ-Hg&google_cver=1&C=1

Request Chain 119

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YR-76JOi55tXc88dJ0qfSAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEPKE5s0_DHRpKHFQQyJ-Hg&google_cver=1

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL259oU2hplnKHGqs6khArU&google_cver=1

Request Chain 121

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI0NzAwMzUxMzkyMTM5MjgwOQ%3D%3D

Request Chain 126

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f308e45a-01e8-11ec-a4a7-1f932c7f0406 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f308e425-01e8-11ec-a4a7-1f932c7f0406&orig=video&us_privacy=1---gdpr=1&

Request Chain 132

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f30d8135-01e8-11ec-bfd0-1a7cb9e30506 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f30d80df-01e8-11ec-bfd0-1a7cb9e30506&orig=video&us_privacy=1---gdpr=1&

Request Chain 167

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 173

https://ad28.ad-srv.net/request.php?zone=h7gx4wfffrt8&nw=11&renderingType=javascript&namespace=0d8dde3394&subid=&uid=bca89da030c18566&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fwww.webmail.co.za%2F&ancestorOrigins=https%3A%2F%2Fwww.webmail.co.za&random=5834234434336&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://ad28.ad-srv.net/request.php?zone=h7gx4wfffrt8&nw=11&renderingType=javascript&namespace=0d8dde3394&subid=&uid=bca89da030c18566&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fwww.webmail.co.za%2F&ancestorOrigins=https%3A%2F%2Fwww.webmail.co.za&random=5834234434336&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 178

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 188

https://www.awin1.com/cshow.php?s=2470208&v=11354&q=371931&r=473322&pv=1&viewref=38187000132810000383832011692028 HTTP 302
https://www.zenaps.com/cshow.php?pvr=f364c231-01e8-11ec-9723-692d00a25ac2&v=11354&r=473322&q=371931&s=2470208&viewref=38187000132810000383832011692028&pv=1 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_473322_1629486056_f364c231-01e8-11ec-9723-692d00a25ac2&insert=AW

Request Chain 189

https://www.awin1.com/cshow.php?s=2344163&v=14718&q=357725&r=473322&pv=1&pref1=38187000132810000383832011692028 HTTP 302
https://www.asmc.de/web/12d89144075752ca3c73c924a3dca46b.html

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDDgml59krZS6sJB1GWZuVo&google_cver=1

Request Chain 196

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YR-76OV2KLBCuOgfMOXxWAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDDgml59krZS6sJB1GWZuVo&google_cver=1

Request Chain 197

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENgfUbsyRN3CHfShnwSekvE&google_cver=1

Request Chain 198

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY1MDQ4NjAxMzgwOTcyNzM3Nw%3D%3D

Request Chain 211

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 216

https://pv.medialead.de/trck/epv/69250fcfc588cf5d8ffbc24dca91a6f6&subid=38187000132810000383832011692028&ctrack=https%3A%2F%2Fad28.ad-srv.net%2Fc%2Fc9dlxpbdj3o89f2%3Ftprde%3D HTTP 301
https://pv.medialead.de/trck/epv/69250fcfc588cf5d8ffbc24dca91a6f6?subid=38187000132810000383832011692028&ctrack=https%3A%2F%2Fad28.ad-srv.net%2Fc%2Fc9dlxpbdj3o89f2%3Ftprde%3D

Request Chain 217

https://www.awin1.com/cshow.php?s=2470208&v=11354&q=371931&r=473322&pref1=38187000132810000383832011692028 HTTP 302
https://www.zenaps.com/cshow.php?pvr=f39436a0-01e8-11ec-9a09-692d00d40ca2&v=11354&r=473322&q=371931&s=2470208&viewref=38187000132810000383832011692028 HTTP 302
https://asset.conrad.com/media10/isa/160267/c1/-/de/SOMMERSALE21_234x60?format=gif

Request Chain 218

https://www.awin1.com/cshow.php?s=2344163&v=14718&q=357725&r=473322&pref1=38187000132810000383832011692028 HTTP 302
https://cdn.contentspread.net/onuni/ASMC/DE/animiert/ani_234x60.gif

Request Chain 235

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 255

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 256

https://hal90005.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=ba6b11b46f&subid=&uid=05ed6050b9cc5a9c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYLPo6PsfYeSuIIr2-gadsI_ACbXN-YNXzN65q-UM8C4QASD_wrQiYJWCgICYB8gBCakCa8t8_Eqisz6oAwGqBO8BT9B6JdCHOYtZeZp9-ezrZR2Hi-bnyZCuve-oV79UOlj6nqh4QaajLFcx6I4I4867VG1gyoyqM8VrUoJ5ThkG1wHE3qh9dFSapOQY_Y9rHfgChb7lSUKnvY_OnwfOhlwvpIXEFEfBewC4ArD_C_OhK_BwE8_jNzhE_Gno6xM0xreNtoiZiNSY2PQ3oLSBQXN7UiY3953x5XvxaTnZ_9S9eAad69f-j2ur2eT-IlkK4qhIxIUOh6wrUAVFaa7jM01bnXPEVGM1f_HmdB8FqLMdrzhWUSdUsDGj06OHe_qDs6hK61RhQFak2fDwkMD2NFXABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoaTaHB8E6VtXafEgWbwMeTuA1pQ%26sig%3DAOD64_0tqTFYzTXNFuStwTK1zqvBbUdp3Q%26client%3Dca-pub-2370948078851435%26dbm_c%3DAKAmf-B7WJ3v3AECigQbuwZ5if1_jtV4mGasqxZ5WK8Q5lQb3Z3ijVKuWSLMTQkIAI2FsXQljofhd1d-LA_kGQBGdrbUz8d2TkY1L6gvS3p5RbTr8ydaXZ_qbCog8UY-XeuQN6yaSXDlhspFDYY8dHw8b7xfH1RUsg%26cry%3D1%26dbm_d%3DAKAmf-AVpp1jwiiXx2VClnCYnIaQvuVK6Lti2H_AGNI0zaKQreS_TuvopOPZHxXX8fGe2UAupnuzQ_oUqnZHspfqEU2f4D9VUYNOhIUWeqBOMm3ABTPj8CyMXPVKAr3ZNZ7BAOBjH1kzcuwbGsk6HkKzpyKR0NaY1zimhLP77AVK_p5WPufNRjzs4hSbKjFMm23mPBLVAYYcfCeJ1jqJsSC4VNIzM9JQ94D6psBylGaCSFKbLb4waihLd_ZxOh1vbQEluAYPlvWCJbN8Bcu6bdV-WcGJwdIEf6ePiHCIS_2Y5mypMkYa5G0cF9FGdqERU0w3TrILSbJVSCl27KylqyY668EfqVnQP9_jENX2mATGd_W5e66TVIWKm8Ple6o9XYuOmlCynW-l0ZmsmEEW1F0Bqcx75-oKXWwzUHd6g71-Mdl8kShF50_OO_YvksHC77Lid3H57hOR%26adurl%3D&documentReferer=https%3A%2F%2Fwww.webmail.co.za%2F&ancestorOrigins=https%3A%2F%2Fwww.webmail.co.za&random=8551438510214&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90005.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=ba6b11b46f&subid=&uid=05ed6050b9cc5a9c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYLPo6PsfYeSuIIr2-gadsI_ACbXN-YNXzN65q-UM8C4QASD_wrQiYJWCgICYB8gBCakCa8t8_Eqisz6oAwGqBO8BT9B6JdCHOYtZeZp9-ezrZR2Hi-bnyZCuve-oV79UOlj6nqh4QaajLFcx6I4I4867VG1gyoyqM8VrUoJ5ThkG1wHE3qh9dFSapOQY_Y9rHfgChb7lSUKnvY_OnwfOhlwvpIXEFEfBewC4ArD_C_OhK_BwE8_jNzhE_Gno6xM0xreNtoiZiNSY2PQ3oLSBQXN7UiY3953x5XvxaTnZ_9S9eAad69f-j2ur2eT-IlkK4qhIxIUOh6wrUAVFaa7jM01bnXPEVGM1f_HmdB8FqLMdrzhWUSdUsDGj06OHe_qDs6hK61RhQFak2fDwkMD2NFXABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoaTaHB8E6VtXafEgWbwMeTuA1pQ%26sig%3DAOD64_0tqTFYzTXNFuStwTK1zqvBbUdp3Q%26client%3Dca-pub-2370948078851435%26dbm_c%3DAKAmf-B7WJ3v3AECigQbuwZ5if1_jtV4mGasqxZ5WK8Q5lQb3Z3ijVKuWSLMTQkIAI2FsXQljofhd1d-LA_kGQBGdrbUz8d2TkY1L6gvS3p5RbTr8ydaXZ_qbCog8UY-XeuQN6yaSXDlhspFDYY8dHw8b7xfH1RUsg%26cry%3D1%26dbm_d%3DAKAmf-AVpp1jwiiXx2VClnCYnIaQvuVK6Lti2H_AGNI0zaKQreS_TuvopOPZHxXX8fGe2UAupnuzQ_oUqnZHspfqEU2f4D9VUYNOhIUWeqBOMm3ABTPj8CyMXPVKAr3ZNZ7BAOBjH1kzcuwbGsk6HkKzpyKR0NaY1zimhLP77AVK_p5WPufNRjzs4hSbKjFMm23mPBLVAYYcfCeJ1jqJsSC4VNIzM9JQ94D6psBylGaCSFKbLb4waihLd_ZxOh1vbQEluAYPlvWCJbN8Bcu6bdV-WcGJwdIEf6ePiHCIS_2Y5mypMkYa5G0cF9FGdqERU0w3TrILSbJVSCl27KylqyY668EfqVnQP9_jENX2mATGd_W5e66TVIWKm8Ple6o9XYuOmlCynW-l0ZmsmEEW1F0Bqcx75-oKXWwzUHd6g71-Mdl8kShF50_OO_YvksHC77Lid3H57hOR%26adurl%3D&documentReferer=https%3A%2F%2Fwww.webmail.co.za%2F&ancestorOrigins=https%3A%2F%2Fwww.webmail.co.za&random=8551438510214&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 265

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=79416800156334100710616011692005&t=htlp HTTP 301
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=79416800156334100710616011692005&actionid=731824&produktid=businessgiro&dt_url=

Request Chain 269

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=79416800156334100710616011692005 HTTP 301
https://ad-server.eu/wm/pb/native.png

Request Chain 312

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=ff14596b-01e8-11ec-82c6-1a4ab9540406 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=ff1458f8-01e8-11ec-82c6-1a4ab9540406&orig=video&us_privacy=1---gdpr=1&

Request Chain 324

https://gum.criteo.com/sid/json?origin=publishertag&domain=webmail.co.za&sn=ChromeSyncframe&so=0&topUrl=www.webmail.co.za&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=xQiefnxBaTRudEZSdXo0NzV3ZDkwNWJrdWtTNk1NZHBlSlJubVB6Ulp3QmZPN1hURmxPek0xSmE5ZnlHN3dMcjhJVjdkZWQ2dmZwTnVZdzVZWDc5RzcwM05WcW4vNGVEc2R4dzVMYlEyZFhzKzJLWVMwUjh4dzFZSzZqd3pxQlBadTVTajVMenJnSHRjSWlJenR0eTdEMmEybmZvRUxZWXlzZDZ4Nzg5N0FhWEJYQU5LdEZxZU1OaXM2bHQrTEFuNjhnRjBLUHRYTGR2a3p4WTlsczB6Q0ZWbVlPNkh3NEpPV1E1NVg5b3Z5RE5oMElKc1NUaG9oV2wvOUVlQXYwNU90S08zdjluakREOWR3MXordTJZZDhIOG9LZz09fA&cppv=2

322 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.webmail.co.za/
Redirect Chain

http://executivemail.co.za/
https://www.webmail.co.za/

39 KB
12 KB

96ms
25ms

Document
text/html

195.154.207.108
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.webmail.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.207.108 , France, ASN12876 (Online SAS, FR),
Reverse DNS: web1.wmi2.net
Software: nginx /
Resource Hash: 55e472b889b155b4d12b5bfd0693b2c56618f21337f9f7cacb210fdce69a1b9f

Request headers

Host: www.webmail.co.za
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Fri, 20 Aug 2021 19:00:55 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=gfpqqqa6dps4hduqr4sb8ibid0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Fri, 20 Aug 2021 19:00:55 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.webmail.co.za/

GET
H/1.1 200
OK webmailV3.04.css
www.webmail.co.za/css/ 62 KB
62 KB 17ms
17ms Stylesheet
text/css 195.154.207.108
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.webmail.co.za/css/webmailV3.04.css?v=3.4.5
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.207.108 , France, ASN12876 (Online SAS, FR),
Reverse DNS: web1.wmi2.net
Software: nginx /
Resource Hash: 3582f0cd7c94416fc64172a678e328e48cc2c0d89677b2c2811859784ce16d7f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.webmail.co.za
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.webmail.co.za/
Cookie: PHPSESSID=gfpqqqa6dps4hduqr4sb8ibid0
Connection: keep-alive
Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:00:55 GMT
Last-Modified: Wed, 19 May 2021 12:46:01 GMT
Server: nginx
ETag: "60a50889-f638"
Content-Type: text/css
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63032
Expires: Fri, 20 Aug 2021 20:00:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 94 KB
33 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:52:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33495
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 14:52:09 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 72 KB
25 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13715833e57d32356b1b55ccbdb87d308d15cf5a665dc4dfd1d14ba3729a5ac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "965 / 154 of 1000 / last-modified: 1629457814"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25311
x-xss-protection: 0
expires: Fri, 20 Aug 2021 19:00:55 GMT

GET
H/1.1 200
OK webmail-logo-w.png
www.webmail.co.za/images/ 7 KB
7 KB 16ms
15ms Image
image/png 195.154.207.108
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.webmail.co.za/images/webmail-logo-w.png
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.207.108 , France, ASN12876 (Online SAS, FR),
Reverse DNS: web1.wmi2.net
Software: nginx /
Resource Hash: 80481994d0a77569f67968014cb98435b9fad9720566644a53774b3af4269741

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.webmail.co.za
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.webmail.co.za/
Cookie: PHPSESSID=gfpqqqa6dps4hduqr4sb8ibid0
Connection: keep-alive
Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:00:55 GMT
Last-Modified: Mon, 02 May 2016 11:53:15 GMT
Server: nginx
ETag: "57273fab-1ad4"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6868
Expires: Fri, 27 Aug 2021 19:00:55 GMT

GET
H2 200 aK5ac0kNQoGCCAKu6Cw_HiahGv9aoBA-gczbBdgBPBVQDKadtjU5ZBevSS5Z9MNh6Ce8E9EMmx4Cv5ygFJCPRTtbIGNJu4ziPYM
lh3.googleusercontent.com/ 58 KB
58 KB 10ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/aK5ac0kNQoGCCAKu6Cw_HiahGv9aoBA-gczbBdgBPBVQDKadtjU5ZBevSS5Z9MNh6Ce8E9EMmx4Cv5ygFJCPRTtbIGNJu4ziPYM

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

56bbc4cd8d76bf95810fce9c5a11c0ead96308330fbb88499e0b7919b51647b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 18:25:03 GMT
x-content-type-options: nosniff
age: 2152
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59045
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 Aug 2021 09:04:45 GMT

GET
H2 200 5Jt1vwQwbrg7BytyQ4AiSm9LxXYHfrluGd4VZAV7Uryjt5ZYJjek9mDgEvWjwgAoP_RXo5-HoQNPHxw5k1TomA
lh3.googleusercontent.com/ 60 KB
60 KB 39ms
35ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/5Jt1vwQwbrg7BytyQ4AiSm9LxXYHfrluGd4VZAV7Uryjt5ZYJjek9mDgEvWjwgAoP_RXo5-HoQNPHxw5k1TomA

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8166bdde246d7a93b8ba6e7d2f97c62d006e7530872c083d65af2b3c83683894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:55 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61493
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 20 Aug 2021 11:28:16 GMT

GET
H2 200 Vi9xv672v2chXju9o-rPmjVAkUfW9Cxw4XFVpm_WQlqXiPy0ig_od_doYbp0cvXpQusQ1wUZ843pssLz88wuptJV8NbIw1pxcJkF
lh3.googleusercontent.com/ 60 KB
60 KB 12ms
8ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Vi9xv672v2chXju9o-rPmjVAkUfW9Cxw4XFVpm_WQlqXiPy0ig_od_doYbp0cvXpQusQ1wUZ843pssLz88wuptJV8NbIw1pxcJkF

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3193e68f7f79b3793bcac0675dd385b086915d04387bd37e4d317dc79f269628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 17:48:18 GMT
x-content-type-options: nosniff
age: 4357
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61440
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 Aug 2021 17:48:18 GMT

GET
H2 200 SGu07iy7Hjm5956-De-s3amm5bPwy0SIjohpVbSHo3OzeNWgaxXAXD847GEQ-JlX0W_c41TKDHBkoxWYQXGycPw2hCQIS7Qiw9HUullDeSuSonhJ
lh3.googleusercontent.com/ 16 KB
16 KB 11ms
8ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/SGu07iy7Hjm5956-De-s3amm5bPwy0SIjohpVbSHo3OzeNWgaxXAXD847GEQ-JlX0W_c41TKDHBkoxWYQXGycPw2hCQIS7Qiw9HUullDeSuSonhJ

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1de686b09435eefaa5fb9adae90ec317b9e980910aa705c8e46310f94caf4ff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 17:18:42 GMT
x-content-type-options: nosniff
age: 6133
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16694
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 Aug 2021 08:56:30 GMT

GET
H2 200 tWRM8L7PnEDdcmEuorcVu42xCGRDpQLvJHzdxXRykGfSQPrnZ1sU7PjDvwemCRw08Q4D7MJG9gSft1jnDPY-Jqtrbma2BMHgMUCYd6o9bW1urTo
lh3.googleusercontent.com/ 113 KB
113 KB 12ms
9ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/tWRM8L7PnEDdcmEuorcVu42xCGRDpQLvJHzdxXRykGfSQPrnZ1sU7PjDvwemCRw08Q4D7MJG9gSft1jnDPY-Jqtrbma2BMHgMUCYd6o9bW1urTo

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

46576efa560e2014ef9d5144932a11a87dc7efe1637e39546c43dbfbb7230ad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 18:42:13 GMT
x-content-type-options: nosniff
age: 1122
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115332
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 Aug 2021 09:40:13 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 97 KB
39 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PDHV4H&l=dataLayer&m=sync&

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d16b65f7b062f8bc8d44a544baeca656c01cde0fe00838c08eed9c73163fb9d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 20 Aug 2021 19:00:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39210
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 20 Aug 2021 19:00:55 GMT

GET
H2 200 webmail_homepage_desktop.js Show response
adxbid.info/ 226 KB
72 KB 98ms
71ms Script
application/javascript 2606:4700:20::ac43:452a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adxbid.info/webmail_homepage_desktop.js?_=1629486055380
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:452a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37d75e6ce8bffa180f2d67f3d5dd3b06711e2b240ccb153af0c9741b8c5e429f

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 06 Aug 2021 16:54:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXaf2GraOBFDYOmVC%2FveGD86L5KSWOyYJpk56N4kDIW%2F2Btd4kOh5azPF1V5tIUNjeRUsY7sUXjgrf7ut5MUOkOULB%2BhuuKg8TTKpF%2BRPvmuU%2BCL052KVOiaCYbbImtQVFW0boyjUtD1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 681dde064ecf4ac2-FRA

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/webmailza/ 82 KB
20 KB 225ms
206ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/webmailza/loader.js
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 88424804595f1d70a8f3a4465887544c6ab4d8f867773380d878e6104ec78a20

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: P7L5buW0MyFaSw6y.d2_os6oysMD9mTU
content-encoding: gzip
etag: "4259643e4d8ed961773d53f2fbc08900"
age: 0
x-cache: HIT
content-length: 20139
x-amz-id-2: npy1CHFOu6opoKyCbcflC6/sy+hPJlM+GmEM37WPqzqzXURPEL0sgydJtdCp+qqQhBzlw6ejjUc=
x-served-by: cache-fra19146-FRA
last-modified: Thu, 19 Aug 2021 11:21:33 GMT
server: AmazonS3
x-timer: S1629486055.404351,VS0,VE199
date: Fri, 20 Aug 2021 19:00:55 GMT
vary: Accept-Encoding
x-amz-request-id: 6HBSTJ3NGE9G7VYF
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 76
x-cache-hits: 1

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 6434
date: Fri, 20 Aug 2021 17:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Fri, 20 Aug 2021 19:13:41 GMT

GET
H2 200 hotjar-702496.js Show response
static.hotjar.com/c/ 4 KB
2 KB 75ms
46ms Script
application/javascript 13.224.96.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-702496.js?sv=6

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-116.zrh50.r.cloudfront.net

Software

Resource Hash

e03e5473724b007756be2f4097e713221b593bfa10a927896ace93eaaacb911f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 12
etag: W/6c44fbdc987b7c09bf1a0c76895941ff
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: ZRH50-C1
content-length: 1907
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
x-amz-cf-id: A88OTSy-Zk_U_gARxv6CMd61nl5DLP8X1JMnJfpRiB1oIjmbW4Fp6g==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 134 KB
50 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NR3ZXF

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

acd646fe1822313c9f2825e223c45ff00794adf5df9ea3a02d960122c2707355

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50823
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 20 Aug 2021 19:00:55 GMT

GET
H2 200 em.js Show response
za-ssl.effectivemeasure.net/ 378 B
756 B 65ms
12ms Script
application/javascript 2600:9000:20eb:4a00:b:3c99:a880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://za-ssl.effectivemeasure.net/em.js
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4a00:b:3c99:a880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b646e7ffbc66071e42f1027eadcc593772e9728738516f4bb79d1b3c9c137eb7

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: t7PdnOqmxGUTf0a_jPpkk1ZsC1D98ALI
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
last-modified: Wed, 10 Jun 2020 01:00:17 GMT
server: AmazonS3
age: 344627
etag: "4101041d9fe2bb2666de1f78999a027a"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=604800
date: Mon, 16 Aug 2021 19:17:09 GMT
x-amz-cf-pop: FRA2-C1
content-length: 378
x-amz-cf-id: aC0LyyZryFMyyQ4VMVcOtBG8eHwgcC4ju-ks32LQ_tHdANm3lubBSg==

GET
H/1.1 200
OK wm-sprite3.02.png
www.webmail.co.za/images/ 9 KB
10 KB 30ms
16ms Image
image/png 195.154.207.108
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.webmail.co.za/images/wm-sprite3.02.png
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/css/webmailV3.04.css?v=3.4.5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.207.108 , France, ASN12876 (Online SAS, FR),
Reverse DNS: web1.wmi2.net
Software: nginx /
Resource Hash: 165da72bd88856ca58087384fef059cc41df9c41ab8e7ffd53466a1959ebe72f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.webmail.co.za
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.webmail.co.za/css/webmailV3.04.css?v=3.4.5
Cookie: PHPSESSID=gfpqqqa6dps4hduqr4sb8ibid0
Connection: keep-alive
Referer: https://www.webmail.co.za/css/webmailV3.04.css?v=3.4.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:00:55 GMT
Last-Modified: Mon, 02 May 2016 11:53:15 GMT
Server: nginx
ETag: "57273fab-24e8"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9448
Expires: Fri, 27 Aug 2021 19:00:55 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff
www.webmail.co.za/css/icons_fa/ 64 KB
64 KB 17ms
16ms Font
font/woff 195.154.207.108
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.webmail.co.za/css/icons_fa/fontawesome-webfont.woff?v=4.1.0
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/css/webmailV3.04.css?v=3.4.5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.207.108 , France, ASN12876 (Online SAS, FR),
Reverse DNS: web1.wmi2.net
Software: nginx /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.webmail.co.za
Accept-Encoding: gzip, deflate, br
Host: www.webmail.co.za
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.webmail.co.za/css/webmailV3.04.css?v=3.4.5
Cookie: PHPSESSID=gfpqqqa6dps4hduqr4sb8ibid0
Connection: keep-alive
Origin: https://www.webmail.co.za
Referer: https://www.webmail.co.za/css/webmailV3.04.css?v=3.4.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:00:55 GMT
Last-Modified: Mon, 02 May 2016 11:53:15 GMT
Server: nginx
ETag: "57273fab-ffac"
Content-Type: font/woff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65452

GET
H/1.1 200
OK bg-ads.png
www.webmail.co.za/images/ 2 KB
2 KB 20ms
15ms Image
image/png 195.154.207.108
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.webmail.co.za/images/bg-ads.png
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/css/webmailV3.04.css?v=3.4.5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.207.108 , France, ASN12876 (Online SAS, FR),
Reverse DNS: web1.wmi2.net
Software: nginx /
Resource Hash: feff660b40200996753b622d58b6618e469168e897278fc6cbec52989b9b56fc

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.webmail.co.za
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.webmail.co.za/css/webmailV3.04.css?v=3.4.5
Cookie: PHPSESSID=gfpqqqa6dps4hduqr4sb8ibid0
Connection: keep-alive
Referer: https://www.webmail.co.za/css/webmailV3.04.css?v=3.4.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:00:55 GMT
Last-Modified: Mon, 02 May 2016 11:53:15 GMT
Server: nginx
ETag: "57273fab-640"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1600
Expires: Fri, 27 Aug 2021 19:00:55 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1749289110&t=pageview&_s=1&dl=https%3A%2F%2Fwww.webmail.co.za%2F&ul=en-us&de=UTF-8&dt=Webmail%20%7C%20Free%20email%2C%20file%20storage%2C%20sms%20and%20more.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2030893345&gjid=319561732&cid=700100001.1629486055&tid=UA-19663217-1&_gid=173963698.1629486055&_r=1&_slc=1&z=2109610962

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.webmail.co.za
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021081701.js Show response
securepubads.g.doubleclick.net/gpt/ 328 KB
115 KB 62ms
25ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

416c66b64adf83bfdfcdd37b98c3d88ae15cc77370bd0f7b5edcc3e5b480e641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Aug 2021 08:38:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117161
x-xss-protection: 0
expires: Fri, 20 Aug 2021 19:00:55 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 94 B
743 B 58ms
23ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.webmail.co.za

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f05533317139a5a18a37d4ea1d9385d1852680313f297f48fab3b4924299f1fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 19:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86
x-xss-protection: 0
expires: Fri, 20 Aug 2021 19:00:55 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
87 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-19663217-1&cid=700100001.1629486055&jid=2030893345&gjid=319561732&_gid=173963698.1629486055&_u=IEBAAEAAAAAAAC~&z=2061119777

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 20 Aug 2021 19:00:55 GMT
content-type: text/plain
access-control-allow-origin: https://www.webmail.co.za
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 410 6016.js
script.crazyegg.com/pages/scripts/0022/ 0
0 14ms
14ms Script
application/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0022/6016.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NR3ZXF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:55 GMT
cf-cache-status: HIT
last-modified: Fri, 20 Aug 2021 05:22:30 GMT
server: cloudflare
age: 49105
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 681dde06fca84a67-FRA
content-length: 0

GET
H/1.1 200
OK i1_5160dafd.png
www.webmail.co.za/images/ 13 KB
13 KB 16ms
16ms Image
image/png 195.154.207.108
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.webmail.co.za/images/i1_5160dafd.png
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/css/webmailV3.04.css?v=3.4.5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.207.108 , France, ASN12876 (Online SAS, FR),
Reverse DNS: web1.wmi2.net
Software: nginx /
Resource Hash: 11df01bd0eba66e77ca9090ce51be66999351b6c1addf9f7d7a3693b911aa931

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.webmail.co.za
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.webmail.co.za/css/webmailV3.04.css?v=3.4.5
Cookie: PHPSESSID=gfpqqqa6dps4hduqr4sb8ibid0; _ga=GA1.3.700100001.1629486055; _gid=GA1.3.173963698.1629486055; _gat=1
Connection: keep-alive
Referer: https://www.webmail.co.za/css/webmailV3.04.css?v=3.4.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:00:55 GMT
Last-Modified: Mon, 02 May 2016 11:53:15 GMT
Server: nginx
ETag: "57273fab-341b"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13339
Expires: Fri, 27 Aug 2021 19:00:55 GMT

GET
H2 200 modules.e763089bec9f2503d752.js Show response
script.hotjar.com/ 221 KB
59 KB 92ms
57ms Script
application/javascript 13.224.196.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e763089bec9f2503d752.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-702496.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-125.fra2.r.cloudfront.net

Software

Resource Hash

b8e39dad2211fe2aafd3c487471c94934a5230aeb00608f59b80c880ce777440

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 10:32:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203330
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59555
access-control-allow-origin: *
last-modified: Wed, 18 Aug 2021 10:31:58 GMT
etag: "59b0bd2bf71a6ea4a84151c51b91fba8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: neBP_NTZbwNfAbt9g3tOs9WYq3tp0LjsVJPMhqL0O_mtTdbu9-_iEg==

GET
H2 200 tag.js Show response
t.effectivemeasure.net/ 22 KB
7 KB 36ms
8ms Script
application/javascript 13.224.196.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.effectivemeasure.net/tag.js?1629
Requested by: Host: za-ssl.effectivemeasure.net
URL: https://za-ssl.effectivemeasure.net/em.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-67.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be1c4031c965bdf06827008cc018d79cbed689468cd9be0e6810a56a5f6617d7

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: O3a7WZEATOQUEXh0NtsTxnF269jGh9BQ
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 01:00:17 GMT
server: AmazonS3
age: 462641
etag: W/"93cb9d1cb96864d82a396bd64bd41630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
cache-control: public, max-age=604800
date: Sun, 15 Aug 2021 10:30:15 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: wm0Dh5RRFaLWOfSIOjK85Lb5Zg2ve8Dn9khDtnKZjy-GKSs3SEOTPg==

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
758 B 84ms
29ms XHR
application/json 216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.19.0-pre
Requested by: Host: adxbid.info
URL: https://adxbid.info/webmail_homepage_desktop.js?_=1629486055380
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e57e1b23aaa8c26ceb43aae13a2a39a86c8ff62bbf7f54c0461596d6b44555b

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 20 Aug 2021 19:00:55 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.webmail.co.za
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
190 B 58ms
17ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=29&wv=3.19.0-pre&cb=4948997054
Requested by: Host: adxbid.info
URL: https://adxbid.info/webmail_homepage_desktop.js?_=1629486055380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.webmail.co.za
date: Fri, 20 Aug 2021 19:00:54 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK auction Show response
nocf.adxpremium.services/openrtb2/ 325 B
626 B 197ms
117ms XHR
application/json 135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nocf.adxpremium.services/openrtb2/auction
Requested by: Host: adxbid.info
URL: https://adxbid.info/webmail_homepage_desktop.js?_=1629486055380
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: bcfa40b3ba947da30270542f058116fb102667d9664fbbf7d5a646410c7959ac

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:55 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.webmail.co.za
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 325
expires: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 40 B
487 B 194ms
154ms XHR
application/json 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTg0NjQ2MiZ0cmFuc2FjdGlvbklkPWQxOWE3NjA5LTE5NWItNDQ0YS1iZTdhLTMxYjEwMjFhOTEzNw%3D%3D&bWlkPTg0NjQ2MCZ0cmFuc2FjdGlvbklkPWU3MzY3MjI0LTdlOWUtNDcxMy05NTdjLThhNGNjYzQ2ZWNlNg%3D%3D&bWlkPTg0NjQ2MCZ0cmFuc2FjdGlvbklkPTE3NWY3YTVkLWJlMWEtNDhlOS05MGM2LWNmMmRmMTgxZTlhMw%3D%3D&bWlkPTg0NjQ2MCZ0cmFuc2FjdGlvbklkPWM5MWExMzY0LWJkYjEtNDhhMy1hODJiLWZlNWQxYzQyY2JmMA%3D%3D&bWlkPTg0NjQ2MCZ0cmFuc2FjdGlvbklkPTM4YzhmYzIzLTFiMDUtNDgzYS04NGNhLTM5ZTQ2ZmI4YzIyZg%3D%3D&bWlkPTg0NjQ1OCZ0cmFuc2FjdGlvbklkPWM5MDIxYWE2LTc1MzctNGRhNS05YTY4LTY5NmQyM2Q5NzlmOQ%3D%3D&bWlkPTg0NjQ2MCZ0cmFuc2FjdGlvbklkPTRhNzBlMzA3LWIzN2UtNDY5MC1hOTJiLWNlN2U0MzkyNmE2OQ%3D%3D&bWlkPTg0NjQ2MCZ0cmFuc2FjdGlvbklkPWI1M2Q3MTI3LWY5ZWMtNGM3Ni05MzliLTUxZDQ1MjYwNTc5Yg%3D%3D&pt=gross&stid=47e4931d-b88f-46b8-b0b6-a061f10175db&gdpr=true&gdpr_consent=undefined&fd=1

Requested by

Host: adxbid.info
URL: https://adxbid.info/webmail_homepage_desktop.js?_=1629486055380

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

50751afb202533244586716dc039eb6eeb1c0577be5077d6a805ae20dde1d2bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:55 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.webmail.co.za
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 40
expires: -1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
2 KB 75ms
31ms XHR
application/json 213.19.162.41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1384582&size_id=57&gdpr=1&rp_schain=1.0,1!webmail.co.za,199479,1,,,&rf=https%3A%2F%2Fwww.webmail.co.za%2F&tk_flint=pbjs_lite_v3.19.0-pre&x_source.tid=d19a7609-195b-444a-be7a-31b1021a9137&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.19509094247022363
Requested by: Host: adxbid.info
URL: https://adxbid.info/webmail_homepage_desktop.js?_=1629486055380
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 1141878aad5c36f7728b49d6c00236c76c78ebf54eb0cb3a61f0b3b516c63142

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:55 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.webmail.co.za
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
2 KB 79ms
27ms XHR
application/json 213.19.162.41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1384582&size_id=15&gdpr=1&rp_schain=1.0,1!webmail.co.za,199479,1,,,&rf=https%3A%2F%2Fwww.webmail.co.za%2F&tk_flint=pbjs_lite_v3.19.0-pre&x_source.tid=e7367224-7e9e-4713-957c-8a4ccc46ece6&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.37467758482834346
Requested by: Host: adxbid.info
URL: https://adxbid.info/webmail_homepage_desktop.js?_=1629486055380
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 0184843db150256de079daaf6dd648290ed1769d5a27c6e45573c6584a660897

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:55 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.webmail.co.za
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
2 KB 93ms
38ms XHR
application/json 213.19.162.41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1384582&size_id=15&gdpr=1&rp_schain=1.0,1!webmail.co.za,199479,1,,,&rf=https%3A%2F%2Fwww.webmail.co.za%2F&tk_flint=pbjs_lite_v3.19.0-pre&x_source.tid=175f7a5d-be1a-48e9-90c6-cf2df181e9a3&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9896244496405024
Requested by: Host: adxbid.info
URL: https://adxbid.info/webmail_homepage_desktop.js?_=1629486055380
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: ae89f5236f82d6e3bc59c732078ffeba5adf9b95bf9633fc4cab6eff51d78c63

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:55 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.webmail.co.za
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
2 KB 96ms
42ms XHR
application/json 213.19.162.41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1384582&size_id=15&gdpr=1&rp_schain=1.0,1!webmail.co.za,199479,1,,,&rf=https%3A%2F%2Fwww.webmail.co.za%2F&tk_flint=pbjs_lite_v3.19.0-pre&x_source.tid=c91a1364-bdb1-48a3-a82b-fe5d1c42cbf0&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5786566988396153
Requested by: Host: adxbid.info
URL: https://adxbid.info/webmail_homepage_desktop.js?_=1629486055380
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 028fac763131bbe421511369e5082fbbe8d89011f3dba8abab4101ceff2ec3ae

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:55 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.webmail.co.za
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
2 KB 88ms
31ms XHR
application/json 213.19.162.41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1384582&size_id=15&alt_size_ids=10&gdpr=1&rp_schain=1.0,1!webmail.co.za,199479,1,,,&rf=https%3A%2F%2Fwww.webmail.co.za%2F&tk_flint=pbjs_lite_v3.19.0-pre&x_source.tid=38c8fc23-1b05-483a-84ca-39e46fb8c22f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.020694783056875332
Requested by: Host: adxbid.info
URL: https://adxbid.info/webmail_homepage_desktop.js?_=1629486055380
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 1953181e7750ee06e7d24cda91aac1dfe620a0d16aa3a44768eab0c57fdca04f

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:55 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.webmail.co.za
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 239 B
2 KB 90ms
33ms XHR
application/json 213.19.162.41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1384582&size_id=2&gdpr=1&rp_schain=1.0,1!webmail.co.za,199479,1,,,&rf=https%3A%2F%2Fwww.webmail.co.za%2F&tk_flint=pbjs_lite_v3.19.0-pre&x_source.tid=c9021aa6-7537-4da5-9a68-696d23d979f9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.008764454776064134
Requested by: Host: adxbid.info
URL: https://adxbid.info/webmail_homepage_desktop.js?_=1629486055380
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 587f1945cbbf31ea5f1f1c6179608b48fd091b68cfe95dcd8daac04b3127f7b6

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:55 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.webmail.co.za
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 239
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
2 KB 108ms
29ms XHR
application/json 213.19.162.41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1384582&size_id=15&gdpr=1&rp_schain=1.0,1!webmail.co.za,199479,1,,,&rf=https%3A%2F%2Fwww.webmail.co.za%2F&tk_flint=pbjs_lite_v3.19.0-pre&x_source.tid=4a70e307-b37e-4690-a92b-ce7e43926a69&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9216407446702248
Requested by: Host: adxbid.info
URL: https://adxbid.info/webmail_homepage_desktop.js?_=1629486055380
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 04a784f7aefba6d99ff88bbe9be2ea62aa5d9059b6414ecd9787d0f9e7f87efb

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:55 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.webmail.co.za
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
2 KB 118ms
35ms XHR
application/json 213.19.162.41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1384582&size_id=15&gdpr=1&rp_schain=1.0,1!webmail.co.za,199479,1,,,&rf=https%3A%2F%2Fwww.webmail.co.za%2F&tk_flint=pbjs_lite_v3.19.0-pre&x_source.tid=b53d7127-f9ec-4c76-939b-51d45260579b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7215018651821374
Requested by: Host: adxbid.info
URL: https://adxbid.info/webmail_homepage_desktop.js?_=1629486055380
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: fa172610ae27e81034f959f8583a92a01eb6ad15778c9a942b6ed79ff5597bbb

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:55 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.webmail.co.za
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1

200
OK

get Show response
collector.effectivemeasure.net/beacon/
Redirect Chain

https://collector.effectivemeasure.net/beacon/get?cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1629486055572_1
https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1629486055572_1

143 B
742 B

31ms
31ms

Script
text/javascript

52.48.181.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1629486055572_1

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.181.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-181-96.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.1 / Express

Resource Hash

442522eb1346f40d3b871b87fd74d13dcd751a3f5a109e337630545c7daed6ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 136
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:55 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Vary: Accept
Content-Type: text/plain; charset=utf-8
Location: https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1629486055572_1
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 160
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame 783F 2 KB
1 KB 39ms
12ms Document
text/html 13.224.96.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-702496.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-92.zrh50.r.cloudfront.net
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.webmail.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.webmail.co.za/

Response headers

content-type: text/html
content-length: 1044
date: Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: UuseoW1dqfKgweubq9lPdd_kawnHJRxchoO2QJYN22K2_BtkePL7Rg==
age: 2918665

GET
H2 200 impl.20210819-5-RELEASE.js Show response
cdn.taboola.com/libtrc/ 526 KB
117 KB 10ms
10ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210819-5-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/webmailza/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 06192831a43dac617bb42d64a4e83c98ceb7c25203f434f2aaddc8c036f7d239

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9_9AcX.0YMPQHudc_PUTOI.07wiltrq7
content-encoding: br
etag: "20f63cfc409cb73baf22283412c5f792"
age: 142
x-cache: HIT
content-length: 118993
x-amz-id-2: ej9DvoDGlvbXHdAf7RnML/lc6m9lgoQadx1UfpfcxbQCfjA5hVTzYz4grCdNl1laoMaGG1JIbro=
x-served-by: cache-fra19146-FRA
last-modified: Thu, 19 Aug 2021 10:58:27 GMT
server: AmazonS3-br
x-timer: S1629486056.625512,VS0,VE0
date: Fri, 20 Aug 2021 19:00:55 GMT
vary: Accept-Encoding
x-amz-request-id: FD1XNSDMTMS2W27D
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 77
x-cache-hits: 379

GET
H2 200 json Show response
trc.taboola.com/webmailza/trc/3/ 34 KB
10 KB 153ms
151ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/webmailza/trc/3/json?tim=21%3A00%3A55.689&lti=deflated&data=%7B%22id%22%3A867%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1629372092075%2C%22vi%22%3A1629486055687%2C%22cv%22%3A%2220210819-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fhttp%3A%2F%2Fwww.webmail.co.za%3Ft%3D1629486055%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3173%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-home%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A3007%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-rr-home%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A348%2C%22mw%22%3A310%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210819-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 606b7081b34fa6b4f139e5adc74f672f81fbd628bc2aa0a9b4b9cda1740b7104

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 139
date: Fri, 20 Aug 2021 19:00:55 GMT
content-encoding: gzip
server: nginx
x-timer: S1629486056.692964,VS0,VE139
x-served-by: cache-fra19146-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.webmail.co.za
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H/1.1 200
OK detect Show response
detect-survey.effectivemeasure.net/ 19 B
460 B 54ms
13ms XHR
application/json 2600:9000:20eb:e000:1f:612c:5a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://detect-survey.effectivemeasure.net/detect?
Requested by: Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1629
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e000:1f:612c:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 438da1276d1d3eda0a0ad7c3a798065015b616021e05b332c0a12c73b0d1de34

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 02:30:34 GMT
Via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
Connection: keep-alive
Age: 145821
X-Powered-By: Express
X-Cache: Hit from cloudfront
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-Amz-Cf-Pop: FRA2-C1
Content-Length: 19
X-Amz-Cf-Id: 6dolxrnDvjTZLFIuNSoIfnRgLR-xYC5qReje_tK3RO_iDuF2YiikiA==

GET
H/1.1 200
OK sync_pixels Show response
collector.effectivemeasure.net/ 904 B
778 B 120ms
32ms XHR
application/json 52.48.181.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.effectivemeasure.net/sync_pixels?pageURL=https%3A%2F%2Fwww.webmail.co.za%2F&vt=f11e3612-e3a2-4770-9cb6-e8c275fb1dc6-17b64f00127-759d8f7f
Requested by: Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1629
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.181.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-181-96.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 5d51e764d5fc2f47875154466cdb3c4834bc37910376276b06bde387d862c358

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:55 GMT
Content-Encoding: gzip
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 446
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK pixel
collector.effectivemeasure.net/ 35 B
288 B 31ms
30ms Image
image/gif 52.48.181.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/pixel?et=pageview&ed=&br=t&vn=b21b8ec&tz=2&pu=https%3A%2F%2Fwww.webmail.co.za%2F&vt=f11e3612-e3a2-4770-9cb6-e8c275fb1dc6-17b64f00127-759d8f7f&vi=bed69eb3-41f1-410c-b1cc-1d3367220382-17b64f0013b-2d72ddeb&du=0&dt=0&c1=1&c3=1&pc=1&db=0&pr=&tt=Webmail%20%7C%20Free%20email%2C%20file%20storage%2C%20sms%20and%20more.&te=168&sh=1200&sw=1600
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.181.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-181-96.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:55 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 34ms
14ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.webmail.co.za

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 19:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 36ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.webmail.co.za

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 19:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
8 KB 268ms
268ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2903850474286280&correlator=2009246620905861&output=ldjh&impl=fif&eid=20211866%2C31062297&vrg=2021081701&ptt=17&sc=1&sfv=1-0-38&ecs=20210820&iu_parts=326446271%2Cwm_home&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=pos%3Dwidget1&eri=5&cookie_enabled=1&cdm=www.webmail.co.za&bc=31&abxe=1&dt=1629486055782&dlt=1629486055335&idt=252&frm=20&biw=1600&bih=1200&oid=3&adxs=990&adys=411&adks=201709529&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=www.webmail.co.za%2Findex.php&loc=https%3A%2F%2Fwww.webmail.co.za%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x0&ga_vid=700100001.1629486055&ga_sid=1629486056&ga_hid=1749289110&ga_fc=false&fws=4&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

3dada494a0c0fb4dcfb5fe401c3686054b5e017b549424c1ca412aeed7182cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8191
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.webmail.co.za
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1F99 6 KB
3 KB 47ms
13ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.webmail.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.webmail.co.za/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 20 Aug 2021 19:00:55 GMT
expires: Sat, 20 Aug 2022 19:00:55 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
11 KB 532ms
531ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2903850474286280&correlator=2009246620905861&output=ldjh&impl=fif&eid=20211866%2C31062297&vrg=2021081701&ptt=17&sc=1&sfv=1-0-38&ecs=20210820&iu_parts=326446271%2Cwm_home&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=pos%3Dwidget2&eri=5&cookie_enabled=1&cdm=www.webmail.co.za&bc=31&abxe=1&dt=1629486055787&dlt=1629486055335&idt=252&frm=20&biw=1600&bih=1200&oid=3&adxs=990&adys=685&adks=2776155189&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=www.webmail.co.za%2Findex.php&loc=https%3A%2F%2Fwww.webmail.co.za%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=700100001.1629486055&ga_sid=1629486056&ga_hid=1749289110&ga_fc=false&fws=4&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

bf1397985806ff8d22bd8bef2c60cd4272f47a4377d3bf3ed614a59d68825d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10715
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.webmail.co.za
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
11 KB 747ms
746ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2903850474286280&correlator=2009246620905861&output=ldjh&impl=fif&eid=20211866%2C31062297&vrg=2021081701&ptt=17&sc=1&sfv=1-0-38&ecs=20210820&iu_parts=326446271%2Cwm_home&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=pos%3Dnews&eri=5&cookie_enabled=1&cdm=www.webmail.co.za&bc=31&abxe=1&dt=1629486055789&dlt=1629486055335&idt=252&frm=20&biw=1600&bih=1200&oid=3&adxs=320&adys=777&adks=3335179406&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=www.webmail.co.za%2Findex.php&loc=https%3A%2F%2Fwww.webmail.co.za%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x0&ga_vid=700100001.1629486055&ga_sid=1629486056&ga_hid=1749289110&ga_fc=false&fws=4&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8563b8052bfc03a4406a64fefc1554c7d0108e23ccd29cb46fb4bb4e006914e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10751
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.webmail.co.za
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 444 B
466 B 1423ms
1422ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2903850474286280&correlator=2009246620905861&output=ldjh&impl=fif&eid=20211866%2C31062297&vrg=2021081701&ptt=17&sc=1&sfv=1-0-38&ecs=20210820&iu_parts=326446271%2Cwm_home&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=pos%3Dsport&eri=5&cookie_enabled=1&cdm=www.webmail.co.za&bc=31&abxe=1&dt=1629486055791&dlt=1629486055335&idt=252&frm=20&biw=1600&bih=1200&oid=3&adxs=320&adys=1418&adks=2585087374&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=www.webmail.co.za%2Findex.php&loc=https%3A%2F%2Fwww.webmail.co.za%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x0&ga_vid=700100001.1629486055&ga_sid=1629486056&ga_hid=1749289110&ga_fc=false&fws=4&ohw=300&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

333fb113f4468b00a2770c69e043cf5d81c1603ec4becc5a30c9e56e2c5e8bb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 241
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.webmail.co.za
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 72 KB
25 KB 1264ms
1263ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2903850474286280&correlator=2009246620905861&output=ldjh&impl=fif&eid=20211866%2C31062297&vrg=2021081701&ptt=17&sc=1&sfv=1-0-38&ecs=20210820&iu_parts=326446271%2Cwm_home&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=pos%3Dtech&eri=5&cookie_enabled=1&cdm=www.webmail.co.za&bc=31&abxe=1&dt=1629486055793&dlt=1629486055335&idt=252&frm=20&biw=1600&bih=1200&oid=3&adxs=320&adys=2657&adks=3522436876&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=www.webmail.co.za%2Findex.php&loc=https%3A%2F%2Fwww.webmail.co.za%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x0&ga_vid=700100001.1629486055&ga_sid=1629486056&ga_hid=1749289110&ga_fc=false&fws=4&ohw=300&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1d9d0eb6ef368661de76df7240452bce823c6b958f6d8dabf8b43f22ee3335cb

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMSwz8ykwPICFUuAewodIx8LXA&gqi=&layout=/sadbundle/%24csp%253Der3%24/17626451119355985920/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMSwz8ykwPICFUuAewodIx8LXA&gqi=&layout=/sadbundle/%24csp%253Der3%24/17626451119355985920/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24521
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Fri, 20 Aug 2021 19:00:57 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.webmail.co.za
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 936ms
935ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2903850474286280&correlator=2009246620905861&output=ldjh&impl=fif&eid=20211866%2C31062297&vrg=2021081701&ptt=17&sc=1&sfv=1-0-38&ecs=20210820&iu_parts=326446271%2Cwm_home&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=pos%3Dlifestyle&eri=5&cookie_enabled=1&cdm=www.webmail.co.za&bc=31&abxe=1&dt=1629486055795&dlt=1629486055335&idt=252&frm=20&biw=1600&bih=1200&oid=3&adxs=320&adys=2058&adks=2260031831&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=www.webmail.co.za%2Findex.php&loc=https%3A%2F%2Fwww.webmail.co.za%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x0&ga_vid=700100001.1629486055&ga_sid=1629486056&ga_hid=1749289110&ga_fc=false&fws=4&ohw=300&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

60efaeefd78f774274b4f751203535607b96b44e2304682c9d044bbde53784f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8216
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.webmail.co.za
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
11 KB 1850ms
1849ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2903850474286280&correlator=2009246620905861&output=ldjh&impl=fif&eid=20211866%2C31062297&vrg=2021081701&ptt=17&sc=1&sfv=1-0-38&ecs=20210820&iu_parts=326446271%2Cwm_home&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C300x50%7C320x50%7C300x100&prev_scp=pos%3Dleaderboard&eri=5&cookie_enabled=1&cdm=www.webmail.co.za&bc=31&abxe=1&dt=1629486055796&dlt=1629486055335&idt=252&frm=20&biw=1600&bih=1200&oid=3&adxs=320&adys=180&adks=3188712483&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=www.webmail.co.za%2Findex.php&loc=https%3A%2F%2Fwww.webmail.co.za%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x0&ga_vid=700100001.1629486055&ga_sid=1629486056&ga_hid=1749289110&ga_fc=false&fws=4&ohw=728&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1b816d4b2112adf5116c812751f40fc93de2feb480f0af48e4459b8a67f560a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10700
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.webmail.co.za
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
11 KB 1649ms
1649ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2903850474286280&correlator=2009246620905861&output=ldjh&impl=fif&eid=20211866%2C31062297&vrg=2021081701&ptt=17&sc=1&sfv=1-0-38&ecs=20210820&iu_parts=326446271%2Cwm_homepage_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&eri=5&cookie_enabled=1&cdm=www.webmail.co.za&bc=31&abxe=1&dt=1629486055798&dlt=1629486055335&idt=252&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2857028136&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=www.webmail.co.za%2Findex.php&loc=https%3A%2F%2Fwww.webmail.co.za%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=700100001.1629486055&ga_sid=1629486056&ga_hid=1749289110&ga_fc=false&fws=132&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a2514d3437998e4033ac8dcb2d10cae7c13980f6786dc622462748375bedb563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10655
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.webmail.co.za
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK set Show response
collector.effectivemeasure.net/beacon/ 70 B
405 B 31ms
31ms Script
text/javascript 52.48.181.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/set?cookies=%7B%22gc%22%3A%22DE%22%2C%22mb%22%3A%220%22%7D&callback=cb1629486055572_2

Requested by

Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1629

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.181.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-181-96.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.1 / Express

Resource Hash

3a1e0a29892482fad179e8030846ccea7c58a5d02d3f00c3d9ffc76261dc387b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 74
Expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 launchConfigs Show response
survey.effectivemeasure.net/ 2 B
122 B 95ms
94ms XHR
application/json 34.194.97.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.effectivemeasure.net/launchConfigs
Requested by: Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1629
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.97.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-97-217.compute-1.amazonaws.com
Software: / Express
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 20 Aug 2021 19:00:56 GMT
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

OPTIONS
H2 204 launchConfigs
survey.effectivemeasure.net/ Frame 0
0 291ms
94ms Preflight 34.194.97.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.effectivemeasure.net/launchConfigs
Protocol: H2
Server: 34.194.97.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-97-217.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.webmail.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type

GET
H2 200 tfa-eid.20210819-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 14 KB
5 KB 8ms
8ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210819-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/webmailza/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8fcb0634eb65be4266931d8f9535d0eef075c15438aced48de81179a8f774611

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 8sd8rumY8Amsy0aEDCTjfV3pk.bU.9Tk
content-encoding: gzip
etag: "665490cfcf7721e3108b076d91bae35e"
age: 116
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5062
x-amz-id-2: UBRDCJba9XEMfPxgzgOjNSsT6GtXwWc+8lt9BvxMvuPhDME6sdVI3C7Gs+Y8uVnh4NYhqBNZa/c=
x-served-by: cache-fra19146-FRA
last-modified: Thu, 19 Aug 2021 11:21:01 GMT
server: AmazonS3
x-timer: S1629486056.852701,VS0,VE0
date: Fri, 20 Aug 2021 19:00:55 GMT
vary: Accept-Encoding
x-amz-request-id: D05677WYVJTKEE2M
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 77
x-cache-hits: 470

GET
H2 200 sha256.20210819-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 9ms
8ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210819-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/webmailza/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cdd1a26159ce6938b63734d54d4fb519633960019cdb383c177462246a656ee1

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: uxerJw9xxcrsSKiBKj0OPMtOKvjeHA1g
content-encoding: gzip
etag: "b6c58ffa1c6fbcb1c829b22f7c744b13"
age: 106
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2589
x-amz-id-2: YF9gP6irfATNwo2rfcfDGT+rye2hBpeOTvUFAgiqn7V0GprO3Q5swGauUSYQNdoBroywFprYS+k=
x-served-by: cache-fra19146-FRA
last-modified: Thu, 19 Aug 2021 11:21:14 GMT
server: AmazonS3
x-timer: S1629486056.852815,VS0,VE0
date: Fri, 20 Aug 2021 19:00:55 GMT
vary: Accept-Encoding
x-amz-request-id: X6SFTPCQ4821QA34
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 77
x-cache-hits: 408

GET
H2 200 tb Show response
15.taboola.com/ 29 KB
8 KB 27ms
25ms XHR
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=webmailza&unitType=59&tbloc=&pageType=home&pstn=Slider%20-%20Video&uuip=&cisrf=&cirf=http%3A%2F%2Fhttp%3A%2F%2Fwww.webmail.co.za%3Ft%3D1629486055%2F&encoded=1&uid=50e46faa-da9f-40d1-ac56-16ef8a977f63-tuct8198167&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1629486055868&tagid=&cntry=DE&platform=1&sesid=f64afa9b83a23ad4303716a003cd0e97&itemid=//www.webmail.co.za&viewid=1629486055687&geolat=&geoing=&deviceifa=&appid=&sd=v2_f64afa9b83a23ad4303716a003cd0e97_50e46faa-da9f-40d1-ac56-16ef8a977f63-tuct8198167_1629486055_1629486055_CIi3jgYQieRTGIeCwKe2LyABKAEwODib4wlAhIoQSLCG2ANQo-wQWABgAGixr-m1yv33zq0BcAA&ri=4d214b956e304e9113dd07a6530c5138&appname=&cdb=&gdprApplies=true&rid=&sii=7033664768597575877&oee=true&tpubid=1372681&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=HE&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=&prcnt=&layer=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210819-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a34c954c0cfe6823a3fcc2922a78d866d9f3a0925f0152f9f1014ea98725d09

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Aug 2021 19:00:55 GMT
content-encoding: gzip
access-control-allow-origin: https://www.webmail.co.za
machineid: 1418
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-fra19146-FRA
pragma: no-cache
server: nginx
x-timer: S1629486056.870904,VS0,VE18
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 userx.20210819-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
5 KB 7ms
7ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210819-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/webmailza/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 663fb629f188104bc6893c08bac5e7a5030e49e4d2eb46eac667be04f0479fb6

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: a_fN6upca06uGjZ1t5PPxbt54y1ZawrN
content-encoding: gzip
etag: "4e32d1ccc87a1c45f2fac72b02fce5a1"
age: 67
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5341
x-amz-id-2: khdVlybawVUJcwe9+UDq1Fz1EBM/Qats58GiUZIy1pTK+BBgfJ034KfNe72rZwtsLwrpNdou0LQ=
x-served-by: cache-fra19146-FRA
last-modified: Thu, 19 Aug 2021 11:20:56 GMT
server: AmazonS3
x-timer: S1629486056.869971,VS0,VE0
date: Fri, 20 Aug 2021 19:00:55 GMT
vary: Accept-Encoding
x-amz-request-id: 8AM15GDVCS78BN5B
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 77
x-cache-hits: 41

GET
H2 200 floating-unit.20210819-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 7 KB
3 KB 8ms
7ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20210819-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/webmailza/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79cf2260d11ab5daf2449098aa462fa27156c2edd2808c7a8b23adfe21c73a8d

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: VxQkNHTfAYAG8LB_iBBM.mZSyKfX2fYX
content-encoding: gzip
etag: "f8bf68f4339b4c2199186c8e9ee48d7b"
age: 106
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 2286
x-amz-id-2: 34tsk0Uh7IvTr5JzDUEc+1TAbUWAtX0kYJA/oHiC1jVPufW5Hq2ZdWTH0AtXs+7jArVJZNo3rX0=
x-served-by: cache-fra19146-FRA
last-modified: Thu, 19 Aug 2021 11:21:23 GMT
server: AmazonS3
x-timer: S1629486056.871141,VS0,VE0
date: Fri, 20 Aug 2021 19:00:55 GMT
vary: Accept-Encoding
x-amz-request-id: JN46RWG3J0K5TA52
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 77
x-cache-hits: 17

GET
H2 204 supply-feature
trc.taboola.com/webmailza/log/3/ 0
246 B 16ms
16ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/webmailza/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=4d214b956e304e9113dd07a6530c5138&sd=v2_f64afa9b83a23ad4303716a003cd0e97_50e46faa-da9f-40d1-ac56-16ef8a977f63-tuct8198167_1629486055_1629486055_CIi3jgYQieRTGIeCwKe2LyABKAEwODib4wlAhIoQSLCG2ANQo-wQWABgAGixr-m1yv33zq0BcAA&ui=50e46faa-da9f-40d1-ac56-16ef8a977f63-tuct8198167&pi=//www.webmail.co.za&wi=7033664768597575877&pt=home&vi=1629486055687&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=21%3A00%3A55.870&id=5198&llvl=1&cv=20210819-5-RELEASE&
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 20 Aug 2021 19:00:55 GMT
via: 1.1 varnish
server: nginx
x-timer: S1629486056.871529,VS0,VE9
x-served-by: cache-fra19146-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H/1.1 200 9.gif
id5-sync.com/s/520/ 43 B
1 KB 39ms
11ms Image
image/gif 54.36.109.155
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/520/9.gif?puid=f11e3612-e3a2-4770-9cb6-e8c275fb1dc6&callback=https://collector.effectivemeasure.net/sync_webhook/mediarithmics/%7BID5UID%7D

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.155 , France, ASN16276 (OVH, FR),

Reverse DNS

p05.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:00:55 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H/1.1

200
OK

ac766dfe-11d1-4683-a72a-efabac9f61a2
collector.effectivemeasure.net/sync_webhook/carbon/
Redirect Chain

https://eus-api.ccgateway.net/v1/s/narratiive-syndication?puid=f11e3612-e3a2-4770-9cb6-e8c275fb1dc6&rdurl=https://collector.effectivemeasure.net/sync_webhook/carbon/{{ccuid}}
https://collector.effectivemeasure.net/sync_webhook/carbon/ac766dfe-11d1-4683-a72a-efabac9f61a2

35 B
288 B

29ms
29ms

Image
image/gif

52.48.181.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/carbon/ac766dfe-11d1-4683-a72a-efabac9f61a2
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.181.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-181-96.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:56 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

location: https://collector.effectivemeasure.net/sync_webhook/carbon/ac766dfe-11d1-4683-a72a-efabac9f61a2
date: Fri, 20 Aug 2021 19:00:56 GMT
content-length: 118
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

google_gid
collector.effectivemeasure.net/sync_webhook/ddp/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=emi_ddp&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=emi_ddp&google_cm=&google_tc=
https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?google_gid=CAESEH5TEO5L8uUkcwlthKj6veY&google_cver=1

35 B
288 B

29ms
29ms

Image
image/gif

52.48.181.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?google_gid=CAESEH5TEO5L8uUkcwlthKj6veY&google_cver=1
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.181.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-181-96.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:55 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?google_gid=CAESEH5TEO5L8uUkcwlthKj6veY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 320
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

adf1611f-fbe7-4c00-819b-87e855e7b66f
collector.effectivemeasure.net/sync_webhook/mediamath/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https://collector.effectivemeasure.net/sync_webhook/mediamath/[MM_UUID]
https://collector.effectivemeasure.net/sync_webhook/mediamath/adf1611f-fbe7-4c00-819b-87e855e7b66f

35 B
288 B

47ms
29ms

Image
image/gif

52.48.181.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/mediamath/adf1611f-fbe7-4c00-819b-87e855e7b66f
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.181.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-181-96.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:55 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Date: Fri, 20 Aug 2021 19:00:55 GMT
Server: MT3 3853 9552a83 master zrh-pixel-x7
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://collector.effectivemeasure.net/sync_webhook/mediamath/adf1611f-fbe7-4c00-819b-87e855e7b66f
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Fri, 20 Aug 2021 19:00:54 GMT

GET
H/1.1

200
OK

8ae0abada057ce997ccdf2ea171db9c6
collector.effectivemeasure.net/sync_webhook/lotame/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=10063?https://collector.effectivemeasure.net/sync_webhook/lotame/${profile_id}
https://bcp.crwdcntrl.net/5/ct=y/c=10063?https://collector.effectivemeasure.net/sync_webhook/lotame/${profile_id}
https://collector.effectivemeasure.net/sync_webhook/lotame/8ae0abada057ce997ccdf2ea171db9c6

35 B
288 B

37ms
36ms

Image
image/gif

52.48.181.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/lotame/8ae0abada057ce997ccdf2ea171db9c6
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.181.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-181-96.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:56 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:56 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://collector.effectivemeasure.net/sync_webhook/lotame/8ae0abada057ce997ccdf2ea171db9c6
cache-control: no-cache
x-server: 10.45.13.94
content-length: 0
expires: 0

GET
H/1.1

200
OK

8360960001071592462
collector.effectivemeasure.net/sync_webhook/adform/
Redirect Chain

https://dmp.adform.net/serving/cookie/match?party=1181
https://dmp.adform.net/serving/cookie/match?CC=1&party=1181
https://collector.effectivemeasure.net/sync_webhook/adform/8360960001071592462

35 B
288 B

31ms
31ms

Image
image/gif

52.48.181.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/adform/8360960001071592462
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.181.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-181-96.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:55 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:55 GMT
server: nginx
location: https://collector.effectivemeasure.net/sync_webhook/adform/8360960001071592462
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 usermatch.gif
beacon.krxd.net/ 0
338 B 89ms
28ms Image
text/plain 99.81.82.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=narratiive&partner_uid=f11e3612-e3a2-4770-9cb6-e8c275fb1dc6
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.82.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-82-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:55 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1629486055
x-served-by: beacon-n023-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

b5dfb98b-f0dd-4f58-b692-160cd5a8291e
collector.effectivemeasure.net/sync_webhook/ttd/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=effective-measure&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=effective-measure&ttd_tpi=1
https://collector.effectivemeasure.net/sync_webhook/ttd/b5dfb98b-f0dd-4f58-b692-160cd5a8291e

35 B
288 B

31ms
30ms

Image
image/gif

52.48.181.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/ttd/b5dfb98b-f0dd-4f58-b692-160cd5a8291e
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.181.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-181-96.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:56 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:56 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://collector.effectivemeasure.net/sync_webhook/ttd/b5dfb98b-f0dd-4f58-b692-160cd5a8291e
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 215

GET
H/1.1 200
OK salesforce
collector.effectivemeasure.net/sync_cbpixel/ 35 B
288 B 31ms
30ms Image
image/gif 52.48.181.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_cbpixel/salesforce
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.181.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-181-96.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:55 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK set Show response
collector.effectivemeasure.net/beacon/ 70 B
405 B 58ms
31ms Script
text/javascript 52.48.181.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/set?cookies=%7B%22dmp%22%3A%221629486055883%22%7D&callback=cb1629486055572_3

Requested by

Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1629

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.181.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-181-96.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.1 / Express

Resource Hash

17d4cada1b4db0ac40f2f1ab1b2097ae6cd57adcd81e1ffeda0c1578612ccd34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 74
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 handsome-young-adult-businessman-with-stubble-picture-id1250238624%3Fb%3D1%26k%3D6%26m%3D1250238624%26s%3D170667a%26w%3D0%26h%3DIzNZa3w2LW6qxRXmbEJIdyfglUJCNZwSKQb7ed8ZR-M%3D
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.gettyimages.com/photos/ 3 KB
4 KB 10ms
8ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.gettyimages.com/photos/handsome-young-adult-businessman-with-stubble-picture-id1250238624%3Fb%3D1%26k%3D6%26m%3D1250238624%26s%3D170667a%26w%3D0%26h%3DIzNZa3w2LW6qxRXmbEJIdyfglUJCNZwSKQb7ed8ZR-M%3D
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d0161fa3d19a3937c7eef09ff278e55b87ef4b7e01cdcfc716830d1b0d17d876

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 20 Aug 2021 19:00:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 2790850
edge-cache-tag: 367166727861980423589293581849368506709,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 35
x-cache: HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.gettyimages.com/photos/handsome-young-adult-businessman-with-stubble-picture-id1250238624%3Fb%3D1%26k%3D6%26m%3D1250238624%26s%3D170667a%26w%3D0%26h%3DIzNZa3w2LW6qxRXmbEJIdyfglUJCNZwSKQb7ed8ZR-M%3D
content-length: 3448
x-request-id: e46619d9b5396d9c1a3263b5f5213d0d
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Sat, 17 Jul 2021 08:18:48 GMT
server: nginx
x-timer: S1629486056.916832,VS0,VE1
etag: "66798e7ec18c0d366c34f6d552af92ad"
x-served-by: cache-wdc5571-WDC, cache-dca17767-DCA, cache-fra19146-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1

GET
H2 200 1922f0dc8699bf8edcf7c727cbc43d75.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 9ms
8ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1922f0dc8699bf8edcf7c727cbc43d75.jpg
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 16fc03228919a07b4459c8cdfc0d02ceb0be0cf2aaf94f0ebcad05450e48c754

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 20 Aug 2021 19:00:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 2539959
edge-cache-tag: 501991697550487891663960137911228562269,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 44
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1922f0dc8699bf8edcf7c727cbc43d75.jpg
content-length: 14612
x-request-id: 56bf184e45887e4e112349bf9e61423e
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Wed, 14 Jul 2021 04:12:44 GMT
server: nginx
x-timer: S1629486056.922229,VS0,VE1
etag: "c8484e4e9394f4de7a0f30b942e2e157"
x-served-by: cache-wdc5572-WDC, cache-dca17750-DCA, cache-fra19146-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 9acdca7a604979ffcdd64381c0a297dc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 9ms
8ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9acdca7a604979ffcdd64381c0a297dc.jpg
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8c0118aff2cd8ba7367f4ab37167f8acced9388a11c35d87a32615688599b5d9

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 20 Aug 2021 19:00:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 642003
edge-cache-tag: 520030807734993625229647888078229221347,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 585
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9acdca7a604979ffcdd64381c0a297dc.jpg
content-length: 8268
x-request-id: 5cc0cb76c54fc2610233a5a3f2ca5797
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Mon, 19 Jul 2021 17:44:58 GMT
server: nginx
x-timer: S1629486056.926168,VS0,VE1
etag: "84577add50bc0a02aecfa231f2387fc2"
x-served-by: cache-wdc5573-WDC, cache-dca17776-DCA, cache-fra19146-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 fe5ed8d8-2b52-48e4-975f-e18ff0ab58fe_1000x600_fd79db2610db091d9a8da3e17eed535e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/ 6 KB
7 KB 9ms
9ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/fe5ed8d8-2b52-48e4-975f-e18ff0ab58fe_1000x600_fd79db2610db091d9a8da3e17eed535e.png
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b626078da119a9ed2ee6a979f326699d9fffaf6304e7a8dac893d8aed2278e0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 20 Aug 2021 19:00:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 706429
edge-cache-tag: 441632973708694138935722924259989978027,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 591
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/fe5ed8d8-2b52-48e4-975f-e18ff0ab58fe_1000x600_fd79db2610db091d9a8da3e17eed535e.png
content-length: 6500
x-request-id: ca8a6fea1c78b8e6fbecc40b1af30950
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Thu, 12 Aug 2021 13:09:37 GMT
server: nginx
x-timer: S1629486056.931394,VS0,VE1
etag: "c2c69898d651062972c8caf1f8162d03"
x-served-by: cache-wdc5554-WDC, cache-dca17754-DCA, cache-fra19146-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 e3487bd2dcb476f4b52181802d6aea5d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
6 KB 8ms
7ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3487bd2dcb476f4b52181802d6aea5d.jpg
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b8388f548352d8a7bc13150e1bdf323ddba14e24f6c90b5af0c2dd47cd6467ac

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 20 Aug 2021 19:00:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 2505917
edge-cache-tag: 297870507472394882803074670438098699014,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 108
expiration: expiry-date="Mon, 02 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3487bd2dcb476f4b52181802d6aea5d.jpg
content-length: 5722
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Fri, 02 Jul 2021 06:37:20 GMT
server: nginx
x-timer: S1629486056.935273,VS0,VE0
etag: "a30f83106598d019f0c0863cf7032cd5"
x-served-by: cache-wdc5564-WDC, cache-dca17771-DCA, cache-fra19146-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 10

GET
H2 200 eebc8770-9b64-4108-882f-51923ede81f8_1000x600_9961b0d227a17767c7072699ee5286cf.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/ 5 KB
6 KB 8ms
8ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/eebc8770-9b64-4108-882f-51923ede81f8_1000x600_9961b0d227a17767c7072699ee5286cf.png
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 68965b80c1088d7cf7ccddb4823a1bb7a2e4817f4ea9d56f9ad7f99f480e1dee

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 20 Aug 2021 19:00:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 4016742
edge-cache-tag: 402445220394844652322827051627553727384,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 30
expiration: expiry-date="Mon, 12 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/eebc8770-9b64-4108-882f-51923ede81f8_1000x600_9961b0d227a17767c7072699ee5286cf.png
content-length: 5376
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Fri, 11 Jun 2021 00:36:11 GMT
server: nginx
x-timer: S1629486056.940558,VS0,VE1
etag: "291fb8375ff8ae1f00e516ff0bb0c7ef"
x-served-by: cache-wdc5532-WDC, cache-dca17741-DCA, cache-fra19146-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 f382193be302f73ac35f1ee3bcd98539.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 9ms
8ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f382193be302f73ac35f1ee3bcd98539.png
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 01b9f17ba90d56f130244e293d9d04303a7595f612c8fe8be0af695a6f6f5c38

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 20 Aug 2021 19:00:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 3062207
edge-cache-tag: 487360150067233601151201532197034102171,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 20
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f382193be302f73ac35f1ee3bcd98539.png
content-length: 14500
x-request-id: 0601600d9bf56d6932ea7df667dc53a4
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Fri, 02 Jul 2021 18:24:38 GMT
server: nginx
x-timer: S1629486056.943363,VS0,VE1
etag: "64641accd92f610ccfeae5d85e59989f"
x-served-by: cache-wdc5568-WDC, cache-dca17733-DCA, cache-fra19146-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 a554c3dc4b256760a45c3481d5866381.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
8 KB 8ms
8ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a554c3dc4b256760a45c3481d5866381.jpg
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c2c79710c9f7e6dd62cb9f52e1cfabb600952b0118557bdc1a934621bdf88e57

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 20 Aug 2021 19:00:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 3755991
edge-cache-tag: 448540210329605309155247250257842602701,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 53
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a554c3dc4b256760a45c3481d5866381.jpg
content-length: 7378
x-request-id: 1c8cd784b0f8c4fa3fd2b8a0ec8777a5
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Tue, 29 Jun 2021 12:45:18 GMT
server: nginx
x-timer: S1629486056.947602,VS0,VE1
etag: "fa4576775458a6a6e77dee64e3aa0cb5"
x-served-by: cache-wdc5522-WDC, cache-dca17750-DCA, cache-fra19146-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 UnitSliderDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.5.0/ 95 KB
28 KB 9ms
7ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.5.0/UnitSliderDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210819-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 155b36117f46d5d84fb616cb2c16b136faec4ba1ba931dbca4d3ff303bb586ef

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:55 GMT
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront), 1.1 varnish
age: 1159035
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 27752
x-served-by: cache-fra19146-FRA
last-modified: Sat, 07 Aug 2021 09:02:26 GMT
server: AmazonS3
x-timer: S1629486056.950960,VS0,VE0
etag: "be3d4abcc81c94f68801baf49b47998c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: bjgFMPgkNUEnuG3BvGUZOT-p0XSYHrdiNR_66jNBMwaME07Vq0K9_Q==
x-cache-hits: 24234

GET
H2 200 tbp Show response
15.taboola.com/ 6 KB
3 KB 31ms
31ms XHR
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210819-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 337a4e8a0cd99fc559843e3a0ffd37d784e13439db4c3efb0ca8c1657e10c90f

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Aug 2021 19:00:55 GMT
content-encoding: gzip
access-control-allow-origin: https://www.webmail.co.za
machineid: 1418
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra19146-FRA
pragma: no-cache
server: nginx
x-timer: S1629486056.908226,VS0,VE24
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 5b1cda5198258fc859ef5251f1f72865.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 8ms
8ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5b1cda5198258fc859ef5251f1f72865.png
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 23dd6a2d48a5505a8883334b79af26ab857ffa1e3722393f9a24d5ed3d80d469

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 20 Aug 2021 19:00:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 301127
edge-cache-tag: 300423921168493299667227847654282522645,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 391
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5b1cda5198258fc859ef5251f1f72865.png
content-length: 6576
x-request-id: 3bd7e6c5456efdbfc0ca58fcf617b9f3
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Mon, 16 Aug 2021 15:52:17 GMT
server: nginx
x-timer: S1629486056.952519,VS0,VE1
etag: "b97288f1851749a5f94a997a98ce962a"
x-served-by: cache-wdc5570-WDC, cache-dca17732-DCA, cache-fra19146-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 13df87d1-4dbe-4de8-bd54-422844906c43_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/ 9 KB
9 KB 8ms
8ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/13df87d1-4dbe-4de8-bd54-422844906c43_1000x600.jpeg
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fdd3265c70a5a8541e4efc5414b7eb82a3bfb25d2dc928041dc864b0892f01b4

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 20 Aug 2021 19:00:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 96804
edge-cache-tag: 428028046604162280732081655128374468836,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 1051
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/13df87d1-4dbe-4de8-bd54-422844906c43_1000x600.jpeg
content-length: 8778
x-request-id: 70619304745d0238a937f0ca158c9c19
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Thu, 19 Aug 2021 13:38:48 GMT
server: nginx
x-timer: S1629486056.956418,VS0,VE1
etag: "62c5e6b2305d191f6debea3ec4e6b1fa"
x-served-by: cache-wdc5552-WDC, cache-dca17746-DCA, cache-fra19146-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 21db703edbc88eb3df7b80efecf070be.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
19 KB 10ms
10ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21db703edbc88eb3df7b80efecf070be.png
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 81c198d08fd0e404f6dd93c131d85bf7973a7772d3ea2a18f59afafacaf82803

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 20 Aug 2021 19:00:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 864236
edge-cache-tag: 408389034707311767814368817327116395175,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 28
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21db703edbc88eb3df7b80efecf070be.png
content-length: 18812
x-request-id: 1e867c1979d65429e7330077eeacaa6e
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Tue, 03 Aug 2021 19:43:16 GMT
server: nginx
x-timer: S1629486056.960098,VS0,VE1
etag: "ba14c5e3a22f39b4b9d950148b36ac5a"
x-served-by: cache-wdc5537-WDC, cache-dca17772-DCA, cache-fra19146-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 1db2c66926cb08bce2bc57516b340910.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 27 KB
28 KB 8ms
8ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1db2c66926cb08bce2bc57516b340910.jpg
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 129124b761eab75b73c4bddd8c3659e23ac30cf423a75f8759c5c34de1268946

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 20 Aug 2021 19:00:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 116684
edge-cache-tag: 405524688308557021743891730519151725514,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 531
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1db2c66926cb08bce2bc57516b340910.jpg
content-length: 27850
x-request-id: 23af4fb8b9e6f0086a9e791e14751d3c
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Thu, 19 Aug 2021 10:25:51 GMT
server: nginx
x-timer: S1629486056.960867,VS0,VE0
etag: "d7c72b7c8f2915fbfa03efc7f0b44d51"
x-served-by: cache-wdc5544-WDC, cache-dca17770-DCA, cache-fra19146-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 2

GET
H2 200 97d46c3c5be6ef12b46c63984a431a35.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 21 KB
21 KB 11ms
11ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/97d46c3c5be6ef12b46c63984a431a35.jpg
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4c42596f24c1e738f9c8dfa2d5db6529afd1ebc6eebd19eef0fb930ce3fdfa33

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 4
date: Fri, 20 Aug 2021 19:00:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 213313
edge-cache-tag: 615067849677586803377010456899723000083,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 366
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/97d46c3c5be6ef12b46c63984a431a35.jpg
content-length: 21142
x-request-id: 0a8c83b14e998948b7503a012474df7b
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Tue, 17 Aug 2021 12:01:08 GMT
server: nginx
x-timer: S1629486056.965046,VS0,VE4
etag: "3e1ac2a0041782f686841948ee7a9fa2"
x-served-by: cache-wdc5547-WDC, cache-dca17724-DCA, cache-fra19146-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 next-up-widget.20210819-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 12 KB
4 KB 8ms
7ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20210819-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/webmailza/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81908424bdea3020d71c24ffcb3e04fdf5be4f1df00cc9feeaa2284b38910aa3

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Dp89vj6rxUgu1qYQ.xZAU_nfYehgK0Jl
content-encoding: gzip
etag: "e9bb5970040cd69a1dd4860b70cee807"
age: 54
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3360
x-amz-id-2: ppo6g/K8dk4ylerQnjGE7DMjmzkxfwRqIlJTSlbFR0bZExw64UiLo29ZBosRNbXIseTfYuEBzhA=
x-served-by: cache-fra19146-FRA
last-modified: Thu, 19 Aug 2021 11:21:21 GMT
server: AmazonS3
x-timer: S1629486056.970383,VS0,VE0
date: Fri, 20 Aug 2021 19:00:55 GMT
vary: Accept-Encoding
x-amz-request-id: SBRP92NMYRNKM8X5
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 77
x-cache-hits: 11

GET
H2 200 creative_js.js Show response
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ 4 KB
2 KB 7ms
7ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210819-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:55 GMT
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront), 1.1 varnish
age: 1928265
x-amz-meta-mtime: 1580720676
x-cache: Miss from cloudfront, HIT
x-amz-meta-ctime: 1580720957
x-amz-meta-mode: 33188
content-encoding: gzip
content-length: 1904
x-served-by: cache-fra19146-FRA
last-modified: Mon, 03 Feb 2020 09:09:18 GMT
server: AmazonS3
x-timer: S1629486056.970369,VS0,VE0
etag: "d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: *
x-amz-cf-id: fAeHO52Fy78UbxheIVGwTQpabLzTVzA-RHX2HcKYyUH5P0SAs1-vKA==
x-cache-hits: 262858

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 319C 0
67 B 19ms
18ms Document
text/plain 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=9AA3C1E5161336375811787146421&cicmp=1337627&cijs=1&dast=V7OEACFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHLlgcDaMFWsxW2w2s81uNRxsFqvJcrObzZaQMIvFYjSZrYZTMNjC53R3t0EDTafD57rX636_u-5lcTucZrvGb5c-_HIAAAAAeAAgaomG2PFtaI8AAAAAkOAZuVagCKj4txC4AAAAAMAAIBAL1wCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhghADQTWyIAAAAAIwAAAAAkAAIJBaWADjcLZoAAATskcEHhJ8AAAAc1Mk8bbP8____xwDkvTfJAFCkbdwY9AA8-AA8CAEAAFwM2SjKFfR6AhESFSgWMQIAAAAYrnXNOprUCZVF1f___78VwBUAQMAeGXxAfdbNSTFrGAAAAMDYAj0sfr_ZYdf43S77_________zf7PwNAE0Iq_EgLUsCVUuMZuVZY-wUEAGB7NwCAtwC4mAOwAwAAALj7____zwMAAODZo2R7rcazR1nvM9jC53R312_CFqPVZLJZDmfLxWQwHA1Ho_0J4HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6Ro0WCyGo0mi8lwNZqsZsvFbrdBilatZqPNYLiaTWa73Wo4GC5HI5ywxWg1mWyWw9lyMRkMR8PRaIgHVefS-bw6FQ_m43Luaxc-OsRyNVcMF3PFbjQXLlcJAAAAAAAAAGAJU-ZNAAAAAE6DmM0mu92KG2_2TBBrtVrWAAAAANy6kQM!&excid=22&tst=1&docw=0&cs=false
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cipid=7991117&ttype=0&cirid=9AA3C1E5161336375811787146421&cicmp=1337627&cijs=1&dast=V7OEACFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHLlgcDaMFWsxW2w2s81uNRxsFqvJcrObzZaQMIvFYjSZrYZTMNjC53R3t0EDTafD57rX636_u-5lcTucZrvGb5c-_HIAAAAAeAAgaomG2PFtaI8AAAAAkOAZuVagCKj4txC4AAAAAMAAIBAL1wCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhghADQTWyIAAAAAIwAAAAAkAAIJBaWADjcLZoAAATskcEHhJ8AAAAc1Mk8bbP8____xwDkvTfJAFCkbdwY9AA8-AA8CAEAAFwM2SjKFfR6AhESFSgWMQIAAAAYrnXNOprUCZVF1f___78VwBUAQMAeGXxAfdbNSTFrGAAAAMDYAj0sfr_ZYdf43S77_________zf7PwNAE0Iq_EgLUsCVUuMZuVZY-wUEAGB7NwCAtwC4mAOwAwAAALj7____zwMAAODZo2R7rcazR1nvM9jC53R312_CFqPVZLJZDmfLxWQwHA1Ho_0J4HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6Ro0WCyGo0mi8lwNZqsZsvFbrdBilatZqPNYLiaTWa73Wo4GC5HI5ywxWg1mWyWw9lyMRkMR8PRaIgHVefS-bw6FQ_m43Luaxc-OsRyNVcMF3PFbjQXLlcJAAAAAAAAAGAJU-ZNAAAAAE6DmM0mu92KG2_2TBBrtVrWAAAAANy6kQM!&excid=22&tst=1&docw=0&cs=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.webmail.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.webmail.co.za/

Response headers

server: nginx
accept-ranges: bytes
date: Fri, 20 Aug 2021 19:00:55 GMT
via: 1.1 varnish
x-served-by: cache-fra19146-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1629486056.984605,VS0,VE9
content-length: 0

GET
H2 200 cmTagCUSTOM.js Show response
vidstat.taboola.com/vpaid/units/28_3_10/infra/ 727 KB
132 KB 12ms
11ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:55 GMT
via: 1.1 varnish
age: 837496
x-amz-meta-mtime: 1605697226
x-cache: HIT
x-amz-meta-ctime: 1605697428
x-amz-meta-mode: 33188
content-encoding: br
content-length: 135037
x-amz-id-2: rWmHrS7hv9GtyymjR1mNVzWQHvYcDROaDbagr/RMLNw2k5bC6acwloW64H3JAVgWribSxbD/1J0=
x-served-by: cache-fra19146-FRA
accept-ranges: bytes
last-modified: Wed, 18 Nov 2020 11:03:50 GMT
server: AmazonS3-br
x-timer: S1629486056.984679,VS0,VE0
etag: "37b0b0415484e88063c945bde767ba70"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: VAMRQZGYYCSC752K
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 518

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/28_3_10/assets/css/ 44 KB
7 KB 11ms
11ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/28_3_10/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:55 GMT
via: 1.1 varnish
age: 1105497
x-amz-meta-mtime: 1605697226
x-cache: HIT
x-amz-meta-ctime: 1605697397
x-amz-meta-mode: 33188
content-encoding: br
content-length: 6493
x-amz-id-2: 2yWZZvT6gWp6l0uX9pHoFWIk2Hv8VbMXoRsq99K3IClzKkG/QKZ3jaeaCwqUOso5plrCYiz2g4g=
x-served-by: cache-fra19146-FRA
accept-ranges: bytes
last-modified: Wed, 18 Nov 2020 11:03:19 GMT
server: AmazonS3-br
x-timer: S1629486056.984674,VS0,VE0
etag: "083925e970a05bed26a70ecbfde9c0ca"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 7VRTW61VG1AQ808K
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 103149

GET
H2 200 handsome-young-adult-businessman-with-stubble-picture-id1250238624%3Fb%3D1%26k%3D6%26m%3D1250238624%26s%3D170667a%26w%3D0%26h%3DIzNZa3w2LW6qxRXmbEJIdyfglUJCNZwSKQb7ed8ZR-M%3D
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.gettyimages.com/photos/ 3 KB
4 KB 10ms
10ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.gettyimages.com/photos/handsome-young-adult-businessman-with-stubble-picture-id1250238624%3Fb%3D1%26k%3D6%26m%3D1250238624%26s%3D170667a%26w%3D0%26h%3DIzNZa3w2LW6qxRXmbEJIdyfglUJCNZwSKQb7ed8ZR-M%3D
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8ecc2196eeef72d4360abc7274f25be67703b7e3df63c0a5515b706a60fe502e

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 20 Aug 2021 19:00:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 3140743
edge-cache-tag: 367166727861980423589293581849368506709,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 33
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.gettyimages.com/photos/handsome-young-adult-businessman-with-stubble-picture-id1250238624%3Fb%3D1%26k%3D6%26m%3D1250238624%26s%3D170667a%26w%3D0%26h%3DIzNZa3w2LW6qxRXmbEJIdyfglUJCNZwSKQb7ed8ZR-M%3D
content-length: 3220
x-request-id: e979bb3ffadb1afbcd6c634e93d8625b
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Tue, 15 Jun 2021 06:58:43 GMT
server: nginx
x-timer: S1629486056.999142,VS0,VE2
etag: "efe873da7ba8b447b2023da68f8a9868"
x-served-by: cache-wdc5559-WDC, cache-dca17747-DCA, cache-fra19146-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 1922f0dc8699bf8edcf7c727cbc43d75.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 9ms
8ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1922f0dc8699bf8edcf7c727cbc43d75.jpg
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dd0a6000b695de5dfca13ed9f411f2dbb72423deb244b5f002b34f0f8badef45

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 20 Aug 2021 19:00:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 1914608
edge-cache-tag: 501991697550487891663960137911228562269,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 16
expiration: expiry-date="Thu, 19 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1922f0dc8699bf8edcf7c727cbc43d75.jpg
content-length: 11730
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified: Mon, 19 Jul 2021 07:03:23 GMT
server: nginx
x-timer: S1629486056.999612,VS0,VE1
etag: "af68ff4745360fe416617d2722037261"
x-served-by: cache-wdc5524-WDC, cache-dca17771-DCA, cache-fra19146-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 9acdca7a604979ffcdd64381c0a297dc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
8 KB 9ms
8ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9acdca7a604979ffcdd64381c0a297dc.jpg
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: df29cecb951253bed2573157a70d381a81b64f31742ddd4e3c7aff14be2609c3

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 20 Aug 2021 19:00:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 635980
edge-cache-tag: 520030807734993625229647888078229221347,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 26
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9acdca7a604979ffcdd64381c0a297dc.jpg
content-length: 7432
x-request-id: 8e16cb204dfcf135403c458c735074a0
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Mon, 19 Jul 2021 17:44:58 GMT
server: nginx
x-timer: S1629486056.999511,VS0,VE1
etag: "468bd5f21a3f355980b3d14bc3aacd11"
x-served-by: cache-wdc5539-WDC, cache-dca17733-DCA, cache-fra19146-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 PMS.js Show response
vidstat.taboola.com/PMS/2.2.1/ 51 KB
16 KB 18ms
18ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/PMS/2.2.1/PMS.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront), 1.1 varnish
age: 3145434
x-amz-meta-mtime: 1542789750
x-cache: Miss from cloudfront, HIT
x-amz-meta-mode: 33188
content-encoding: gzip
content-length: 15795
x-served-by: cache-fra19146-FRA
last-modified: Wed, 21 Nov 2018 08:42:31 GMT
server: AmazonS3
x-timer: S1629486056.059392,VS0,VE0
etag: "57a7ebef371550a9ab54a2f0f82547af"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: *
x-amz-cf-id: oi7QB5C8BA-557rR6kkZ3x1Oul_9ZzX57MiZnxZZQZZUyJL57XdM5A==
x-cache-hits: 768047

GET
H3-29 200 container.html Show response
ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DAA0 6 KB
3 KB 21ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.webmail.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.webmail.co.za/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 20 Aug 2021 19:00:55 GMT
expires: Sat, 20 Aug 2022 19:00:55 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286089745720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27752
x-xss-protection: 0
expires: Fri, 20 Aug 2021 19:00:56 GMT

GET
BLOB 206
Partial Content 2f91a646-4431-425b-95e3-c2100c53475b
https://www.webmail.co.za/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.webmail.co.za/2f91a646-4431-425b-95e3-c2100c53475b
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content ec50184f-7826-42bd-bcd6-69e65777208f
https://www.webmail.co.za/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.webmail.co.za/ec50184f-7826-42bd-bcd6-69e65777208f
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 206 qq9zvtyqfwyefejcxuje.mp4
c3.taboola.com/libtrc/static/video/v1629129120/ 432 KB
433 KB 20ms
19ms Media
video/mp4 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c3.taboola.com/libtrc/static/video/v1629129120/qq9zvtyqfwyefejcxuje.mp4
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bacba1e9608664aed59ef9696179f3cbf39b188dba1a4f4427ae3758bad4ca40

Request headers

Referer: https://www.webmail.co.za/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: ABrwCg8fDHcs3pEUZNvF2QSu0_2KKqYe
via: 1.1 varnish
etag: "b0f8868032fb1d7b01169b7a867aca56"
age: 50
x-cache: HIT
Content-Range: bytes 0-442345/442346
x-amz-replication-status: COMPLETED
Content-Length: 442346
x-amz-id-2: v3rCHr/rgG1rVe8UndBKFLNaSSLPbK/c6/vmdVGulOSRaLCaMgNRY37+37lUIwa/jwuwDFeHvg4=
x-served-by: cache-fra19146-FRA
last-modified: Mon, 16 Aug 2021 15:52:06 GMT
server: AmazonS3
x-timer: S1629486056.189550,VS0,VE1
date: Fri, 20 Aug 2021 19:00:56 GMT
x-amz-request-id: CZS87AY6VB804GR0
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: video/mp4;codecs=avc1
abp: 77
x-cache-hits: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D864 624 B
474 B 19ms
17ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhi8ls-yATAB&v=APEucNWrvIQRZsRNGpe7hgssZnNAHWMb9MoM3TMab3Kn70aLnHHwjPgCZQ6EMr5_wrb0zypa77ikGCdW88TJUANEUr-iSJ1cUUc3u2h6IFqJY8u8HYcAZ9pt56iHIE-qAT6ft19GvW759dTmn6dThPDDdP6eegwE3X66KTVpc6gShpBM_gOmG5w

Requested by

Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMmp1wIQ19vYAhi8ls-yATAB&v=APEucNWrvIQRZsRNGpe7hgssZnNAHWMb9MoM3TMab3Kn70aLnHHwjPgCZQ6EMr5_wrb0zypa77ikGCdW88TJUANEUr-iSJ1cUUc3u2h6IFqJY8u8HYcAZ9pt56iHIE-qAT6ft19GvW759dTmn6dThPDDdP6eegwE3X66KTVpc6gShpBM_gOmG5w
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk6yksW6mjxaadAQaZsT5-FCc79So6O6fd00DPLVXtRv2CtsuevpNFRE2ghThY; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 20 Aug 2021 19:00:56 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 20 Aug 2021 19:00:56 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DAA0 24 KB
13 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cs2avwMSvklfN0mHH5kzF5phe-i6Qw4XJJQ6yXyKlMTpzMKAlK6cKhEB7gix38AJjxUk4BCvi_MRm1XPD1g4vbDco4H1RV5Dq59mftbXCac5sBpt8XEpsx2thKCepOA_RqY53CGlrQc1A9tNRqPGFFoIDTCA&cry=1&dbm_d=AKAmf-Dba9HhNzqmLWWKlKAw8w_e2k_m4qnwr2XJ5kyqnFOvmf2jZT_F5KLOudtUIaUHE8dARPKuJctTnaQZXkwHGjyqFtG_CZdvb4jdJ6YKZqEB9_-HjGctxrcnQJm93enl53Q1QlEfH2DvUchC1-xYQGXvPB4x--1r4CPFH6kMWm4w_AH_g_4KFUinPp1Jv_KsmBaUGc_u-IQRJUyXSW4p0SXgkDg6wKXpoqhRMGP0ItasyLtbjSscpBWLb7SKgZMzm5jubnLBJgd0D1p5-c25F4VkoK9ANzagCmdlV3GUehPy_TqPcW-HqtXrGqAmpQ4AdZJpQrxgt7NdHqm4A2eVasJQ1ou30zu4r9HO3FmrkUEnGCuj8b7ag1uG-6P_1xyJRW2NzHX3XoYhFolndfy_otF2hlx50ugnWH9J_nTtPAbjgKok9eF7j562H_J4HTdIjFv9Om67XcPeaUKVCJpLpFMqYs1nOfJkSAgboiu0gy2MUzAp1rSUp8nsZ1PF16sdO6yJvvS3wndduqeBBHOBj8JDxEeg6geF0W46F0wJw9zYYxofiTadUrZNxRnxvsGBPVapDC_41pkFbQrTSjqLqhE3Pf0hODNdoc5JRQjnWnwhCntuEFb_IDwk5BkKzJryDu0EB_o9b-M-ItJcFZZnyROpuJByGZMo6ZwA0sfJeRnuYuP-AuPWTE69OYf4AJASGOW5MZzrQ_9BSb87Cm-33w9Avop08QokpZN63S2AQyHz_HWY5fPaMppzFY3p7xvog478TE_RTPuXxFEc-eM5WnMIxSMO3m3tPc3Jpn61rgeaRNySJHncZy8dLUl74OmJk0KcZhE_O-af2VmUE3KmXnXmI3-CPl2fu7-yaCYRBBoMgA32cHEPTgbhdmJbMS4lw049aWVE5zC_qnrj1TS69byoESu1QSHYsWI3c5xcfjj9YvY1LVqXfuZmNNnzXJfcgSE_2klHT_fH9XZRhO_UyKeRr-sJlaEEq3qzbTIpyMnHHEF-3Uh0XmMPsOlGYLTFWCV2l0EaZCgBHAm8izIA5LQqVPb0m8rnUArrZd4tU_x3XWP1qQTXH1pnpUvFzU0tAyIqLwVr--3VmjE0vQDlWeiSP-YkUCPcG05iFIN6Ahed4Bzgzg-J1irglz3GlCZDB-siyGVv530whYR6L4sD4DCkXQ3vwuYqrV_BtsNk0fUWs2O4ygEtwrkEc_TfwIW8Aha0QlthKXRaxPD7TuK0BLr1l9DDF3619I-kd-FHaVm6VTM9sIbKFXeBKO7XawT9g2sOz0rUD_c5WnvYIrs9fFm_3icb6L6mHUFG_GXvu9zSEJ6EGO63-r2ptam4uDRcmAJ4W05XNa7xSeQbY2Pj-aVWdB91ntHtWzfrbTgWgUUbJ4tAIaMe66XTuRYLtosCx-DoiDUrmm4zx1kwAcbNbwgXNPo9PPB6xwZlpjo68gYC_Bjlz_-PXv1x20dOWGATm_KNsWXICaCC2WkA0oQHx8DaVJvuaG3xygcjzJC7uxvbr1mzBnfWsXhSgYl0XKfGHoAxYRRKcOBz31SbgCyePCc6_CU5s0vjO8pEAdqS5ktKThlse82TdlKpuw-Q6k5wN5mqcJMaiEeKFnOFvbTPsdY8y871cXUoN07APGyI4wDrWNCN2JgCu6Or74R3FuoFgs6zWJAO1oD38fgBsgRfbT3ZELs4tihD5ymTyvlVBXPDOBNe7d87aAcVny6OyYtOVleS9bXUOX-WmLIBheYal4tgtsrF6bP_tTM9z7vedE5P-lWhc-NnVyutODVi06XpgPBp5Co95t1o8JYqW0UxpYrmccGID7u_oCV4uapFxgDnZacEMBUkIalwVFp1Z4WevKYdjGBsIIhVbJ-YYA8IwKZa5rv0GECISYtGY5H9VyXXg0jSi66UZjtwbmMaomyIxzA5VTbraGXFNEGU2wYTZ-35AvyqyxexXePU5LqW9_0KjLmJ6Kn8qA8ZFANqM_gmMX79Kl4uJ9MBNzA0a79GBy_VBSGOaqe0JJIo8xqqDwRdM3y6QKpz5hUbebry-tPsN7rmSC5UyKC_OR9vO0ZLQtg8XHZ_pEBPGIl4DGcc_Cm4-jAs98jIzJDXWmsD3QI9VjeWtDIQomPCxV9FmkjraXtGbVCBWXO-DOkJn9QlDuJMEKStE0YQ3ZzJ4LvNnQtXZ9vn36bxVOpek7HdmPwVoxLzmf9k1udz4kdic0pXg1V_cuXG7kEwfr34pS_bPtyjlrd_ZXS-wNFvJYj1P9doRgxRNFHI7mRakYGvpXUofvvbENkLHXl5ujCGavdArGVAu8PJrFusxCEJASKJNqlqXsj_j0ZWkDZQcmGubeUPMXIhjqRPp73REp6WTMpRJRfB53_HIO8Uzk9ZZK8zjW_dgvN2A6Iq9y94yNW4G3UYLkZTjZL6xc39PcGoa_cP9o_32ytbtGVVX7XVbaEdGQRJOONgnix-7zSf_obIIdm_n7i3S77hLTIJM1r_HosVKnQvt8OztqcB0ZVaiw9NY9qi_RZQQN2fLhE_ZllY9aFKCI8ZZ6kjX4q2xfJIQCx2s0xD9MVZLdXrtkd-i8kLkamWMXNZlaGhoHZiz7UHQR3SrxJ0769eh3SmthmULwPlG6WM5O1fyGT4bUZSpCltUtJREYodgBR1plgRAr9EivrW1LAlI2wwRSe7JPEyyUeiYf6LP9kaG_SRDHelY8PLusxJ1rCggSveHF9h_LesBeYkhvM3J2of-jwZpSx553taoLxHC3Zedk0Vb_m7dkgutL3WeG_30dbQ83eKyaAf8Da_i63TTrLLBVMNRr6k1b4X2xDZXp22S0_yc0ulmH2zbSqPkGTCq5WqJChIxX7x1ZkJEP7TnEIlDIwmTMBnrQmNLPYQp7GsI7XhEir4YXQmKgyWo993rrO2nuvChuBh6XCTxdhCSAjWCXw8i7w2JbVK1ZrJWgHDh5D5AIXT9nNcNxOWTJ7hr5m1r7Om429H1qRopiY_WcuC9ZEaLs1Odr7TiqECkBsgk4sMZbmNx2XOcCLyi30uDUaDnEicAlOC5vNjnKn45-2qC3F0I17Hw5MnHpyjk0Fj4-mXDeDRydXKMV7S2HVbNoiX2A&cid=CAASFeRokrVX4qG163NAEjUrQKcESgvNKg&rfl=1%2Chttps%253A%252F%252Fwww.webmail.co.za%252F%240

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a7c9e417d35db8c63c623e0c9cccf4b5aeef583267c5251faa771e15b4568d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12871
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DAA0 42 B
173 B 50ms
27ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BuOQ4m8-_OlGUdm-GUqoMPCPCMdr3ut6PGtcMErVk4Q7HfwOe5Xky-1CqBVZ8cGTJ44HmIow_57WES6NT_cQ92z01LVfbyBxDzVaPruC-yDTsAC2k

Requested by

Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame DAA0 32 KB
8 KB 36ms
11ms Script
application/javascript 217.79.188.60
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 19bcbba417f03dfe5358b46518999a4b3ef79d5e421d36c66bfc6925184646d9

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
content-encoding: br
last-modified: Tue, 27 Jul 2021 14:05:18 GMT
etag: "3435361896-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame DAA0 3 KB
2 KB 40ms
12ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4285693&kid=2954778&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCrmhC5_sfYfymM83QgQfi27mwAa-Fi85k2pT6tMoO8C4QASD_wrQiYJWCgICYB8gBCakC8FbKDXaSsz6oAwGqBO8BT9BtsYHzOlkrChkW_-puH2cqd_mxrXHF58TP7uLqqx1XlAM8sbLG2Fa8sDGjPdNARaX9r3bYzzYF-HDoHdehi3m_XK-f2xzQlJfyKmcqEz7m02GoWQ1UEExj7v0Bg-yktkBlGZ7jy3ycoUiZUdzz8OIL8BUfR3WmZ0XnnEt7mVHvZL01K4t2QqLl7tF9lnJs-FrVK47wiK_XaKeCoBlIJ4RtSXjz4kHpxaDVXwuIxpvBIw82zL8jhKiahfn9uqkfBTxy-Q5qb783U-uBfothABipYucM3j1-lZ1iNJ-SBJfS796UBqz9ZdiSL9IJvLXABPzkz5jSAuAEA5AGAaAGTYAHrKjLvQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB6qbsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE-GVygrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRokrVX4qG163NAEjUrQKcESgvNKg%26sig%3DAOD64_3Hjagbp2WeGN6ucMBqqe7EHS8TVQ%26client%3Dca-pub-2370948078851435%26dbm_c%3DAKAmf-DkgZUW-DI4-2lT3cSz-B12XCmm2FktqX7V5BhQftadfk55JpOB422Nc5lCkJwLcwT5FIIjDsIrUkX-OgwgCauOWCH3kGMG2UhsIiMm-N_BE97tD4slkwUzs-zj_sBXh2SOGywxTo2QSWfxfa2OUbNLxd18jw%26cry%3D1%26dbm_d%3DAKAmf-DT6TmF-bkYhlW8U9c_PSXwZDo0V57ovNm76PeYrfuPXvr5I1BKiBMM-SyKrEdATSu4_ZfdvaZ-JMqBeiKVcHF_3JCJmhyiBl9uZdlJ_24hfzMX9bc69prsT2AXF_LWVhD7ESX3SuVAPpX9shXAQEL8EQ_ZVZ4G42uKOWOl9updHLWoJbr_EPAsmrsnX_GmVplCw4sFKPp3iZTPNHt6FgDa2z0atuJC3Lx0xczS8EZzihZevjO8MVJOIHTMF3dIYJmETfY_2IzGKa8dhHfLS-kNN7PjGhXwfht9WMpXZoa9W61zNsLbbd2VxBAimH3npbJGfoUV6uEwM98AAXPxYYwXUivOPqTDoGoBUfNIUYYEsb6qE9by7jOLMXo8iqPkumeLCVyosCYYgjCa7f78C8zDaC_EbiG4lAo32feg8hJWXbXW-_pclTDRGhQhd0-5RmVugESbnMm6YvJ5p8_WRj2weWejyg%26adurl%3D
Requested by: Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 34793c7da07bd5c6237844e494be0a2af219a92e11f4ee81fb194f26eae8b5c9

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 21:00:56 +0200
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
cache-control: max-age=600
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame DAA0 2 KB
1 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js

Requested by

Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Sep 2021 19:00:01 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DAA0 124 KB
37 KB 31ms
17ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286078051219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Fri, 20 Aug 2021 19:00:56 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame DAA0 14 KB
7 KB 28ms
5ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 18:45:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Sep 2021 18:45:17 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DAA0 0
0 14ms
13ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRhFTAJOGt_PYhzjEytwUMh0pvZ-h4WIAnYm1Ydel0WNQobzslX38VzooTOnrx8fk-k1z9jLIV9SlRPbUECnDwUv5zkWA
Requested by: Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 st Show response
imprammp.taboola.com/ Frame F079 742 B
482 B 28ms
28ms Document
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66501725&crid=6271935&dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&cmcv=&pix=undefined&cb=1629486056226&uv=3005&tms=1629486056226&abt=206725b_vA!adh5c-1_vA!insc_vA!scec9_vB!smbs!spa2_vA!t45!uga_vB!ul95973_vE&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=9AA3C1E516133637529596707499&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.0/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66501725&crid=6271935&dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&cmcv=&pix=undefined&cb=1629486056226&uv=3005&tms=1629486056226&abt=206725b_vA!adh5c-1_vA!insc_vA!scec9_vB!smbs!spa2_vA!t45!uga_vB!ul95973_vE&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=9AA3C1E516133637529596707499&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.webmail.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.webmail.co.za/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Fri, 20 Aug 2021 19:00:56 GMT
via: 1.1 varnish
x-served-by: cache-fra19146-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1629486056.233001,VS0,VE13
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 64D9 742 B
828 B 50ms
15ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.0/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.webmail.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.webmail.co.za/

Response headers

server: nginx
date: Fri, 20 Aug 2021 19:00:56 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3403

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 10 KB
6 KB 78ms
76ms XHR
application/json 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=6271935&noaop=5&sortOrderType=0&cb=1629486056231&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1263&pt=939837992&tz=120&viewable=true&ddast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2811025&dpubid=494845&abtst=206725b_vA!adh5c-1_vA!insc_vA!scec9_vB!smbs!spa2_vA!t45!uga_vB!ul95973_vE&mPre=0.033&cirf=https%3A%2F%2Fhttps&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.0/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c7a12789b4d95f75ecff88493d99d31956b8aab167890ac42139605256b1ee7

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
content-encoding: gzip
access-control-allow-origin: https://www.webmail.co.za
machineid: 1443
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra19146-FRA
pragma: no-cache
server: nginx
x-timer: S1629486056.237021,VS0,VE67
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://serverc.aivdesk.com>; rel=preconnect,<https://search.spotxchange.com>; rel=preconnect,<https://serverc.aivdesk.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 49ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66501725&crid=6271935&dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&cmcv=&pix=31589837&cb=1629486056226&uv=3005&tms=1629486056226&abt=206725b_vA!adh5c-1_vA!insc_vA!scec9_vB!smbs!spa2_vA!t45!uga_vB!ul95973_vE&ft=0&unm=SLIDER_INSTREAM&debug=pn:!sqg:!torgn:1629486055186.4!ts:1629486056226&mntl=1
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
content-length: 0
server: nginx

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D864
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEPKE5s0_DHRpKHFQQyJ-Hg&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEPKE5s0_DHRpKHFQQyJ-Hg&google_cver=1&C=1

43 B
894 B

14ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEPKE5s0_DHRpKHFQQyJ-Hg&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhi8ls-yATAB&v=APEucNWrvIQRZsRNGpe7hgssZnNAHWMb9MoM3TMab3Kn70aLnHHwjPgCZQ6EMr5_wrb0zypa77ikGCdW88TJUANEUr-iSJ1cUUc3u2h6IFqJY8u8HYcAZ9pt56iHIE-qAT6ft19GvW759dTmn6dThPDDdP6eegwE3X66KTVpc6gShpBM_gOmG5w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Aug 2021 19:00:56 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:56 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEPKE5s0_DHRpKHFQQyJ-Hg&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 20 Aug 2021 19:00:56 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D864
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YR-76JOi55tXc88dJ0qfSAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEPKE5s0_DHRpKHFQQyJ-Hg&google_cver=1

43 B
894 B

15ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEPKE5s0_DHRpKHFQQyJ-Hg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhi8ls-yATAB&v=APEucNWrvIQRZsRNGpe7hgssZnNAHWMb9MoM3TMab3Kn70aLnHHwjPgCZQ6EMr5_wrb0zypa77ikGCdW88TJUANEUr-iSJ1cUUc3u2h6IFqJY8u8HYcAZ9pt56iHIE-qAT6ft19GvW759dTmn6dThPDDdP6eegwE3X66KTVpc6gShpBM_gOmG5w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Aug 2021 19:00:56 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEPKE5s0_DHRpKHFQQyJ-Hg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D864
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL259oU2hplnKHGqs6khArU&google_cver=1

43 B
1006 B

16ms
7ms

Image
image/gif

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL259oU2hplnKHGqs6khArU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhi8ls-yATAB&v=APEucNWrvIQRZsRNGpe7hgssZnNAHWMb9MoM3TMab3Kn70aLnHHwjPgCZQ6EMr5_wrb0zypa77ikGCdW88TJUANEUr-iSJ1cUUc3u2h6IFqJY8u8HYcAZ9pt56iHIE-qAT6ft19GvW759dTmn6dThPDDdP6eegwE3X66KTVpc6gShpBM_gOmG5w

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:56 GMT
X-Proxy-Origin: 195.181.174.89; 195.181.174.89; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 1f1f6261-78a0-4263-a1b7-ec29608e8866
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL259oU2hplnKHGqs6khArU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D864
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI0NzAwMzUxMzkyMTM5MjgwOQ%3D%3D

170 B
188 B

24ms
23ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI0NzAwMzUxMzkyMTM5MjgwOQ%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:56 GMT
X-Proxy-Origin: 195.181.174.89; 195.181.174.89; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 01699dc7-92d5-4557-8ca1-48ce092a58c6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI0NzAwMzUxMzkyMTM5MjgwOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame DAA0 24 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cs2avwMSvklfN0mHH5kzF5phe-i6Qw4XJJQ6yXyKlMTpzMKAlK6cKhEB7gix38AJjxUk4BCvi_MRm1XPD1g4vbDco4H1RV5Dq59mftbXCac5sBpt8XEpsx2thKCepOA_RqY53CGlrQc1A9tNRqPGFFoIDTCA&cry=1&dbm_d=AKAmf-Dba9HhNzqmLWWKlKAw8w_e2k_m4qnwr2XJ5kyqnFOvmf2jZT_F5KLOudtUIaUHE8dARPKuJctTnaQZXkwHGjyqFtG_CZdvb4jdJ6YKZqEB9_-HjGctxrcnQJm93enl53Q1QlEfH2DvUchC1-xYQGXvPB4x--1r4CPFH6kMWm4w_AH_g_4KFUinPp1Jv_KsmBaUGc_u-IQRJUyXSW4p0SXgkDg6wKXpoqhRMGP0ItasyLtbjSscpBWLb7SKgZMzm5jubnLBJgd0D1p5-c25F4VkoK9ANzagCmdlV3GUehPy_TqPcW-HqtXrGqAmpQ4AdZJpQrxgt7NdHqm4A2eVasJQ1ou30zu4r9HO3FmrkUEnGCuj8b7ag1uG-6P_1xyJRW2NzHX3XoYhFolndfy_otF2hlx50ugnWH9J_nTtPAbjgKok9eF7j562H_J4HTdIjFv9Om67XcPeaUKVCJpLpFMqYs1nOfJkSAgboiu0gy2MUzAp1rSUp8nsZ1PF16sdO6yJvvS3wndduqeBBHOBj8JDxEeg6geF0W46F0wJw9zYYxofiTadUrZNxRnxvsGBPVapDC_41pkFbQrTSjqLqhE3Pf0hODNdoc5JRQjnWnwhCntuEFb_IDwk5BkKzJryDu0EB_o9b-M-ItJcFZZnyROpuJByGZMo6ZwA0sfJeRnuYuP-AuPWTE69OYf4AJASGOW5MZzrQ_9BSb87Cm-33w9Avop08QokpZN63S2AQyHz_HWY5fPaMppzFY3p7xvog478TE_RTPuXxFEc-eM5WnMIxSMO3m3tPc3Jpn61rgeaRNySJHncZy8dLUl74OmJk0KcZhE_O-af2VmUE3KmXnXmI3-CPl2fu7-yaCYRBBoMgA32cHEPTgbhdmJbMS4lw049aWVE5zC_qnrj1TS69byoESu1QSHYsWI3c5xcfjj9YvY1LVqXfuZmNNnzXJfcgSE_2klHT_fH9XZRhO_UyKeRr-sJlaEEq3qzbTIpyMnHHEF-3Uh0XmMPsOlGYLTFWCV2l0EaZCgBHAm8izIA5LQqVPb0m8rnUArrZd4tU_x3XWP1qQTXH1pnpUvFzU0tAyIqLwVr--3VmjE0vQDlWeiSP-YkUCPcG05iFIN6Ahed4Bzgzg-J1irglz3GlCZDB-siyGVv530whYR6L4sD4DCkXQ3vwuYqrV_BtsNk0fUWs2O4ygEtwrkEc_TfwIW8Aha0QlthKXRaxPD7TuK0BLr1l9DDF3619I-kd-FHaVm6VTM9sIbKFXeBKO7XawT9g2sOz0rUD_c5WnvYIrs9fFm_3icb6L6mHUFG_GXvu9zSEJ6EGO63-r2ptam4uDRcmAJ4W05XNa7xSeQbY2Pj-aVWdB91ntHtWzfrbTgWgUUbJ4tAIaMe66XTuRYLtosCx-DoiDUrmm4zx1kwAcbNbwgXNPo9PPB6xwZlpjo68gYC_Bjlz_-PXv1x20dOWGATm_KNsWXICaCC2WkA0oQHx8DaVJvuaG3xygcjzJC7uxvbr1mzBnfWsXhSgYl0XKfGHoAxYRRKcOBz31SbgCyePCc6_CU5s0vjO8pEAdqS5ktKThlse82TdlKpuw-Q6k5wN5mqcJMaiEeKFnOFvbTPsdY8y871cXUoN07APGyI4wDrWNCN2JgCu6Or74R3FuoFgs6zWJAO1oD38fgBsgRfbT3ZELs4tihD5ymTyvlVBXPDOBNe7d87aAcVny6OyYtOVleS9bXUOX-WmLIBheYal4tgtsrF6bP_tTM9z7vedE5P-lWhc-NnVyutODVi06XpgPBp5Co95t1o8JYqW0UxpYrmccGID7u_oCV4uapFxgDnZacEMBUkIalwVFp1Z4WevKYdjGBsIIhVbJ-YYA8IwKZa5rv0GECISYtGY5H9VyXXg0jSi66UZjtwbmMaomyIxzA5VTbraGXFNEGU2wYTZ-35AvyqyxexXePU5LqW9_0KjLmJ6Kn8qA8ZFANqM_gmMX79Kl4uJ9MBNzA0a79GBy_VBSGOaqe0JJIo8xqqDwRdM3y6QKpz5hUbebry-tPsN7rmSC5UyKC_OR9vO0ZLQtg8XHZ_pEBPGIl4DGcc_Cm4-jAs98jIzJDXWmsD3QI9VjeWtDIQomPCxV9FmkjraXtGbVCBWXO-DOkJn9QlDuJMEKStE0YQ3ZzJ4LvNnQtXZ9vn36bxVOpek7HdmPwVoxLzmf9k1udz4kdic0pXg1V_cuXG7kEwfr34pS_bPtyjlrd_ZXS-wNFvJYj1P9doRgxRNFHI7mRakYGvpXUofvvbENkLHXl5ujCGavdArGVAu8PJrFusxCEJASKJNqlqXsj_j0ZWkDZQcmGubeUPMXIhjqRPp73REp6WTMpRJRfB53_HIO8Uzk9ZZK8zjW_dgvN2A6Iq9y94yNW4G3UYLkZTjZL6xc39PcGoa_cP9o_32ytbtGVVX7XVbaEdGQRJOONgnix-7zSf_obIIdm_n7i3S77hLTIJM1r_HosVKnQvt8OztqcB0ZVaiw9NY9qi_RZQQN2fLhE_ZllY9aFKCI8ZZ6kjX4q2xfJIQCx2s0xD9MVZLdXrtkd-i8kLkamWMXNZlaGhoHZiz7UHQR3SrxJ0769eh3SmthmULwPlG6WM5O1fyGT4bUZSpCltUtJREYodgBR1plgRAr9EivrW1LAlI2wwRSe7JPEyyUeiYf6LP9kaG_SRDHelY8PLusxJ1rCggSveHF9h_LesBeYkhvM3J2of-jwZpSx553taoLxHC3Zedk0Vb_m7dkgutL3WeG_30dbQ83eKyaAf8Da_i63TTrLLBVMNRr6k1b4X2xDZXp22S0_yc0ulmH2zbSqPkGTCq5WqJChIxX7x1ZkJEP7TnEIlDIwmTMBnrQmNLPYQp7GsI7XhEir4YXQmKgyWo993rrO2nuvChuBh6XCTxdhCSAjWCXw8i7w2JbVK1ZrJWgHDh5D5AIXT9nNcNxOWTJ7hr5m1r7Om429H1qRopiY_WcuC9ZEaLs1Odr7TiqECkBsgk4sMZbmNx2XOcCLyi30uDUaDnEicAlOC5vNjnKn45-2qC3F0I17Hw5MnHpyjk0Fj4-mXDeDRydXKMV7S2HVbNoiX2A&cid=CAASFeRokrVX4qG163NAEjUrQKcESgvNKg&rfl=1%2Chttps%253A%252F%252Fwww.webmail.co.za%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 18:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9341
x-xss-protection: 0
server: cafe
etag: 177112232901409761
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Sep 2021 18:57:00 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DAA0 41 KB
15 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 11:32:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 11:32:33 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F079 70 B
264 B 47ms
46ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66501725&crid=6271935&dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&cmcv=&pix=undefined&cb=1629486056226&uv=3005&tms=1629486056226&abt=206725b_vA!adh5c-1_vA!insc_vA!scec9_vB!smbs!spa2_vA!t45!uga_vB!ul95973_vE&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=9AA3C1E516133637529596707499&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame F079 43 B
182 B 287ms
95ms Image
image/gif 2600:1f18:612b:4264:a698:31e8:5977:4024
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66501725&crid=6271935&dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&cmcv=&pix=undefined&cb=1629486056226&uv=3005&tms=1629486056226&abt=206725b_vA!adh5c-1_vA!insc_vA!scec9_vB!smbs!spa2_vA!t45!uga_vB!ul95973_vE&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=9AA3C1E516133637529596707499&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:a698:31e8:5977:4024 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame F079
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f308e425-01e8-11ec-a4a7-1f932c7f0406&orig=video&us_privacy=1---gdpr=1&

0
228 B

28ms
13ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f308e425-01e8-11ec-a4a7-1f932c7f0406&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66501725&crid=6271935&dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&cmcv=&pix=undefined&cb=1629486056226&uv=3005&tms=1629486056226&abt=206725b_vA!adh5c-1_vA!insc_vA!scec9_vB!smbs!spa2_vA!t45!uga_vB!ul95973_vE&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=9AA3C1E516133637529596707499&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 6751

Redirect headers

Date: Fri, 20 Aug 2021 19:00:56 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f308e425-01e8-11ec-a4a7-1f932c7f0406&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 30
Connection: keep-alive
Content-Length: 0

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame DAA0 569 B
724 B 16ms
16ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4285693&adjsver=3&fvers=&iframe=1&ref=https%3A//www.webmail.co.za/&ro=https%3A//ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&kid=2954778&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrmhC5%5FsfYfymM83QgQfi27mwAa%2DFi85k2pT6tMoO8C4QASD%5FwrQiYJWCgICYB8gBCakC8FbKDXaSsz6oAwGqBO8BT9BtsYHzOlkrChkW%5F%2DpuH2cqd%5FmxrXHF58TP7uLqqx1XlAM8sbLG2Fa8sDGjPdNARaX9r3bYzzYF%2DHDoHdehi3m%5FXK%2Df2xzQlJfyKmcqEz7m02GoWQ1UEExj7v0Bg%2DyktkBlGZ7jy3ycoUiZUdzz8OIL8BUfR3WmZ0XnnEt7mVHvZL01K4t2QqLl7tF9lnJs%2DFrVK47wiK%5FXaKeCoBlIJ4RtSXjz4kHpxaDVXwuIxpvBIw82zL8jhKiahfn9uqkfBTxy%2DQ5qb783U%2DuBfothABipYucM3j1%2DlZ1iNJ%2DSBJfS796UBqz9ZdiSL9IJvLXABPzkz5jSAuAEA5AGAaAGTYAHrKjLvQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB%2DzVG6gH89EbqAeW2BuoB6qbsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE%2DGVygrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRokrVX4qG163NAEjUrQKcESgvNKg%26sig%3DAOD64%5F3Hjagbp2WeGN6ucMBqqe7EHS8TVQ%26client%3Dca%2Dpub%2D2370948078851435%26dbm%5Fc%3DAKAmf%2DDkgZUW%2DDI4%2D2lT3cSz%2DB12XCmm2FktqX7V5BhQftadfk55JpOB422Nc5lCkJwLcwT5FIIjDsIrUkX%2DOgwgCauOWCH3kGMG2UhsIiMm%2DN%5FBE97tD4slkwUzs%2Dzj%5FsBXh2SOGywxTo2QSWfxfa2OUbNLxd18jw%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDT6TmF%2DbkYhlW8U9c%5FPSXwZDo0V57ovNm76PeYrfuPXvr5I1BKiBMM%2DSyKrEdATSu4%5FZfdvaZ%2DJMqBeiKVcHF%5F3JCJmhyiBl9uZdlJ%5F24hfzMX9bc69prsT2AXF%5FLWVhD7ESX3SuVAPpX9shXAQEL8EQ%5FZVZ4G42uKOWOl9updHLWoJbr%5FEPAsmrsnX%5FGmVplCw4sFKPp3iZTPNHt6FgDa2z0atuJC3Lx0xczS8EZzihZevjO8MVJOIHTMF3dIYJmETfY%5F2IzGKa8dhHfLS%2DkNN7PjGhXwfht9WMpXZoa9W61zNsLbbd2VxBAimH3npbJGfoUV6uEwM98AAXPxYYwXUivOPqTDoGoBUfNIUYYEsb6qE9by7jOLMXo8iqPkumeLCVyosCYYgjCa7f78C8zDaC%5FEbiG4lAo32feg8hJWXbXW%2D%5FpclTDRGhQhd0%2D5RmVugESbnMm6YvJ5p8%5FWRj2weWejyg%26adurl%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4285693&kid=2954778&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCrmhC5_sfYfymM83QgQfi27mwAa-Fi85k2pT6tMoO8C4QASD_wrQiYJWCgICYB8gBCakC8FbKDXaSsz6oAwGqBO8BT9BtsYHzOlkrChkW_-puH2cqd_mxrXHF58TP7uLqqx1XlAM8sbLG2Fa8sDGjPdNARaX9r3bYzzYF-HDoHdehi3m_XK-f2xzQlJfyKmcqEz7m02GoWQ1UEExj7v0Bg-yktkBlGZ7jy3ycoUiZUdzz8OIL8BUfR3WmZ0XnnEt7mVHvZL01K4t2QqLl7tF9lnJs-FrVK47wiK_XaKeCoBlIJ4RtSXjz4kHpxaDVXwuIxpvBIw82zL8jhKiahfn9uqkfBTxy-Q5qb783U-uBfothABipYucM3j1-lZ1iNJ-SBJfS796UBqz9ZdiSL9IJvLXABPzkz5jSAuAEA5AGAaAGTYAHrKjLvQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB6qbsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE-GVygrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRokrVX4qG163NAEjUrQKcESgvNKg%26sig%3DAOD64_3Hjagbp2WeGN6ucMBqqe7EHS8TVQ%26client%3Dca-pub-2370948078851435%26dbm_c%3DAKAmf-DkgZUW-DI4-2lT3cSz-B12XCmm2FktqX7V5BhQftadfk55JpOB422Nc5lCkJwLcwT5FIIjDsIrUkX-OgwgCauOWCH3kGMG2UhsIiMm-N_BE97tD4slkwUzs-zj_sBXh2SOGywxTo2QSWfxfa2OUbNLxd18jw%26cry%3D1%26dbm_d%3DAKAmf-DT6TmF-bkYhlW8U9c_PSXwZDo0V57ovNm76PeYrfuPXvr5I1BKiBMM-SyKrEdATSu4_ZfdvaZ-JMqBeiKVcHF_3JCJmhyiBl9uZdlJ_24hfzMX9bc69prsT2AXF_LWVhD7ESX3SuVAPpX9shXAQEL8EQ_ZVZ4G42uKOWOl9updHLWoJbr_EPAsmrsnX_GmVplCw4sFKPp3iZTPNHt6FgDa2z0atuJC3Lx0xczS8EZzihZevjO8MVJOIHTMF3dIYJmETfY_2IzGKa8dhHfLS-kNN7PjGhXwfht9WMpXZoa9W61zNsLbbd2VxBAimH3npbJGfoUV6uEwM98AAXPxYYwXUivOPqTDoGoBUfNIUYYEsb6qE9by7jOLMXo8iqPkumeLCVyosCYYgjCa7f78C8zDaC_EbiG4lAo32feg8hJWXbXW-_pclTDRGhQhd0-5RmVugESbnMm6YvJ5p8_WRj2weWejyg%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 5bff8aab6316785594ff5732f3a6846dac632ffe91c9a6beb1eb04cfd0b0af6f

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 21:00:56 +0200
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control: no-cache
content-type: text/javascript
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 23D2 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 19 Aug 2021 11:32:34 GMT
expires: Fri, 19 Aug 2022 11:32:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 113302
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK h7gx4wfffrt8 Show response
ad.ad-srv.net/zone/ Frame DAA0 10 KB
3 KB 288ms
12ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/zone/h7gx4wfffrt8?subid=&redirectClick=
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: df5eab9b06fde8ac0deb3494e9f37422802b69045bf976973bbbbcf3291d425d

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:00:56 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2658
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 64D9 70 B
264 B 34ms
32ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 64D9 43 B
183 B 258ms
94ms Image
image/gif 2600:1f18:612b:4264:a698:31e8:5977:4024
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:a698:31e8:5977:4024 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 64D9
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f30d80df-01e8-11ec-bfd0-1a7cb9e30506&orig=video&us_privacy=1---gdpr=1&

0
228 B

13ms
13ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f30d80df-01e8-11ec-bfd0-1a7cb9e30506&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 6745

Redirect headers

Date: Fri, 20 Aug 2021 19:00:56 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f30d80df-01e8-11ec-bfd0-1a7cb9e30506&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 38
Connection: keep-alive
Content-Length: 0

GET
H2 200 cmTagSLIDER_INSTREAM.js Show response
vidstat.taboola.com/vpaid/units/30_0_5/infra/ 682 KB
117 KB 23ms
7ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/30_0_5/infra/cmTagSLIDER_INSTREAM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.0/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 0e9c9358c36ea30656af161c43ed15bdf6bae04961543ee4a24dd60d81212989

Request headers

Origin: https://www.webmail.co.za
Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
via: 1.1 varnish
age: 208439
x-amz-meta-mtime: 1629277492
x-cache: HIT
x-amz-meta-ctime: 1629277493
x-amz-meta-mode: 33188
content-encoding: br
content-length: 118720
x-amz-id-2: bn3/FPdsogBEZsTDb/60w2ktsoBpMrcSfQGDaBO+DGfcA+QBKi0Sk5lxWy010kvih2oxNyFc4+0=
x-served-by: cache-fra19141-FRA
accept-ranges: bytes
last-modified: Wed, 18 Aug 2021 09:04:54 GMT
server: AmazonS3-br
x-timer: S1629486056.353307,VS0,VE0
etag: "365884dc4180237128e84f368d1085a8"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: P1ES7VDMN6WTH4GC
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 12728

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/30_0_5/assets/css/ 60 KB
8 KB 7ms
7ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/30_0_5/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.0/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 6e07734fe1015f88d67a257108878aed46f82946feba5973a0d306aa927ad71a

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
via: 1.1 varnish
age: 208445
x-amz-meta-mtime: 1629277534
x-cache: HIT
x-amz-meta-ctime: 1629277535
x-amz-meta-mode: 33188
content-encoding: br
content-length: 7972
x-amz-id-2: 0+9S7FywUIavAe52i3nSvWP0meUy0XCW+EmaWOEbadW9M/G/IB6vBDvWrsZmxwQIeiqZz7LRDrM=
x-served-by: cache-fra19146-FRA
accept-ranges: bytes
last-modified: Wed, 18 Aug 2021 09:05:36 GMT
server: AmazonS3-br
x-timer: S1629486056.338329,VS0,VE0
etag: "ce1087477d9ed75a60ebb531908eb622"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: KE9R6HFS3RS32N5Y
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 148261

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012108100143000/ Frame 4EB9 188 KB
55 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80552188ade64dd7f4ffd7b9dc82b63a67cd59265cde1fb838d7a0d4f0cc56e9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 281717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55213
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2f5786613d323c5a"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 4EB9 13 KB
5 KB 39ms
18ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce2d9e56822ca13d0bc323ca0d7a4a6205b58a7006eea4ca3256f77da7a6a0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 281717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4877
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0140540fbe581c13"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 4EB9 89 KB
28 KB 40ms
18ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f5433df727188d43a64cda6f7060bc5117045b2cbcd1492a00183caff5f1ec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 281717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28511
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "07ab47082d8b4bd2"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 4EB9 4 KB
2 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

607fe49372f521f5a6c6c7fcde31ebb07f017c1efea75cbbf167612641e006e7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 281717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1660
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "758b6350805b356b"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 4EB9 40 KB
13 KB 42ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9dd189ef52ea74a10651864dd73d21639d99289fb8ca5be69df4aa29c81afc4d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 281717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12835
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e9aa942d03505fee"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
DATA 200
OK truncated
/ Frame 4EB9 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a75961f3d8dda1dd685c2ef7a53ef3536f35114b487134ca32f8c87e6b8883ba

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 1286701112006408534
tpc.googlesyndication.com/daca_images/simgad/ Frame 4EB9 30 KB
30 KB 8ms
7ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/1286701112006408534

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58138ae9386e3492c24f00208a1e12bab4972bf3aed9179d22454ef53391e464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 04:27:12 GMT
x-content-type-options: nosniff
age: 52424
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30241
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 03:02:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 04:27:12 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4EB9 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
age: 56498
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 21 Aug 2021 03:19:18 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4EB9 295 B
319 B 7ms
6ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
age: 21195
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 21 Aug 2021 13:07:41 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 4EB9 0
0 15ms
13ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSAtUHs3J0K9eezfpPJKg6BF_K-3KEa5FBw4cMZognAh0u1NrfgFE-quEWk1bex5qUhwvuA0dK0ItRSm-qS6_kkLk9O6Q
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4EB9 0
0 59ms
37ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CaLGu6PsfYY62A9-wx_AP8IKskAjCgtPQZKqzlZPFDtvZHhABIP_CtCJglYKAgJgHoAGG76uVAsgBAuACAKgDAcgDCKoEhQJP0IkjsmPmnF8AjDvdvM5IsKO2Nm9teUzfMFAmDiu2PHyvrw4eAtFj7-sccUKTauJwOKCkYDMT-TK4xT9oWB4OmwiAfRhIc4fV7PuaHsuM6Zu9clcWYvzLBjSokVgOjqAON9NatUzsG2VEijqceuaVjvUCoiIFTKxLzWweXG_43r73qZkiDv327iQ0JvVjaB0OJNjevxZ6a0ekvyxEiGbMuyZAacfIwqRGmfJY4fVg70x6uGwQ5u41NnvdGa-mex0s4T6_tbrEL0RUGJABNudgy5WZ_vu4oxtaZB0hp16sDxjKjBM3FeEiMi0oPCKB2blvXjz0kotghpMFTduUcAjHQJnLxQDABMrYzJHRA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfikNTqAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCBsBDSCAkIiOGAEBABGB2ACgPICwHYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItMjM3MDk0ODA3ODg1MTQzNRjPnx8&sigh=s0byqMmKFto
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js Show response
pagead2.googlesyndication.com/bg/ Frame 23D2 35 KB
13 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 16:26:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13491
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Aug 2022 16:26:46 GMT

GET
H2 200 content14_10_18m.js Show response
vidstat.taboola.com/ 37 KB
8 KB 7ms
7ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content14_10_18m.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_0_5/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront), 1.1 varnish
age: 4009468
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 7638
x-served-by: cache-fra19146-FRA
last-modified: Sun, 14 Oct 2018 13:31:31 GMT
server: AmazonS3
x-timer: S1629486056.462338,VS0,VE0
etag: "d8d81221ec6e604811ce469d899c9c8b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 66yyU3j4fvwR2pWghuTSRe4J90AY-n2Za3iK1pdjZQmlD5ieLGYAOA==
x-cache-hits: 3709678

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/ 567 KB
116 KB 7ms
7ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_0_5/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: e95623e9082ef2c44c96252359f39cd05a5b21f5155f025a493244d5f7b40357

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
via: 1.1 varnish
age: 381544
x-amz-meta-mtime: 1629104445
x-cache: HIT
x-amz-meta-ctime: 1629104459
x-amz-meta-mode: 33188
content-encoding: br
content-length: 118740
x-amz-id-2: pVTeol5zUSbJgGhEDNQ/udYcJnYuoEhq+4dq1paKSAbl6SjP92olDQDmA3+myCayPP/NYH85naI=
x-served-by: cache-fra19146-FRA
accept-ranges: bytes
last-modified: Mon, 16 Aug 2021 09:01:00 GMT
server: AmazonS3-br
x-timer: S1629486056.482679,VS0,VE0
etag: "1208505f5eb2bb35f6eb2556219b5367"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: TGDMAV2VTG5YYNN9
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 338920

GET
H2 200 sync Show response
am-match.taboola.com/ Frame FF3F 564 B
649 B 15ms
14ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_0_5/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: a8565a0aa214e2ecf8ad9dba771e98012ce6303a370e05806269a1c220a0fd0b

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.webmail.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=eb89a0a9-5ad4-4a1b-8fe0-cf2a0552eb76-tuct8198168
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.webmail.co.za/

Response headers

server: nginx
date: Fri, 20 Aug 2021 19:00:56 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3405

GET
H2 200 loading2.png
vidstat.taboola.com/assets/ 24 KB
24 KB 19ms
17ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/loading2.png
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront), 1.1 varnish
age: 1354020
x-amz-meta-mtime: 1498646328
x-cache: Hit from cloudfront, HIT
x-amz-meta-mode: 33188
content-length: 24300
x-served-by: cache-fra19146-FRA
last-modified: Sun, 02 Jul 2017 14:25:04 GMT
server: AmazonS3
x-timer: S1629486057.505403,VS0,VE0
etag: "ead84d746b6ee07ee78dc4243d7349c8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: *
x-amz-cf-id: C5yBauLaSZord-p4g3OIn-CuxfO_2AEck1rH7pfokZS1SiECj-KSSg==
x-cache-hits: 160664

GET
H2 200 replay-button.svg
vidstat.taboola.com/assets/ 1 KB
980 B 19ms
17ms Image
image/svg+xml 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/replay-button.svg
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront), 1.1 varnish
age: 580148
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 701
x-served-by: cache-fra19146-FRA
last-modified: Wed, 13 Feb 2019 09:30:13 GMT
server: AmazonS3
x-timer: S1629486057.505747,VS0,VE0
etag: "e871e80b457ead7801d3bbe63b25c4fb"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 68--E9bJZJTFY4Pf-CQxt8QLXNg4O-HxySEaYz3ektdM9aK92hHC1w==
x-cache-hits: 92534

GET
H2 200 replay-button-hover.svg
vidstat.taboola.com/assets/ 1 KB
1 KB 18ms
17ms Image
image/svg+xml 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/replay-button-hover.svg
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront), 1.1 varnish
age: 2487670
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 709
x-served-by: cache-fra19146-FRA
last-modified: Wed, 13 Feb 2019 09:30:13 GMT
server: AmazonS3
x-timer: S1629486057.505305,VS0,VE0
etag: "ae0344bce724db935e4f7ba6573ee516"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: kT4M8d-czlr_-OCf3K91M4K1xePIfVsNnZee6x0NDbciKgjMjr8DUQ==
x-cache-hits: 281512

GET
H2 200 learn-more-button.svg
vidstat.taboola.com/assets/ 2 KB
939 B 18ms
17ms Image
image/svg+xml 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/learn-more-button.svg
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront), 1.1 varnish
age: 1237912
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 634
x-served-by: cache-fra19146-FRA
last-modified: Wed, 13 Feb 2019 09:30:12 GMT
server: AmazonS3
x-timer: S1629486057.505269,VS0,VE0
etag: "3132e8c3bdd274efa7ce1531ec89580d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 6ffGz5dkVYPLViKhzq11x71w3bMyuDfY1-L171M4X6erY3M64_YkJQ==
x-cache-hits: 141528

GET
H2 200 learn-more-button-hover.svg
vidstat.taboola.com/assets/ 2 KB
985 B 17ms
17ms Image
image/svg+xml 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/learn-more-button-hover.svg
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront), 1.1 varnish
age: 1410994
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 660
x-served-by: cache-fra19146-FRA
last-modified: Wed, 13 Feb 2019 09:30:11 GMT
server: AmazonS3
x-timer: S1629486057.505258,VS0,VE0
etag: "b14888c73642ebc29c1451727eb1eb8a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Xc0UcLYkx7Sy9R8QfiXh171iJdoOIFmhxTln_IzoosOevB98C4dTbw==
x-cache-hits: 157044

GET
H2 200 c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 3 KB
2 KB 17ms
16ms Image
image/svg+xml 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding: gzip
etag: "11d8569a7da0739259e3ac0b0d666e94"
age: 98
via: 1.1 varnish
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1502
x-amz-id-2: dG5btsDeY+PXEquROAVOM4aSIiDscRq1Gl9IHePBB8GJnqlJNRRfiUhPAFZjTJrdG2p1UE93Z4g=
x-served-by: cache-fra19146-FRA
last-modified: Sun, 10 Jun 2018 13:23:55 GMT
server: AmazonS3
x-timer: S1629486057.505223,VS0,VE0
date: Fri, 20 Aug 2021 19:00:56 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: F5F03R83Q1CDSQFG
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 98
x-cache-hits: 64

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012108100143000/ Frame B69D 188 KB
54 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80552188ade64dd7f4ffd7b9dc82b63a67cd59265cde1fb838d7a0d4f0cc56e9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 281717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55213
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2f5786613d323c5a"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame B69D 13 KB
5 KB 33ms
16ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce2d9e56822ca13d0bc323ca0d7a4a6205b58a7006eea4ca3256f77da7a6a0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 281717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4877
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0140540fbe581c13"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame B69D 89 KB
28 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f5433df727188d43a64cda6f7060bc5117045b2cbcd1492a00183caff5f1ec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 281717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28511
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "07ab47082d8b4bd2"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame B69D 4 KB
2 KB 33ms
18ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

607fe49372f521f5a6c6c7fcde31ebb07f017c1efea75cbbf167612641e006e7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 281717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1660
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "758b6350805b356b"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame B69D 40 KB
13 KB 32ms
17ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9dd189ef52ea74a10651864dd73d21639d99289fb8ca5be69df4aa29c81afc4d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 281717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12835
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e9aa942d03505fee"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B69D 2 KB
2 KB 6ms
5ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
age: 56498
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 21 Aug 2021 03:19:18 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B69D 295 B
319 B 6ms
6ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
age: 21195
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 21 Aug 2021 13:07:41 GMT

GET
DATA 200
OK truncated
/ Frame B69D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14195189a9b91d79dee562dcfa7dd2cdd68251a18b5dd1d0cc41e9275f7b6969

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 5122297880425295147
tpc.googlesyndication.com/daca_images/simgad/ Frame B69D 41 KB
41 KB 7ms
7ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/5122297880425295147

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b131d45599f927d91ae219b43f6d2ba69b26d53132f7e4e7d4deff043844e709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:38:13 GMT
x-content-type-options: nosniff
age: 386563
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41615
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 06:26:23 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 07:38:13 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame B69D 0
0 14ms
13ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSirquVmhuvr7a-BwrXVKmYMvwEA6l95jje8OGvm3StrzIBVqcpGM01h1ovP6juz06XI_aoEs6jxqzM5m-_j9GmyH-BkQ
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B69D 0
0 39ms
38ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CpO6x6PsfYeCeE9Sq7gPmnZaIAdqIp9Fkv4Hg7ukO29keEAEg_8K0ImCVgoCAmAegAZaBn9UByAECqQK9ItDa3DqBPuACAKgDAcgDCKoEhgJP0F0RZMwN9cyEcHSEWJB5AS_3M1HhsmNZMUu-7tC2qy3ACYHxpONIaQAoCkf9RGN1YRwYRu8Dngr9U2tWMVpNW9EUPY3F0A2nsWraERfhdNpmyqN7v_97AfzwZHHKBQcHees4GXd1dpsutmetEFMskQCG6e-wYgDMc3Kmh1GtLrutpQlatoZH0yhTOiw5jLDGVrat3wdUSuzU0X1IVb6ZC7bJUW3zo1NAEbk96novJg_S2wNCyGjak0cuhORUPyV7wBL79qo9JS1MCrUY9w-dlfCzC_uwQlv0Hh19zJDZIbV-o8Fccfc5QhZDNSEnmMcKv2f50agNyscC8BeK5sW_q863SbNhwATc1rCh1APgBAGSBQQIBBgBkgUECAUYBKAGAoAH6M68qwKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQwZYJ0ggJCIjhgBAQARgdgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTIzNzA5NDgwNzg4NTE0MzUYz58f&sigh=4aWYdyDbQFc
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 4EB9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

16ms
16ms

Image
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Fri, 20 Aug 2021 19:00:56 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4EB9 2 KB
2 KB 10ms
5ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
age: 56498
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 21 Aug 2021 03:19:18 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4EB9 295 B
319 B 10ms
6ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
age: 21195
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 21 Aug 2021 13:07:41 GMT

GET
H/1.1 200
OK 5cd7e859f2d3840015f29aad Show response
serverc.aivdesk.com/connections/5638c79739291a03009685cd/ 66 B
724 B 382ms
99ms XHR
text/xml 198.199.88.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serverc.aivdesk.com/connections/5638c79739291a03009685cd/5cd7e859f2d3840015f29aad?url=https%3A%2F%2Fhttps&playerWidth=400&playerHeight=225&param2=Taboola&userGdpr=1&us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.199.88.126 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 365464596a5c65ba5f030f24682d1209a3a3752c2ddeef4ca875cd18e082e066

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Date: Fri, 20 Aug 2021 19:00:57 GMT
Server: nginx
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: https://www.webmail.co.za
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: close
Content-Type: text/xml; charset=utf-8
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Content-Length: 66

GET
H/1.1 200
OK 313855 Show response
search.spotxchange.com/vast/2.00/ 67 B
1 KB 80ms
39ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.00/313855?VPAID=js&content_page_url=https%3A%2F%2Fhttps%3A%2F%2Fwww.webmail.co.za%3Ft%3D1629486055&player_width=400&player_height=225&vid_duration=NaN&content_id=inline&ad_mute=1&custom_skin=1&custom[content][]=IAB12-3&custom[pub_lang]=en&schain[schainobject]=1.0,1!taboola.com,1372681,1,-719753982&gdpr=1&gdpr_consent=&playtime=60&us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Date: Fri, 20 Aug 2021 19:00:56 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000381
X-SpotX-Timing-SpotMarket: 0.013645
X-SpotX-Timing-Page-Mux: 0.000270
X-SpotX-Timing-Page-Require: 0.000577
X-fe: 054
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
Content-Length: 77
X-SpotX-Timing-Page: 0.022959
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.005314
Last-Modified: Fri, 20 Aug 2021 19:00:56 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.013645
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.webmail.co.za
X-SpotX-Timing-Page-Misc: 0.002758
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000011
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 5e16ec7385c98e00170ec854 Show response
serverc.aivdesk.com/connections/5638c79739291a03009685cd/ 66 B
721 B 381ms
101ms XHR
text/xml 198.199.88.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serverc.aivdesk.com/connections/5638c79739291a03009685cd/5e16ec7385c98e00170ec854?url=https%3A%2F%2Fhttps&playerWidth=400&playerHeight=225&param2=Taboola&userGdpr=1&us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.199.88.126 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 365464596a5c65ba5f030f24682d1209a3a3752c2ddeef4ca875cd18e082e066

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Date: Fri, 20 Aug 2021 19:00:57 GMT
Server: nginx
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: https://www.webmail.co.za
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: close
Content-Type: text/xml; charset=utf-8
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Content-Length: 66

GET
H/1.1

200
OK

request.php Show response
ad28.ad-srv.net/ Frame DAA0
Redirect Chain

https://ad28.ad-srv.net/request.php?zone=h7gx4wfffrt8&nw=11&renderingType=javascript&namespace=0d8dde3394&subid=&uid=bca89da030c18566&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x2...
https://ad28.ad-srv.net/request.php?zone=h7gx4wfffrt8&nw=11&renderingType=javascript&namespace=0d8dde3394&subid=&uid=bca89da030c18566&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x2...

2 KB
1 KB

54ms
30ms

Script
application/x-javascript

88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad28.ad-srv.net/request.php?zone=h7gx4wfffrt8&nw=11&renderingType=javascript&namespace=0d8dde3394&subid=&uid=bca89da030c18566&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fwww.webmail.co.za%2F&ancestorOrigins=https%3A%2F%2Fwww.webmail.co.za&random=5834234434336&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 95495acd2cfee985e69c7d76d78d17ad65291aa9261263b138e0f446f83e96c1

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 38187000132810000383832011692028
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 762
Expires: Fri, 20 Aug 2021 20:00:56 +0200

Redirect headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:56 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=h7gx4wfffrt8&nw=11&renderingType=javascript&namespace=0d8dde3394&subid=&uid=bca89da030c18566&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fwww.webmail.co.za%2F&ancestorOrigins=https%3A%2F%2Fwww.webmail.co.za&random=5834234434336&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Fri, 20 Aug 2021 20:00:56 +0200

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame FF3F 43 B
182 B 96ms
94ms Image
image/gif 2600:1f18:612b:4264:a698:31e8:5977:4024
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:a698:31e8:5977:4024 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame FF3F 70 B
264 B 33ms
32ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
x.bidswitch.net/ Frame FF3F 43 B
146 B 1042ms
7ms Image
image/gif 18.184.94.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.94.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-94-176.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 container.html Show response
ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4F66 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.webmail.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.webmail.co.za/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 20 Aug 2021 19:00:55 GMT
expires: Sat, 20 Aug 2022 19:00:55 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame B69D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

29ms
14ms

Image
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Fri, 20 Aug 2021 19:00:56 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 5122297880425295147
tpc.googlesyndication.com/daca_images/simgad/ Frame B69D 41 KB
41 KB 7ms
7ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/5122297880425295147

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b131d45599f927d91ae219b43f6d2ba69b26d53132f7e4e7d4deff043844e709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:38:13 GMT
x-content-type-options: nosniff
age: 386563
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41615
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 06:26:23 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 07:38:13 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B69D 2 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
age: 56498
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 21 Aug 2021 03:19:18 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B69D 295 B
399 B 14ms
13ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
age: 21195
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 21 Aug 2021 13:07:41 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E418 624 B
300 B 18ms
17ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNXPKKshbDsWzvjpMwqkLAr4YinlBhJ53yZE2CK4jO0xOlz67KqEOLLOIAqVZA7_8RWWDqWVOZmL3HmIZV8SSAjGjD-406_yeYQ8eb4vfNeZKUCP0YFKebLe4d61fSxlRPbXEmQKLhLyMMIDVvNauxHtbDPv8DuAQjJzJSElVT3z7qB_S4g

Requested by

Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNXPKKshbDsWzvjpMwqkLAr4YinlBhJ53yZE2CK4jO0xOlz67KqEOLLOIAqVZA7_8RWWDqWVOZmL3HmIZV8SSAjGjD-406_yeYQ8eb4vfNeZKUCP0YFKebLe4d61fSxlRPbXEmQKLhLyMMIDVvNauxHtbDPv8DuAQjJzJSElVT3z7qB_S4g
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 20 Aug 2021 19:00:56 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUkjT16M8hL3WZjT-CKixevqsMrlWsI4KlDIprXySSjBtXUaWyNeJBZ2XgJh; expires=Wed, 14-Sep-2022 19:00:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 20 Aug 2021 19:00:56 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4F66 25 KB
13 KB 794ms
793ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AQU2N-RDhkIuuyrj2j5V6vrgjY7L_sIZgboI3u7GEVety0Z1H6zBdoGxj-fpt0TCpofS92KGEEinaAsRxZwxXag-VQahONl3sqeiIkwDSJA-osFFLJUHaoGbaTnBu7qWDNK0u1ByEBd3_fcs8LCVaNZ7W8gw&cry=1&dbm_d=AKAmf-AQs3LGcoPZLaJIKXtZ3tEzR6qaBwKMzV2kKQ285XaEONKz2m3VmPlw-_hS82A4zbXndNTfEZ0bC05ddI5AB7Z-QpFs0VQFOjSqB6sfEw2TGypEI-RlqEst5R4Gl00XG0LTw-3-bnyMr4iV50lZz_oBDg4H5vup9HwmXc2i-f94iDmtXk2uvreTQYnLTXPSW8vZ3E8yGCxsoTWwTgPCvNDEczkiI3aTrksj68piN2H38eiosjhN4mjnwop36v-k4LO644ojlopYDZzfhPW87POS3XELNVNK8Ev0L6JrKZ8mhMz1JAHZaV7PugXoElNBoCkIPCejdn-DVRjDP68UOmQSqttrAj5wnGhakrRXLE5pZQB07f6cuveburYTC3-mKWrbHPCbzgeKZuaDVSVTkh54pfALIa623BnXxkjO9eN9WALOVBdm6SnUFm5lF_ikv_QkvB0HU1qVNfW5vE-6tW-Dsk4XIHRO70djKGiD8qwlMqKHxXjm92cMGF8p7z6qbO-IuCKYKcbjOtFQCzB7WNapXZVmnLCZIRbmEdCFHb4xq3BcGrQ4uHfM5AWW33GjKnZWefaxT_6UcTQo91Bq67h-mJtRwbW1w4TRGYUBrJu313f3s8zp2gi5mvApQdE2Boh7_o0kKOEB0NZLgER8FaGpjxtqaEAg9nWjGJKAdaW1dio_2UZPCpn1Xm6BZxel9viA3NSI43a5l4SYL3C2ctIp4XInAdynPWkBivd1-sAVBKh22tlDZLPm3nekMapxwyYBoBRvmWNqkl8q6DIFn-fETP2oyd_ntQxPe01DQe1RJfQTyw4cVJ7Ok-Fn9QB77GoFTGixOa_qJefczziN0xdoSwB73eweWDRKX4uK_jQsTIZmCkeMhlXA9G0Y3YyTkEAQIT6eD8hzOOHglL4mPNMYiJ9v2y2b4KvWk6CDyACwf8EZaGV1ijP089oL4RbQ3ceSCqjMZXpUJLV8pOOn_aET0VDxNIzLahqFj3scGkMQm_LOCj6XcZDuLdp2Scdb2PW0TNFc4Fg2TaxL0Gxq_2tS6cRcp-tF8LVLI2e2NsAeaRHlYnDJc2gsXfjzWfHVnlM4LvixK8Y-hivDDjSbpedm5HR8HskFtpzUb6es1AWYd7O47hK8eACdYB2_CfXzXQJnVJSgzQqxIr-sva_wODJk2Uya49QYtM-b9OPV90N6iablCzYJRZ-qhzuDh_iHtOwjU3JgyUidpdPE8N71WgwVj6n01j5ICeTlzKYCZYXkswibfmZ5z5bD0Q9O0zpnAVTopR8icrt-LJzXdUUS_6giIq5MFw1CF83_weerhlpshzWnyfYhEPPpsGhkn4eXojj4avjTkkcT5IkuucImfslNyBGscvi3lQjNApb3zqS_7-f1SiJUjxluz_ybZ_iPnd_zNpUg4Ot2IrecPOwxzx5_ZtIB3vWWqYo-lg05bvym64NYwAd_m-UJTFHWGdlFaTW4l3v19IoI4TKgbt9kg_fgDtPCHMRPBhOKqg4x4rKb6oJzqBMwNmdz5IxjrzpqLb4L3I1J4Lw5glnpQU9u-QEgetZ3sgvZNyqfuqMKmIYyF-XMclNtgUBKpOl22ORbckB1L06YMKm-xVjZfHAakER7NHkI5L3mT4R_Kti1NW_OVBR9EXbYnUOnTHiR6NZsvIX2WHw_BMX964ek3Gseyi5mXoy_f1NfW-DctkOPD122JiZ9pVSAHlPCmI5kXNPEzccBLdOcPJyhRD3v_Pa-m6QOSAewWQrLsS575ydWek5Xe6poIqLfhpUJ7ZnnAN2n3FI1sG0Rw8Mp82jnJMtFUsl_sWK5XGrkNviVWCndPmJsU6BbWWiAoyqFRFyOkWVLyuNXiMC8y9-uvIeIVJbts5ZFSTffjx2BS-8u3fTPPNbj5_DAYHpH8VWTsNGsNTEvZD5AepJGIh6rg4j2cNMHauCMILefXdD1IY2U9UX2d8ZcI5dW0vp4a-GX9qgTuhPkIhtk0S-85W9pf2X3S4HW7q6TcYNymdXK6vALQhE-cygetsrFIf-kpMSGfZVmN13dEbf4Wx3sA-xurZyuc_UEsiRbhA4lN9PxtXojaoDpejd4DiCzYe9rdj2QqJVjxgTKqGRx_kPQZuyc4ox2XaI3Bqr0aDFxWuD6iOptfBXiRi73UyO3JPIeHjGPKnUvV5meGP6aXr9G_zjcGV5dPuzRJspDd3Hu6tWXJQ9U2eHQlrCi8g_LzT1J2W_1mZ0i9xP2AulYowjzbqhg02ww_mq90imw3c_C1MtifO6i73Bo5eK_nY8USH-1FL4UsLRUmIdPlykPQHvUhyRzyVqo8NsKOrEFkBbaDE_MH0UA_ofw5rrDXdHEpBVwIQEefrBFShxnkBgbFTVdmHckhQws_dQSuCZ2EW8bJmCsWKj2GqNK5b8xstzX2H0TcBGkxWlwu36q2hBFxSLviI7Ly27HUwOSrOXftzkvPUcjK2VmhQGKTNo2hcwd55rtdlbvd8_Re4Wl57yKcMXh2m9CtVwqGVT7SO-wPM_yGzGoWd0zqnuUfW7Ml8DNoGzYv-Nn6yF8_G9WiFdiJQQHrkcBGHWnwQfpH6B0KT2EHLBreeNq0Yr5c7G6CrXybag46UlnOnOsbgARc4bH386ZcVbwvieoGY3vObGJ0aa4JHRJZwA4Uud5Lq4s9lqnzvUXNl_o2tgohrhz83kCdjH7AjhAyQYQeozBvAWjy_wXT61kuyQxcPCXRkOequaEpBKpdY670fhjeFs1O9SGUkiA07CN4HEkhNOyXnaO1XvdNRKENQRdGt2-jdpELTcKzLWbZa387n72tErAceQFa0EDnV2sYL0k1IwlKIDjdkPTuCxJdiJlZqBj7wlNqRXNm7TLZfn3WfulFHh0cS-i5aVd5Eem4mJw0jOagE0UcOylrHSBYP8I_MS3hm7-zs0Ueg9K4tynT4ZCysMDq1Bm8SIyTzWiQAz_Nqw54CrgcsdeMdDO1otpj5SrbWZqyWm7z-rLygcl1b8b83z0zaopxlzPXcSr-dpyOUzAd260A9JRdeZXjjXAVParP_hvWjT8ZhSujIdG0YbD0IodZCbh8r9h--uWlwMvPsUelf1BQ_SA6_ZWtdIjvRRECA_E0k_ggYXIhsPuwFapdf0smtiTktUwpT2oaqEAIX5shEuoCPmjxEG2eLEm1dJuKgD45EVz6bBJRNOnlxsDWnTukw1q1S6o&cid=CAASFeRoaTaHB8E6VtXafEgWbwMeTuA1pQ&rfl=1%2Chttps%253A%252F%252Fwww.webmail.co.za%252F%240

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3243eecace016bb9a47ca02cdaf1520d1a5c2b3ecf1fa3628da50bd7915afc07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12966
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F66 42 B
107 B 28ms
26ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AVgh-URFnf1pbioonpDPfocpNRg7TAqsB3pVn0RNAW99Zl40aSogrE_MyUUJb8E0jSYNG9zMByzKqmspBZc2u3Bd0TTBb8IIDRFjjAcMpBsIWkdmI

Requested by

Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 4F66 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js

Requested by

Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Sep 2021 19:00:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F66 124 KB
37 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:56 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286078051219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Fri, 20 Aug 2021 19:00:56 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 4F66 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 18:45:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Sep 2021 18:45:17 GMT

GET
H2

200

ztpv.php Show response
www.conrad.de/ Frame FF6E
Redirect Chain

https://www.awin1.com/cshow.php?s=2470208&v=11354&q=371931&r=473322&pv=1&viewref=38187000132810000383832011692028
https://www.zenaps.com/cshow.php?pvr=f364c231-01e8-11ec-9723-692d00a25ac2&v=11354&r=473322&q=371931&s=2470208&viewref=38187000132810000383832011692028&pv=1
https://www.conrad.de/ztpv.php?awc=11354_473322_1629486056_f364c231-01e8-11ec-9723-692d00a25ac2&insert=AW

0
707 B

73ms
48ms

Document
text/html

2606:4700::6812:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.conrad.de/ztpv.php?awc=11354_473322_1629486056_f364c231-01e8-11ec-9723-692d00a25ac2&insert=AW

Requested by

Host: ad28.ad-srv.net
URL: https://ad28.ad-srv.net/request.php?zone=h7gx4wfffrt8&nw=11&renderingType=javascript&namespace=0d8dde3394&subid=&uid=bca89da030c18566&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fwww.webmail.co.za%2F&ancestorOrigins=https%3A%2F%2Fwww.webmail.co.za&random=5834234434336&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: www.conrad.de
:scheme: https
:path: /ztpv.php?awc=11354_473322_1629486056_f364c231-01e8-11ec-9723-692d00a25ac2&insert=AW
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/

Response headers

date: Fri, 20 Aug 2021 19:00:57 GMT
content-type: text/html; charset=UTF-8
server-timing: intid;desc=544c1c8131f768ab intid;desc=e514f3b372d1bba5
cache-control: no-cache
expires: -1
set-cookie: HTLP_timestamp=1629486057; expires=Wed, 25-Aug-2021 19:00:57 GMT; Max-Age=432000; path=/; secure; SameSite=None CEAffHA=YD; expires=Wed, 25-Aug-2021 19:00:57 GMT; Max-Age=432000; path=/; secure; SameSite=None __cf_bm=69cbbcf1235abd1401b7f37b2aff1df6dcbeb12b-1629486057-1800-AftsbIcqqgwoRYSga+QLCQZ2wb7w4HhNANmP5XwXQxpmTgelt4yDMWpSj4eLOykprOBiEmdFpNxJIP9f9KfgUok=; path=/; expires=Fri, 20-Aug-21 19:30:57 GMT; domain=.www.conrad.de; HttpOnly; Secure; SameSite=None
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
age: 0
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 681dde10a87d4dfa-FRA
content-encoding: br

Redirect headers

Location: https://www.conrad.de/ztpv.php?awc=11354_473322_1629486056_f364c231-01e8-11ec-9723-692d00a25ac2&insert=AW
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Content-Length: 0
Date: Fri, 20 Aug 2021 19:00:57 GMT
Connection: keep-alive
Set-Cookie: awpv11354=473322|1629486056|f364c231-01e8-11ec-9723-692d00a25ac2;domain=.zenaps.com;path=/;expires=Monday, 23-Aug-2021 19:00:56 UTC;Secure;SameSite=None AWSESS=377134:2470208;domain=.zenaps.com;path=/;Secure;SameSite=None
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H2

404

12d89144075752ca3c73c924a3dca46b.html Show response
www.asmc.de/web/ Frame DE83
Redirect Chain

https://www.awin1.com/cshow.php?s=2344163&v=14718&q=357725&r=473322&pv=1&pref1=38187000132810000383832011692028
https://www.asmc.de/web/12d89144075752ca3c73c924a3dca46b.html

196 B
357 B

24ms
6ms

Document
text/html

2a02:cb40:200::202
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.asmc.de/web/12d89144075752ca3c73c924a3dca46b.html
Requested by: Host: ad28.ad-srv.net
URL: https://ad28.ad-srv.net/request.php?zone=h7gx4wfffrt8&nw=11&renderingType=javascript&namespace=0d8dde3394&subid=&uid=bca89da030c18566&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fwww.webmail.co.za%2F&ancestorOrigins=https%3A%2F%2Fwww.webmail.co.za&random=5834234434336&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:cb40:200::202 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
Software: myracloud /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

:method: GET
:authority: www.asmc.de
:scheme: https
:path: /web/12d89144075752ca3c73c924a3dca46b.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/

Response headers

server: myracloud
date: Fri, 20 Aug 2021 19:00:56 GMT
content-type: text/html; charset=iso-8859-1
content-length: 196
expires: Sat, 21 Aug 2021 06:18:16 GMT
cache-control: max-age=86400
etag: "myra-a2cf2bc8"
x-cdn: 1

Redirect headers

Location: https://www.asmc.de/web/12d89144075752ca3c73c924a3dca46b.html
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Content-Length: 0
Date: Fri, 20 Aug 2021 19:00:56 GMT
Connection: keep-alive
Set-Cookie: awpv14718=473322|1629486056|f36a8e90-01e8-11ec-9723-692d00a25ac2;domain=.awin1.com;path=/;expires=Sunday, 22-Aug-2021 19:00:56 UTC;Secure;SameSite=None AWSESS=357725:2344163;domain=.awin1.com;path=/;Secure;SameSite=None
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H/1.1 200
OK request_content.php Show response
ad28.ad-srv.net/ Frame 8C0B 4 KB
2 KB 291ms
14ms Document
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad28.ad-srv.net/request_content.php?s=38187000132810000383832011692028&a=5c14399e
Requested by: Host: ad28.ad-srv.net
URL: https://ad28.ad-srv.net/request.php?zone=h7gx4wfffrt8&nw=11&renderingType=javascript&namespace=0d8dde3394&subid=&uid=bca89da030c18566&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fwww.webmail.co.za%2F&ancestorOrigins=https%3A%2F%2Fwww.webmail.co.za&random=5834234434336&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 4f6cd5db4a1b54ee671148fd21fad7e5ba627a9092975519b1bb17b9033f2eeb

Request headers

Host: ad28.ad-srv.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: pwzdy6wsn8n7_uid=7b491aa45343869b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/

Response headers

Date: Fri, 20 Aug 2021 19:00:57 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 20 Aug 2021 20:00:57 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1483
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame DAA0 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3df216747f864d54a93248adc0ce73b510b43979fcfaef3f90af69481faa2968

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 bulk Show response
trc.taboola.com/webmailza/log/3/ 0
287 B 16ms
16ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/webmailza/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=3
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210819-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 20 Aug 2021 19:00:56 GMT
via: 1.1 varnish
server: nginx
x-timer: S1629486057.933313,VS0,VE9
x-served-by: cache-fra19146-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.webmail.co.za
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 visible Show response
trc.taboola.com/webmailza/log/3/ 0
56 B 20ms
20ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/webmailza/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210819-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 20 Aug 2021 19:00:56 GMT
via: 1.1 varnish
server: nginx
x-timer: S1629486057.939022,VS0,VE9
x-served-by: cache-fra19146-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.webmail.co.za
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
736 B 9ms
9ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 12186
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: mouaSx+zLz+daByqFPTyWftjEEWVx2Ra4QTNy9MPIUClTT4jaqZDUS1ZHFYvQA07FPAY+M6uW30=
x-served-by: cache-fra19146-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1629486057.939038,VS0,VE0
date: Fri, 20 Aug 2021 19:00:56 GMT
x-amz-request-id: 6P8Y14FA9N2SAAH6
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 77
x-cache-hits: 5197

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E418
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDDgml59krZS6sJB1GWZuVo&google_cver=1

43 B
1014 B

16ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDDgml59krZS6sJB1GWZuVo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNXPKKshbDsWzvjpMwqkLAr4YinlBhJ53yZE2CK4jO0xOlz67KqEOLLOIAqVZA7_8RWWDqWVOZmL3HmIZV8SSAjGjD-406_yeYQ8eb4vfNeZKUCP0YFKebLe4d61fSxlRPbXEmQKLhLyMMIDVvNauxHtbDPv8DuAQjJzJSElVT3z7qB_S4g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Aug 2021 19:00:56 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDDgml59krZS6sJB1GWZuVo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E418
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YR-76OV2KLBCuOgfMOXxWAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDDgml59krZS6sJB1GWZuVo&google_cver=1

43 B
1014 B

19ms
19ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDDgml59krZS6sJB1GWZuVo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNXPKKshbDsWzvjpMwqkLAr4YinlBhJ53yZE2CK4jO0xOlz67KqEOLLOIAqVZA7_8RWWDqWVOZmL3HmIZV8SSAjGjD-406_yeYQ8eb4vfNeZKUCP0YFKebLe4d61fSxlRPbXEmQKLhLyMMIDVvNauxHtbDPv8DuAQjJzJSElVT3z7qB_S4g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:57 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Aug 2021 19:00:57 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDDgml59krZS6sJB1GWZuVo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E418
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENgfUbsyRN3CHfShnwSekvE&google_cver=1

43 B
1006 B

8ms
8ms

Image
image/gif

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENgfUbsyRN3CHfShnwSekvE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNXPKKshbDsWzvjpMwqkLAr4YinlBhJ53yZE2CK4jO0xOlz67KqEOLLOIAqVZA7_8RWWDqWVOZmL3HmIZV8SSAjGjD-406_yeYQ8eb4vfNeZKUCP0YFKebLe4d61fSxlRPbXEmQKLhLyMMIDVvNauxHtbDPv8DuAQjJzJSElVT3z7qB_S4g

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:56 GMT
X-Proxy-Origin: 195.181.174.89; 195.181.174.89; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 3f6d1158-01b3-494e-8925-6469c8b5ab39
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENgfUbsyRN3CHfShnwSekvE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E418
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY1MDQ4NjAxMzgwOTcyNzM3Nw%3D%3D

170 B
243 B

23ms
23ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY1MDQ4NjAxMzgwOTcyNzM3Nw%3D%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:56 GMT
X-Proxy-Origin: 195.181.174.89; 195.181.174.89; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 45b38170-08f3-4477-a70d-c661ac108ff1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY1MDQ4NjAxMzgwOTcyNzM3Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 23D2 0
20 B 30ms
29ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BB7Lj6PsfYebADeyC7_UP8b-wqAgAAAAAOAHgBAI&bg=!enmleT3NAAZvV8FTb1c7ACkAdvg8WgCj3blSEqmMicpnZEBrjEtwp3AroDD5sBh5muD0flA0nFwAVQIAAAFiUgAAAB1oAQcKADEOoN_e9BZoDHZyf7Yw9DGjdZHK59ZuNejrvoHT7gs2ukOCBIto0Gp4mfujRd-vtLNRmQLWUnLdpEETW5_gMjSH_Xpy0bgZAyYlkvyUe5ICVkA_QoUCNq21YEE4Uu-DuRm6whyVQmfJNy6vhzoJ4SpImyjgi9B9T6X6ZzUpSi1U5AV2Csr41jtqunUA1b2ndvL4w0DpZtkvyFso0FN-RnyC4-Tv36l0jPo3ikxT2TILKDFQdiPaM4HhbQxpaztkAbywCmAtCs8EM_R9DcdeT5FxETeSA3KtLMb7UV2PnUxJVJcHrZn1zWwOP0ohkkz3jyqAuiT_lVSlF1xjLTgZnMwkyCKk_M_1wfihPLI5iGBbzVV68JtRGGBpD4azQEn7UUBQTWkBv8hKKGfp9M-5ArRC-pHtfTWEQ3vsbmrW8IDo1WRLMojqaoVqWlhEkaFW7dTiK_jRR_S-pAvUxFxi-M3LxYZWRv0z2e4d2mUnfWOrT7WQgPItKHsjAFUyJYiRM8gJsshclsTSXpmG2TYlNby2u9YOWz3nd9ak5rJAugo9sffA7qXRqEM_kOyCKFmJbIWfjfiOD6MXkcKEtM0HK2Hfgz0m9jXR_2h1CjDYiEYmw2gM219OD05fzV9n83wTe9UEYNsYOzB4Ja9OF9TdDAfQI7MTFv27hdtm8Q_0vhxfhTAorpdPvWhfuoeboFDiWu13pGUTL6CtUviVrSVXclWy7XuU5NktvJlfIPYoYRm7nOeS_8ubASUf-V_Brrh3U15bZ5LB1sn2thsLv7gEeO4J0jAJzyT9NdyTHpKKAQQzXuOlF4H7g3NRdAZrwPRyAGZgS0hVx5ZiGLwMNT3zy2UT4BaA1ezMa-nXd2Fj8Pj832R5c6B2oMeQ7CakzHj8hDlGdm1MpYO2AX8Mm6IvIu3GsD1t8HywQU3fpAavmhgI8Kr3O6siZ9fg5o6JXblfDqlqPZXGdNH3rxSEEGvURJR9dkg6oKfl6h6jtmas5V7BbfCTTMetjY-kzz7l1nrIynLfoJh3jUT-2QkQ

Requested by

Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0156 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.webmail.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.webmail.co.za/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 20 Aug 2021 19:00:55 GMT
expires: Sat, 20 Aug 2022 19:00:55 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 0EFD 223 KB
37 KB 9ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7bf67883867f93d08cbf4eeac0485e641cb9e5b123e18bef046b7c706cffd28

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/17626451119355985920/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 17 Aug 2021 08:51:49 GMT
expires: Wed, 17 Aug 2022 08:51:49 GMT
last-modified: Mon, 03 May 2021 14:21:52 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 38330
age: 295748
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0156 0
0 38ms
38ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQAoz6PsfYcScLMuA7gOjvqzgBfPE9Pxj_8r3gfYN29keEAEg_8K0ImCVgoCAmAegAZXP6PEDyAEJqQINTkpcjpazPuACAKgDAcgDAqoEgQJP0CLWp6B4SQEWk4JiSTnENzJOoLELKHhQFxq5vsh2m0uYZkJ5Hkq2Qtlw7Yy7xbO6l2iradxIjvU8yya0MD--ENfoIQFvaOThjsGADxrM8KSrE_KO9sKfS3L50E64OKIEZG2Puy6zbZIJg8HQd-T_sTOdpSN9vz8OHmEsoo_XhMT2Ce64h7IMFi5-CtzoM1G56NAMZwJ8BteaZux-nQbLshoEtG3x44-YYtbcd45iBFsjEalnRW_uk-KLNBjtqBYMgLPl-0jrha9yvcKsxD6r8TTNpmgDj3uDVhIttuXatZU-gTPwMza6U1L0WMZAJ9X6OtW1xV1o3q19pFC2IhexqcAE2qyF2MsD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBl2AB9Owlw6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQiLcF0ggJCIjhgBAQARgdgAoDyAsB2BMNiBQB0BUBmBYBgBcBshceChwIABIUcHViLTIzNzA5NDgwNzg4NTE0MzUYz58f&sigh=kAUPzclSKkE
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B865 143 B
163 B 8ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUkjT16M8hL3WZjT-CKixevqsMrlWsI4KlDIprXySSjBtXUaWyNeJBZ2XgJh; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 20 Aug 2021 18:42:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1079
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 0156 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js

Requested by

Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Sep 2021 19:00:01 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0156 124 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286078051219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Fri, 20 Aug 2021 19:00:57 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 0156 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 18:45:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Sep 2021 18:45:17 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 0156 0
0 14ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdXO1sNRuHTzoDaItyAxPd3LbkYcFPIEvs_Zt72mJLyMppm4TdiwFv6pUObpaozhDmYSYw5TIozLdXETs88vc8aY-G9A
Requested by: Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ Frame 0EFD 2 KB
594 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

379587f0cc0fe0137ff92ac3ee3671dd1f90119e17e269e26a807a9a668642a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 18:34:23 GMT
server: ESF
date: Fri, 20 Aug 2021 19:00:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Aug 2021 19:00:57 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0EFD 16 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 01:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64085
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 21 Aug 2021 01:12:52 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0EFD 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 18:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1784
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 21 Aug 2021 18:31:13 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B865
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUkjT16M8hL3WZjT-CKixevqsMrlWsI4KlDIprXySSjBtXUaWyNeJBZ2XgJh; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 20 Aug 2021 19:00:57 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 20-Aug-2021 20:00:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 20 Aug 2021 19:00:57 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 20 Aug 2021 19:00:57 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ Frame 0EFD 23 KB
23 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:32:51 GMT
x-content-type-options: nosniff
age: 325686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:32:51 GMT

GET
H2 200 N0bU2SZBIuF2PU_0DXR1.woff2
fonts.gstatic.com/s/bungee/v6/ Frame 0EFD 17 KB
17 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bungee/v6/N0bU2SZBIuF2PU_0DXR1.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b00176dbbd9e4c77629b36fae58d076c8c3b55754e7c2dd3a6e4986e7ec9c37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 06:22:00 GMT
x-content-type-options: nosniff
age: 131937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17268
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 03:47:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 06:22:00 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ Frame 0EFD 22 KB
23 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:32:52 GMT
x-content-type-options: nosniff
age: 325685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:32:52 GMT

GET
DATA 200
OK truncated
/ Frame 0156 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a49c77e4a789d033016be86da36a832282033657eef7d55a88c677b2e7f5e1fb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

69250fcfc588cf5d8ffbc24dca91a6f6 Show response
pv.medialead.de/trck/epv/ Frame 8C0B
Redirect Chain

https://pv.medialead.de/trck/epv/69250fcfc588cf5d8ffbc24dca91a6f6&subid=38187000132810000383832011692028&ctrack=https%3A%2F%2Fad28.ad-srv.net%2Fc%2Fc9dlxpbdj3o89f2%3Ftprde%3D
https://pv.medialead.de/trck/epv/69250fcfc588cf5d8ffbc24dca91a6f6?subid=38187000132810000383832011692028&ctrack=https%3A%2F%2Fad28.ad-srv.net%2Fc%2Fc9dlxpbdj3o89f2%3Ftprde%3D

698 B
2 KB

19ms
18ms

Script
application/javascript

145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/69250fcfc588cf5d8ffbc24dca91a6f6?subid=38187000132810000383832011692028&ctrack=https%3A%2F%2Fad28.ad-srv.net%2Fc%2Fc9dlxpbdj3o89f2%3Ftprde%3D

Requested by

Host: ad28.ad-srv.net
URL: https://ad28.ad-srv.net/request_content.php?s=38187000132810000383832011692028&a=5c14399e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.19.7 / PHP/7.2.34

Resource Hash

d3a3dd792926131439a7199edbb72a7196483cf08adc3bf4b6bdba6f2107b420

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload, max-age=15768000

Request headers

Referer: https://ad28.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:00:57 GMT
Server: nginx/1.19.7
X-IPLB-Request-ID: C3B5AE59:3A8C_91EFC182:01BB_611FFBE9_87CACED:12831
X-Powered-By: PHP/7.2.34
X-IPLB-Instance: 40027
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-control: private
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Keep-Alive: timeout=20

Redirect headers

Date: Fri, 20 Aug 2021 19:00:57 GMT
Server: nginx/1.19.7
X-IPLB-Request-ID: C3B5AE59:3A8C_91EFC182:01BB_611FFBE9_87CACE5:12831
X-Powered-By: PHP/7.2.34
X-IPLB-Instance: 40027
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type: text/html; charset=UTF-8
Location: /trck/epv/69250fcfc588cf5d8ffbc24dca91a6f6?subid=38187000132810000383832011692028&ctrack=https%3A%2F%2Fad28.ad-srv.net%2Fc%2Fc9dlxpbdj3o89f2%3Ftprde%3D
Cache-control: private
Transfer-Encoding: chunked
Keep-Alive: timeout=20

GET
H2

200

SOMMERSALE21_234x60
asset.conrad.com/media10/isa/160267/c1/-/de/ Frame 8C0B
Redirect Chain

https://www.awin1.com/cshow.php?s=2470208&v=11354&q=371931&r=473322&pref1=38187000132810000383832011692028
https://www.zenaps.com/cshow.php?pvr=f39436a0-01e8-11ec-9a09-692d00d40ca2&v=11354&r=473322&q=371931&s=2470208&viewref=38187000132810000383832011692028
https://asset.conrad.com/media10/isa/160267/c1/-/de/SOMMERSALE21_234x60?format=gif

28 KB
28 KB

119ms
42ms

Image
image/gif

178.79.242.245
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://asset.conrad.com/media10/isa/160267/c1/-/de/SOMMERSALE21_234x60?format=gif

Requested by

Host: ad28.ad-srv.net
URL: https://ad28.ad-srv.net/request_content.php?s=38187000132810000383832011692028&a=5c14399e

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.79.242.245 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-242-245.fra.llnw.net

Software

Cliplister GmbH /

Resource Hash

50e17a9d9310a166aa40ac31f6c6557168e3a5cc01beda9846656f7b7111e907

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ad28.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:57 GMT
last-modified: Wed, 18 Aug 2021 06:59:24 GMT
server: Cliplister GmbH
age: 43062
etag: "611cafcc-6f2c"
strict-transport-security: max-age=15768000
reporting: eyJjb25zdW1lcmlkIjoxNjAyNjcsIm93bmVyaWQiOjE2MDI2NywidW5pcXVlaWQiOiIxNjAyNjdRaDlhTWhBM0ltODhqQ3NYMDY0Zm9BVCIsInV1aWQiOiJhODM4NmUzM2E3NTQwNGM5MTkwYjIwZDRmNzJiNTEwNjgiLCJhc3NldHR5cGUiOiJwaWN0dXJlIn0=
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=172800
x-server: c20
accept-ranges: bytes
content-length: 28460
x-llid: c05af14cf123141837f57d7841c6d8c7
expires: Sun, 22 Aug 2021 07:03:15 GMT

Redirect headers

Date: Fri, 20 Aug 2021 19:00:57 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://asset.conrad.com/media10/isa/160267/c1/-/de/SOMMERSALE21_234x60?format=gif
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ani_234x60.gif
cdn.contentspread.net/onuni/ASMC/DE/animiert/ Frame 8C0B
Redirect Chain

https://www.awin1.com/cshow.php?s=2344163&v=14718&q=357725&r=473322&pref1=38187000132810000383832011692028
https://cdn.contentspread.net/onuni/ASMC/DE/animiert/ani_234x60.gif

63 KB
64 KB

1055ms
13ms

Image
image/gif

145.239.2.103
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/onuni/ASMC/DE/animiert/ani_234x60.gif
Requested by: Host: ad28.ad-srv.net
URL: https://ad28.ad-srv.net/request_content.php?s=38187000132810000383832011692028&a=5c14399e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.2.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3082036.ip-145-239-2.eu
Software: nginx /
Resource Hash: 13eb607b742e1aee4db2aa603b68a8887adb97733f4ba52ac85c4c00f0f1bdf1

Request headers

Referer: https://ad28.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:00:58 GMT
Last-Modified: Fri, 09 Oct 2020 09:05:53 GMT
Server: nginx
ETag: "5f8027f1-fd66"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 64870

Redirect headers

Date: Fri, 20 Aug 2021 19:00:57 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://cdn.contentspread.net/onuni/ASMC/DE/animiert/ani_234x60.gif
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK viewability Show response
ad28.ad-srv.net/ Frame 8C0B 0
150 B 35ms
12ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad28.ad-srv.net/viewability?s=38187000132810000383832011692028&a=87fe2bc7&vb=m
Requested by: Host: ad28.ad-srv.net
URL: https://ad28.ad-srv.net/request_content.php?s=38187000132810000383832011692028&a=5c14399e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad28.ad-srv.net/request_content.php?s=38187000132810000383832011692028&a=5c14399e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:00:57 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK 3halfsize_ContentAD_bg.gif
cdn.contentspread.net/kupona/creatives/ Frame 8C0B 25 KB
25 KB 1047ms
12ms Image
image/gif 145.239.2.103
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/kupona/creatives/3halfsize_ContentAD_bg.gif
Requested by: Host: ad28.ad-srv.net
URL: https://ad28.ad-srv.net/request_content.php?s=38187000132810000383832011692028&a=5c14399e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.2.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3082036.ip-145-239-2.eu
Software: nginx /
Resource Hash: 55eb3eb01377061935108c9c4b1ca14e3e45a2745e82386599555e5f165822d7

Request headers

Referer: https://ad28.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:00:58 GMT
Last-Modified: Fri, 15 Apr 2011 14:08:07 GMT
Server: nginx
ETag: "4da85147-63d5"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 25557

GET
H2 200 null-leasing-logo-final_white_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 0EFD 2 KB
3 KB 8ms
6ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/null-leasing-logo-final_white_1.png

Requested by

Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cdccf1ab4b4215586295612a4a2ef96fa490250fa96dbccc565f659cab86ab

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 344036
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1738
x-xss-protection: 0
last-modified: Mon, 03 May 2021 14:21:52 GMT
server: sffe
date: Mon, 16 Aug 2021 19:27:01 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 19:27:01 GMT

GET
H2 200 autos_licht_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 0EFD 6 KB
6 KB 8ms
7ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/autos_licht_1.png

Requested by

Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a87352099e9b3946d71f4f73c69f9217ef99278088a177d5eef09df78c11e4ae

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 322437
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5867
x-xss-protection: 0
last-modified: Mon, 03 May 2021 14:21:52 GMT
server: sffe
date: Tue, 17 Aug 2021 01:27:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 01:27:00 GMT

GET
H2 200 autos.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 0EFD 48 KB
48 KB 10ms
9ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/autos.png

Requested by

Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c45bfa2dc80f54eb8564aa778a0929a00811168617ee6340cc59f0af48e5cca

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 312912
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49113
x-xss-protection: 0
last-modified: Mon, 03 May 2021 14:21:52 GMT
server: sffe
date: Tue, 17 Aug 2021 04:05:45 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 04:05:45 GMT

GET
H2 200 hintergrund_plain.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 0EFD 30 KB
30 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/hintergrund_plain.jpg

Requested by

Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

969231fe165a93933d6908d45bfa09c364b66de37160efea47d87d18d7d37bd8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 313798
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30604
x-xss-protection: 0
last-modified: Mon, 03 May 2021 14:21:52 GMT
server: sffe
date: Tue, 17 Aug 2021 03:50:59 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 03:50:59 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012108100143000/ Frame 984A 188 KB
54 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80552188ade64dd7f4ffd7b9dc82b63a67cd59265cde1fb838d7a0d4f0cc56e9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 281718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55213
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2f5786613d323c5a"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 984A 13 KB
5 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce2d9e56822ca13d0bc323ca0d7a4a6205b58a7006eea4ca3256f77da7a6a0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 281718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4877
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0140540fbe581c13"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 984A 89 KB
28 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f5433df727188d43a64cda6f7060bc5117045b2cbcd1492a00183caff5f1ec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 281718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28511
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "07ab47082d8b4bd2"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 984A 4 KB
2 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

607fe49372f521f5a6c6c7fcde31ebb07f017c1efea75cbbf167612641e006e7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 281718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1660
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "758b6350805b356b"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 984A 40 KB
13 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9dd189ef52ea74a10651864dd73d21639d99289fb8ca5be69df4aa29c81afc4d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 281718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12835
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e9aa942d03505fee"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 984A 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
age: 56499
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 21 Aug 2021 03:19:18 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 984A 295 B
323 B 7ms
6ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
age: 21196
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 21 Aug 2021 13:07:41 GMT

GET
H3-29 200 3732940970916097177
tpc.googlesyndication.com/daca_images/simgad/ Frame 984A 110 KB
110 KB 13ms
12ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3732940970916097177

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e5793f2e9d5f80929b4633f3d3b7bb93174743c7ac62f1b40a899e4c1816be1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 14:01:04 GMT
x-content-type-options: nosniff
age: 363593
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112947
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 12:19:15 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 14:01:04 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 984A 0
0 39ms
39ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYutN6fsfYeaXDfPe7gPUgYrADNqIp9Fk3_3foO8O29keEAEg_8K0ImCVgoCAmAegAZaBn9UByAECqQIy3OrUUDuBPuACAKgDAcgDCKoE_QFP0CuRYVeT9HB6NWtnavvSI7f3mCgZRRrRP8mdjhpgPEB3Q0l1qphmw4RfMuAjteFcmn9TdC860MQgznZGn29R4DGZ-NjJ9obg07adyoz33Iy2sABRsBq2T2ZQvAqAMgaKq1ib0WL_z_UByvQ5ED7DcnVm6C32h6qfb4mU9stltQznGMsU104LMNyEnnqa2aQrVVmnx7vSyRmB29DKZZO3JBTsa45TO9T3GyqNLJyYa6azdfjFRkSrPaRNgQIjd9lUiHhQPJo0vxe9F0LVGwTxrnHdiRRiDyWPsEtCBL_nyXn8FNVGzGlRWFQPWzj97q5Sus0L6HJ0p1IRyrsSwATc1rCh1APgBAGSBQQIBBgBkgUECAUYBKAGAoAH6M68qwKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQuaky0ggJCIjhgBAQARgdgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTIzNzA5NDgwNzg4NTE0MzUYz58f&sigh=rbRiTQV5DW8&uach_m=[UACH]
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 984A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9123db5c48778937f18e95513cca2eead9a98287052a50c17057761fedb14833

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 984A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Fri, 20 Aug 2021 19:00:57 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 view.aspx Show response
pb.media01.eu/ Frame F812 0
628 B 114ms
81ms Document
text/html 88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=50099&dt_subid2=38187000132810000383832011692028&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: pv.medialead.de
URL: https://pv.medialead.de/trck/epv/69250fcfc588cf5d8ffbc24dca91a6f6&subid=38187000132810000383832011692028&ctrack=https%3A%2F%2Fad28.ad-srv.net%2Fc%2Fc9dlxpbdj3o89f2%3Ftprde%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Bad Schwalbach, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: pb.media01.eu
:scheme: https
:path: /view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=50099&dt_subid2=38187000132810000383832011692028&actionid=879111&produktid=ratenkredit&dt_url=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad28.ad-srv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad28.ad-srv.net/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 20 Aug 2021 09:00:57 GMT
server: Microsoft-IIS/10.0
set-cookie: ASP.NET_SessionId=hvtjtd0lf0bji2rpeiumjo4e; path=/; secure; HttpOnly; SameSite=None DTU=15080E8D82B51B720F487CBFAB1DAEFA; expires=Sun, 20-Aug-2023 19:00:57 GMT; path=/; SameSite=None; secure; HttpOnly; SameSite=None
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Fri, 20 Aug 2021 19:00:56 GMT
content-length: 0

GET
H/1.1 200
OK pb_ratenkredit_234x60.gif
ad-server.eu/wm/pb/rate/aktion/ Frame 8C0B 12 KB
12 KB 150ms
29ms Image
image/gif 54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_234x60.gif
Requested by: Host: ad28.ad-srv.net
URL: https://ad28.ad-srv.net/request_content.php?s=38187000132810000383832011692028&a=5c14399e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: a8128a12543e5c8871a4c26ed1aec5db7c0621f30fea1d478d179c501f42daf1

Request headers

Referer: https://ad28.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:03:53 GMT
Last-Modified: Mon, 19 Jul 2021 10:41:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "60f556f7-2ff7"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12279

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame 4F66 24 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AQU2N-RDhkIuuyrj2j5V6vrgjY7L_sIZgboI3u7GEVety0Z1H6zBdoGxj-fpt0TCpofS92KGEEinaAsRxZwxXag-VQahONl3sqeiIkwDSJA-osFFLJUHaoGbaTnBu7qWDNK0u1ByEBd3_fcs8LCVaNZ7W8gw&cry=1&dbm_d=AKAmf-AQs3LGcoPZLaJIKXtZ3tEzR6qaBwKMzV2kKQ285XaEONKz2m3VmPlw-_hS82A4zbXndNTfEZ0bC05ddI5AB7Z-QpFs0VQFOjSqB6sfEw2TGypEI-RlqEst5R4Gl00XG0LTw-3-bnyMr4iV50lZz_oBDg4H5vup9HwmXc2i-f94iDmtXk2uvreTQYnLTXPSW8vZ3E8yGCxsoTWwTgPCvNDEczkiI3aTrksj68piN2H38eiosjhN4mjnwop36v-k4LO644ojlopYDZzfhPW87POS3XELNVNK8Ev0L6JrKZ8mhMz1JAHZaV7PugXoElNBoCkIPCejdn-DVRjDP68UOmQSqttrAj5wnGhakrRXLE5pZQB07f6cuveburYTC3-mKWrbHPCbzgeKZuaDVSVTkh54pfALIa623BnXxkjO9eN9WALOVBdm6SnUFm5lF_ikv_QkvB0HU1qVNfW5vE-6tW-Dsk4XIHRO70djKGiD8qwlMqKHxXjm92cMGF8p7z6qbO-IuCKYKcbjOtFQCzB7WNapXZVmnLCZIRbmEdCFHb4xq3BcGrQ4uHfM5AWW33GjKnZWefaxT_6UcTQo91Bq67h-mJtRwbW1w4TRGYUBrJu313f3s8zp2gi5mvApQdE2Boh7_o0kKOEB0NZLgER8FaGpjxtqaEAg9nWjGJKAdaW1dio_2UZPCpn1Xm6BZxel9viA3NSI43a5l4SYL3C2ctIp4XInAdynPWkBivd1-sAVBKh22tlDZLPm3nekMapxwyYBoBRvmWNqkl8q6DIFn-fETP2oyd_ntQxPe01DQe1RJfQTyw4cVJ7Ok-Fn9QB77GoFTGixOa_qJefczziN0xdoSwB73eweWDRKX4uK_jQsTIZmCkeMhlXA9G0Y3YyTkEAQIT6eD8hzOOHglL4mPNMYiJ9v2y2b4KvWk6CDyACwf8EZaGV1ijP089oL4RbQ3ceSCqjMZXpUJLV8pOOn_aET0VDxNIzLahqFj3scGkMQm_LOCj6XcZDuLdp2Scdb2PW0TNFc4Fg2TaxL0Gxq_2tS6cRcp-tF8LVLI2e2NsAeaRHlYnDJc2gsXfjzWfHVnlM4LvixK8Y-hivDDjSbpedm5HR8HskFtpzUb6es1AWYd7O47hK8eACdYB2_CfXzXQJnVJSgzQqxIr-sva_wODJk2Uya49QYtM-b9OPV90N6iablCzYJRZ-qhzuDh_iHtOwjU3JgyUidpdPE8N71WgwVj6n01j5ICeTlzKYCZYXkswibfmZ5z5bD0Q9O0zpnAVTopR8icrt-LJzXdUUS_6giIq5MFw1CF83_weerhlpshzWnyfYhEPPpsGhkn4eXojj4avjTkkcT5IkuucImfslNyBGscvi3lQjNApb3zqS_7-f1SiJUjxluz_ybZ_iPnd_zNpUg4Ot2IrecPOwxzx5_ZtIB3vWWqYo-lg05bvym64NYwAd_m-UJTFHWGdlFaTW4l3v19IoI4TKgbt9kg_fgDtPCHMRPBhOKqg4x4rKb6oJzqBMwNmdz5IxjrzpqLb4L3I1J4Lw5glnpQU9u-QEgetZ3sgvZNyqfuqMKmIYyF-XMclNtgUBKpOl22ORbckB1L06YMKm-xVjZfHAakER7NHkI5L3mT4R_Kti1NW_OVBR9EXbYnUOnTHiR6NZsvIX2WHw_BMX964ek3Gseyi5mXoy_f1NfW-DctkOPD122JiZ9pVSAHlPCmI5kXNPEzccBLdOcPJyhRD3v_Pa-m6QOSAewWQrLsS575ydWek5Xe6poIqLfhpUJ7ZnnAN2n3FI1sG0Rw8Mp82jnJMtFUsl_sWK5XGrkNviVWCndPmJsU6BbWWiAoyqFRFyOkWVLyuNXiMC8y9-uvIeIVJbts5ZFSTffjx2BS-8u3fTPPNbj5_DAYHpH8VWTsNGsNTEvZD5AepJGIh6rg4j2cNMHauCMILefXdD1IY2U9UX2d8ZcI5dW0vp4a-GX9qgTuhPkIhtk0S-85W9pf2X3S4HW7q6TcYNymdXK6vALQhE-cygetsrFIf-kpMSGfZVmN13dEbf4Wx3sA-xurZyuc_UEsiRbhA4lN9PxtXojaoDpejd4DiCzYe9rdj2QqJVjxgTKqGRx_kPQZuyc4ox2XaI3Bqr0aDFxWuD6iOptfBXiRi73UyO3JPIeHjGPKnUvV5meGP6aXr9G_zjcGV5dPuzRJspDd3Hu6tWXJQ9U2eHQlrCi8g_LzT1J2W_1mZ0i9xP2AulYowjzbqhg02ww_mq90imw3c_C1MtifO6i73Bo5eK_nY8USH-1FL4UsLRUmIdPlykPQHvUhyRzyVqo8NsKOrEFkBbaDE_MH0UA_ofw5rrDXdHEpBVwIQEefrBFShxnkBgbFTVdmHckhQws_dQSuCZ2EW8bJmCsWKj2GqNK5b8xstzX2H0TcBGkxWlwu36q2hBFxSLviI7Ly27HUwOSrOXftzkvPUcjK2VmhQGKTNo2hcwd55rtdlbvd8_Re4Wl57yKcMXh2m9CtVwqGVT7SO-wPM_yGzGoWd0zqnuUfW7Ml8DNoGzYv-Nn6yF8_G9WiFdiJQQHrkcBGHWnwQfpH6B0KT2EHLBreeNq0Yr5c7G6CrXybag46UlnOnOsbgARc4bH386ZcVbwvieoGY3vObGJ0aa4JHRJZwA4Uud5Lq4s9lqnzvUXNl_o2tgohrhz83kCdjH7AjhAyQYQeozBvAWjy_wXT61kuyQxcPCXRkOequaEpBKpdY670fhjeFs1O9SGUkiA07CN4HEkhNOyXnaO1XvdNRKENQRdGt2-jdpELTcKzLWbZa387n72tErAceQFa0EDnV2sYL0k1IwlKIDjdkPTuCxJdiJlZqBj7wlNqRXNm7TLZfn3WfulFHh0cS-i5aVd5Eem4mJw0jOagE0UcOylrHSBYP8I_MS3hm7-zs0Ueg9K4tynT4ZCysMDq1Bm8SIyTzWiQAz_Nqw54CrgcsdeMdDO1otpj5SrbWZqyWm7z-rLygcl1b8b83z0zaopxlzPXcSr-dpyOUzAd260A9JRdeZXjjXAVParP_hvWjT8ZhSujIdG0YbD0IodZCbh8r9h--uWlwMvPsUelf1BQ_SA6_ZWtdIjvRRECA_E0k_ggYXIhsPuwFapdf0smtiTktUwpT2oaqEAIX5shEuoCPmjxEG2eLEm1dJuKgD45EVz6bBJRNOnlxsDWnTukw1q1S6o&cid=CAASFeRoaTaHB8E6VtXafEgWbwMeTuA1pQ&rfl=1%2Chttps%253A%252F%252Fwww.webmail.co.za%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 18:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9341
x-xss-protection: 0
server: cafe
etag: 177112232901409761
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Sep 2021 18:57:00 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4F66 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 11:32:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113304
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 11:32:33 GMT

GET
H/1.1 200
OK npoee1nv94vs Show response
hal9000.redintelligence.net/zone/ Frame 4F66 11 KB
4 KB 49ms
13ms Script
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/npoee1nv94vs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYLPo6PsfYeSuIIr2-gadsI_ACbXN-YNXzN65q-UM8C4QASD_wrQiYJWCgICYB8gBCakCa8t8_Eqisz6oAwGqBO8BT9B6JdCHOYtZeZp9-ezrZR2Hi-bnyZCuve-oV79UOlj6nqh4QaajLFcx6I4I4867VG1gyoyqM8VrUoJ5ThkG1wHE3qh9dFSapOQY_Y9rHfgChb7lSUKnvY_OnwfOhlwvpIXEFEfBewC4ArD_C_OhK_BwE8_jNzhE_Gno6xM0xreNtoiZiNSY2PQ3oLSBQXN7UiY3953x5XvxaTnZ_9S9eAad69f-j2ur2eT-IlkK4qhIxIUOh6wrUAVFaa7jM01bnXPEVGM1f_HmdB8FqLMdrzhWUSdUsDGj06OHe_qDs6hK61RhQFak2fDwkMD2NFXABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoaTaHB8E6VtXafEgWbwMeTuA1pQ%26sig%3DAOD64_0tqTFYzTXNFuStwTK1zqvBbUdp3Q%26client%3Dca-pub-2370948078851435%26dbm_c%3DAKAmf-B7WJ3v3AECigQbuwZ5if1_jtV4mGasqxZ5WK8Q5lQb3Z3ijVKuWSLMTQkIAI2FsXQljofhd1d-LA_kGQBGdrbUz8d2TkY1L6gvS3p5RbTr8ydaXZ_qbCog8UY-XeuQN6yaSXDlhspFDYY8dHw8b7xfH1RUsg%26cry%3D1%26dbm_d%3DAKAmf-AVpp1jwiiXx2VClnCYnIaQvuVK6Lti2H_AGNI0zaKQreS_TuvopOPZHxXX8fGe2UAupnuzQ_oUqnZHspfqEU2f4D9VUYNOhIUWeqBOMm3ABTPj8CyMXPVKAr3ZNZ7BAOBjH1kzcuwbGsk6HkKzpyKR0NaY1zimhLP77AVK_p5WPufNRjzs4hSbKjFMm23mPBLVAYYcfCeJ1jqJsSC4VNIzM9JQ94D6psBylGaCSFKbLb4waihLd_ZxOh1vbQEluAYPlvWCJbN8Bcu6bdV-WcGJwdIEf6ePiHCIS_2Y5mypMkYa5G0cF9FGdqERU0w3TrILSbJVSCl27KylqyY668EfqVnQP9_jENX2mATGd_W5e66TVIWKm8Ple6o9XYuOmlCynW-l0ZmsmEEW1F0Bqcx75-oKXWwzUHd6g71-Mdl8kShF50_OO_YvksHC77Lid3H57hOR%26adurl%3D
Requested by: Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: a63a29481ee8241be6a48255235d18af10510b1b713858d4bacec40fb4e23505

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:00:57 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3912
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 537C 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 19 Aug 2021 11:32:34 GMT
expires: Fri, 19 Aug 2022 11:32:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 113303
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 graphql
analytics.adxbid.me/ Frame 0
0 3510ms
3482ms Preflight 2606:4700:3036::ac43:9b70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.adxbid.me/graphql
Protocol: H2
Server: 2606:4700:3036::ac43:9b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.webmail.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 20 Aug 2021 19:01:01 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET, POST
access-control-allow-headers: Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
access-control-expose-headers: X-GraphQL-Event-Stream
x-graphql-event-stream: /graphql/stream
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9kfWfINMamqbzO5m5U0xPzSysXDZXo%2BiCl09KrLAS%2Fo4TuyEwkhRmud9s6TuYxul%2Bqbwyki3PWaSut5%2F4b%2Fo0AHwoQIMO8BuYhkeQWdbdH4kbXhy6%2FPzn6zsVN9PT5JpWXRVBM91KmC%2FiZ8o2k4ggs3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 681dde149cff0621-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012108100143000/ Frame EC86 188 KB
54 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80552188ade64dd7f4ffd7b9dc82b63a67cd59265cde1fb838d7a0d4f0cc56e9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 281718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55213
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2f5786613d323c5a"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame EC86 13 KB
5 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce2d9e56822ca13d0bc323ca0d7a4a6205b58a7006eea4ca3256f77da7a6a0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 281718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4877
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0140540fbe581c13"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame EC86 89 KB
28 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f5433df727188d43a64cda6f7060bc5117045b2cbcd1492a00183caff5f1ec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 281718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28511
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "07ab47082d8b4bd2"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame EC86 4 KB
2 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

607fe49372f521f5a6c6c7fcde31ebb07f017c1efea75cbbf167612641e006e7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 281718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1660
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "758b6350805b356b"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame EC86 40 KB
13 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9dd189ef52ea74a10651864dd73d21639d99289fb8ca5be69df4aa29c81afc4d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 281718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12835
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e9aa942d03505fee"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EC86 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
age: 56499
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 21 Aug 2021 03:19:18 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EC86 295 B
323 B 9ms
8ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
age: 21196
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 21 Aug 2021 13:07:41 GMT

GET
DATA 200
OK truncated
/ Frame EC86 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c692adedf52dfebfc9322fb29a927981ed8f898d5abe973b7b1735837bda6bb

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 11574151330850962259
tpc.googlesyndication.com/simgad/ Frame EC86 35 KB
35 KB 12ms
12ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11574151330850962259?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnmgxNT5lAz6C1EJT3v0i9BYMPXpw

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

543c6a7a7a7f6703901337e93a45487781689a53efb697386dfbfd24786d160e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 03:02:12 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Dec 2020 06:00:14 GMT
server: sffe
age: 403125
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36015
x-xss-protection: 0
expires: Tue, 16 Aug 2022 03:02:12 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame EC86 0
0 16ms
16ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSYckEXcDxPja0nbkQH_x1-8HNc_jXQTLzCykHFD_rnuJCYWt7Z1ypWAjZu0I954e_UX2X4prU_LmJTgMld2XR_y0eSMw
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EC86 0
0 39ms
38ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CXSto6fsfYca7GtLlgAfn352YCJWK5LNkwYzOs_wMsJAfEAEg_8K0ImCVgoCAmAegAaXjhdkDyAEC4AIAqAMByAMIqgSJAk_QSTU9E39RoWKsZB45mRzRjU3nsWtET0RwEp_WzDG6bT4JVJIKxc_A0nvHq04UJBwT2iR2wpzTroUBA8Zm40j0s76xX-cQQqHq8cFFE3fgVOAz43Vn4JUzQ4sl88MRW3voliDWInvUkepCvkKk-TNMZtHSg_lAJdrQPCxOIXxRQjp4NYqecunPjZ9MtY6yfnCysOP0SjgBMUksx7saU4bwmMja22-Rp0mh2nbRQnpHZlso4H6TIbgMFTg4C2yis1OZyvsefkWMMkV7CGNjyCG3hNqZaUHDotfmz_xkWf6ybk-8JonybMRLzzOlVY3pOkAGWOACrbFrtgXwAWgBzLud2VHWqkORY4HABOKGqKbAAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeCla9-qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEKOFEdIICQiI4YAQEAEYHYAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi0yMzcwOTQ4MDc4ODUxNDM1GM-fHw&sigh=7ZfDbMV61UU
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST graphql
analytics.adxbid.me/ 0
0

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame EC86
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

16ms
15ms

Image
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Fri, 20 Aug 2021 19:00:57 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal90005.redintelligence.net/ Frame 4F66
Redirect Chain

https://hal90005.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=ba6b11b46f&subid=&uid=05ed6050b9cc5a9c&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90005.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=ba6b11b46f&subid=&uid=05ed6050b9cc5a9c&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

3 KB
2 KB

620ms
96ms

Script
application/x-javascript

138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=ba6b11b46f&subid=&uid=05ed6050b9cc5a9c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYLPo6PsfYeSuIIr2-gadsI_ACbXN-YNXzN65q-UM8C4QASD_wrQiYJWCgICYB8gBCakCa8t8_Eqisz6oAwGqBO8BT9B6JdCHOYtZeZp9-ezrZR2Hi-bnyZCuve-oV79UOlj6nqh4QaajLFcx6I4I4867VG1gyoyqM8VrUoJ5ThkG1wHE3qh9dFSapOQY_Y9rHfgChb7lSUKnvY_OnwfOhlwvpIXEFEfBewC4ArD_C_OhK_BwE8_jNzhE_Gno6xM0xreNtoiZiNSY2PQ3oLSBQXN7UiY3953x5XvxaTnZ_9S9eAad69f-j2ur2eT-IlkK4qhIxIUOh6wrUAVFaa7jM01bnXPEVGM1f_HmdB8FqLMdrzhWUSdUsDGj06OHe_qDs6hK61RhQFak2fDwkMD2NFXABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoaTaHB8E6VtXafEgWbwMeTuA1pQ%26sig%3DAOD64_0tqTFYzTXNFuStwTK1zqvBbUdp3Q%26client%3Dca-pub-2370948078851435%26dbm_c%3DAKAmf-B7WJ3v3AECigQbuwZ5if1_jtV4mGasqxZ5WK8Q5lQb3Z3ijVKuWSLMTQkIAI2FsXQljofhd1d-LA_kGQBGdrbUz8d2TkY1L6gvS3p5RbTr8ydaXZ_qbCog8UY-XeuQN6yaSXDlhspFDYY8dHw8b7xfH1RUsg%26cry%3D1%26dbm_d%3DAKAmf-AVpp1jwiiXx2VClnCYnIaQvuVK6Lti2H_AGNI0zaKQreS_TuvopOPZHxXX8fGe2UAupnuzQ_oUqnZHspfqEU2f4D9VUYNOhIUWeqBOMm3ABTPj8CyMXPVKAr3ZNZ7BAOBjH1kzcuwbGsk6HkKzpyKR0NaY1zimhLP77AVK_p5WPufNRjzs4hSbKjFMm23mPBLVAYYcfCeJ1jqJsSC4VNIzM9JQ94D6psBylGaCSFKbLb4waihLd_ZxOh1vbQEluAYPlvWCJbN8Bcu6bdV-WcGJwdIEf6ePiHCIS_2Y5mypMkYa5G0cF9FGdqERU0w3TrILSbJVSCl27KylqyY668EfqVnQP9_jENX2mATGd_W5e66TVIWKm8Ple6o9XYuOmlCynW-l0ZmsmEEW1F0Bqcx75-oKXWwzUHd6g71-Mdl8kShF50_OO_YvksHC77Lid3H57hOR%26adurl%3D&documentReferer=https%3A%2F%2Fwww.webmail.co.za%2F&ancestorOrigins=https%3A%2F%2Fwww.webmail.co.za&random=8551438510214&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 9e4190277624abe62a79ed1a6361094c53e9b80dcb42608d0d576d4c0d872cfd

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 79416800156334100710616011692005
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1095
Expires: Fri, 20 Aug 2021 20:00:58 +0200

Redirect headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:57 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=ba6b11b46f&subid=&uid=05ed6050b9cc5a9c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYLPo6PsfYeSuIIr2-gadsI_ACbXN-YNXzN65q-UM8C4QASD_wrQiYJWCgICYB8gBCakCa8t8_Eqisz6oAwGqBO8BT9B6JdCHOYtZeZp9-ezrZR2Hi-bnyZCuve-oV79UOlj6nqh4QaajLFcx6I4I4867VG1gyoyqM8VrUoJ5ThkG1wHE3qh9dFSapOQY_Y9rHfgChb7lSUKnvY_OnwfOhlwvpIXEFEfBewC4ArD_C_OhK_BwE8_jNzhE_Gno6xM0xreNtoiZiNSY2PQ3oLSBQXN7UiY3953x5XvxaTnZ_9S9eAad69f-j2ur2eT-IlkK4qhIxIUOh6wrUAVFaa7jM01bnXPEVGM1f_HmdB8FqLMdrzhWUSdUsDGj06OHe_qDs6hK61RhQFak2fDwkMD2NFXABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoaTaHB8E6VtXafEgWbwMeTuA1pQ%26sig%3DAOD64_0tqTFYzTXNFuStwTK1zqvBbUdp3Q%26client%3Dca-pub-2370948078851435%26dbm_c%3DAKAmf-B7WJ3v3AECigQbuwZ5if1_jtV4mGasqxZ5WK8Q5lQb3Z3ijVKuWSLMTQkIAI2FsXQljofhd1d-LA_kGQBGdrbUz8d2TkY1L6gvS3p5RbTr8ydaXZ_qbCog8UY-XeuQN6yaSXDlhspFDYY8dHw8b7xfH1RUsg%26cry%3D1%26dbm_d%3DAKAmf-AVpp1jwiiXx2VClnCYnIaQvuVK6Lti2H_AGNI0zaKQreS_TuvopOPZHxXX8fGe2UAupnuzQ_oUqnZHspfqEU2f4D9VUYNOhIUWeqBOMm3ABTPj8CyMXPVKAr3ZNZ7BAOBjH1kzcuwbGsk6HkKzpyKR0NaY1zimhLP77AVK_p5WPufNRjzs4hSbKjFMm23mPBLVAYYcfCeJ1jqJsSC4VNIzM9JQ94D6psBylGaCSFKbLb4waihLd_ZxOh1vbQEluAYPlvWCJbN8Bcu6bdV-WcGJwdIEf6ePiHCIS_2Y5mypMkYa5G0cF9FGdqERU0w3TrILSbJVSCl27KylqyY668EfqVnQP9_jENX2mATGd_W5e66TVIWKm8Ple6o9XYuOmlCynW-l0ZmsmEEW1F0Bqcx75-oKXWwzUHd6g71-Mdl8kShF50_OO_YvksHC77Lid3H57hOR%26adurl%3D&documentReferer=https%3A%2F%2Fwww.webmail.co.za%2F&ancestorOrigins=https%3A%2F%2Fwww.webmail.co.za&random=8551438510214&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Fri, 20 Aug 2021 20:00:57 +0200

GET
H3-29 200 Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js Show response
pagead2.googlesyndication.com/bg/ Frame 537C 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 16:26:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13491
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Aug 2022 16:26:46 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4EB9 42 B
64 B 30ms
29ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst48AWsPu3YTxUPhXaPqktDEw_1VysNUFENvV-Zqar9tjaK_d_gRWtKxcErtsxPf-J7ROJTRugDP2VzwRLmSnM29rlK-44GgQKTRWiaB1JwYzGEP_DTUJiawzXBjA&sai=AMfl-YSdgKHHNMntSYDlgSRlURJJ0qhh64a4ijkrq0ujMPJ70TA9pX4n09c-HnMOgdeQeEt_g2i-eGdFl5H6qejnahmDLBJ_-ukmaXEY-KwnZFON6ngalT0r6CH8aq8h712w&sig=Cg0ArKJSzF55CDZJu-wYEAE&id=ampim&o=990,685&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1010&mtos=0,0,1010,1010,1010&tos=0,0,1010,0,0&tfs=241&tls=1251&g=75.59999823570251&h=100&tt=1252&r=v&avms=ampa&adk=2776155189

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 7ms
7ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210819-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 1608
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by: cache-fra19146-FRA
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1629486058.859183,VS0,VE0
date: Fri, 20 Aug 2021 19:00:57 GMT
vary: Accept-Encoding
x-amz-request-id: X0T5G34XC8D2QGE8
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 77
x-cache-hits: 7866

GET
H2 200 / Show response
pips.taboola.com/ 4 B
124 B 8ms
7ms XHR
text/plain 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:57 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19141-FRA
access-control-allow-methods: GET
access-control-allow-origin: https://www.webmail.co.za
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 537C 0
58 B 29ms
29ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuRSg6fsfYZBTnq7eA-H7vvAIAAAAADgB4AQC&bg=!ysmlyY3NAAZvV8FTb1c7ACkAdvg8WvBLIFDvlhG8RbyGBbiaEyfptrY9D4zhfl6U8nvceNG1UwrvDgIAAABwUgAAAApoAQeZAs8sB8Ov7mhzdW29T0bgMIsETMjC3K4N5pKiHowtxCH29a90hngcE0nHBo3IDburCbeaPEUoSj9AxHxf7J7N6B_pEdEIMg-PL8fxSFASD9T7TS94prrT98bj-4gf4YAt4CQPfKVdJhngh4D_X8i1OMfCBQiDk1DJb0o3cAy2Hl7hbo30W0eMym4oJGE_uzWydC1Zat7TA3oDOnGynQv8OkPY2jaSLhW0KdJsXwpU88b_5UQ6yJQEpgqRwOloj-CBydDRVTscbsCNH3uaTy9toasY_TJxsL2hG4FqnIT61FbE2elUgLQMyS5vcNHvvBqTEUvpQrjh019nklwQNTD1LW6SX70sCifcB7yubzms7XezaS029zN3TkucGCfeFfG4spF6IHWzdSF-3rcZQMy3neHQByWdRks6529PbRZglZl4y0bC3eEDwQruZzgyhBtl6-mx08BLUYr9hAymEdFJlTiOnxrtYlk4lQOfna-Yvx7LLfHOQefBGxQHKEGrqzrID3LETntIPcO-VJ8GvTJ3kOB5rYR7efpueVeLr_rhYeSwIrkNNnEmQhcXKpNbyV4TClb-lU7L1uVyDOL126hB78mrdWLIbiwj-KbcHH9xau4b3cqZSXynH67t6HlI-mXSg5X8S3kdpCh03cr7OEWDYk9c4rndom5SYoxCr9jRMUytRNnaHd1mOt0b8YGvoKMyD8_TYDZ5xWkzt-cDH7OQw8H9a9-VrQLm9lzuG4qQsfFJ7zcwAu9HyNaWhOTt5X2nE23uB4UA54gfBMQE_Ti7sBN61yUuBB-3Lmdu62CdehwJis7R_b-F2_rbgJ-f88bj4Kadx8Nozi7KfFAlqfP5-qhPQJAv6eWsDy6Yqp5tbcIMCHo6aEFD4npGINQ5MB94s2sWkQl5az2SJoNOM32ruAX5_kNmwzVwUISHpvLR8BVxD1n3OfezoDxvn9Dx48Mhuw

Requested by

Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 260ms
86ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=50e46faa-da9f-40d1-ac56-16ef8a977f63-tuct8198167
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 20 Aug 2021 19:00:58 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DAA0 42 B
64 B 46ms
31ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstv_Hoc25oLM1PvTkimpITSaN4AihsmcXkYtq4GSwBVi7EGbrdkq6t5WeyXJ76Mri_D8JFUr3a_fGMs1j92h7nRfosT2_uiguXMsI3rVcUKcSIo&sai=AMfl-YTnRk6Hgi3s159vMDRfgL9NI48_daFrXQWBW3BLoD7sHL9IozmHKtAq6M9QkR4-7dKyNWA4rp3rWE1XCq-XnE9OZj_HV2XnvPf9Ue1h-B9jZHYHdI-2Djqq-qudtdc&sig=Cg0ArKJSzGHJeZ2kZeKeEAE&cid=CAASFeRokrVX4qG163NAEjUrQKcESgvNKg&id=lidar2&mcvt=1000&p=411,990,661,1290&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210818&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=201709529&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629486056089&dlt=87&rpt=840&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
ad28.ad-srv.net/ Frame 8C0B 0
150 B 1037ms
12ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad28.ad-srv.net/viewability?s=38187000132810000383832011692028&a=87fe2bc7&vb=v
Requested by: Host: ad28.ad-srv.net
URL: https://ad28.ad-srv.net/request_content.php?s=38187000132810000383832011692028&a=5c14399e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad28.ad-srv.net/request_content.php?s=38187000132810000383832011692028&a=5c14399e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:00:59 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 7DB3
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=79416800156334100710616011692005&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=79416800156334100710616011692005&actionid=731824&produktid=businessgiro&dt_url=

0
246 B

106ms
106ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=79416800156334100710616011692005&actionid=731824&produktid=businessgiro&dt_url=

Requested by

Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=ba6b11b46f&subid=&uid=05ed6050b9cc5a9c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYLPo6PsfYeSuIIr2-gadsI_ACbXN-YNXzN65q-UM8C4QASD_wrQiYJWCgICYB8gBCakCa8t8_Eqisz6oAwGqBO8BT9B6JdCHOYtZeZp9-ezrZR2Hi-bnyZCuve-oV79UOlj6nqh4QaajLFcx6I4I4867VG1gyoyqM8VrUoJ5ThkG1wHE3qh9dFSapOQY_Y9rHfgChb7lSUKnvY_OnwfOhlwvpIXEFEfBewC4ArD_C_OhK_BwE8_jNzhE_Gno6xM0xreNtoiZiNSY2PQ3oLSBQXN7UiY3953x5XvxaTnZ_9S9eAad69f-j2ur2eT-IlkK4qhIxIUOh6wrUAVFaa7jM01bnXPEVGM1f_HmdB8FqLMdrzhWUSdUsDGj06OHe_qDs6hK61RhQFak2fDwkMD2NFXABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoaTaHB8E6VtXafEgWbwMeTuA1pQ%26sig%3DAOD64_0tqTFYzTXNFuStwTK1zqvBbUdp3Q%26client%3Dca-pub-2370948078851435%26dbm_c%3DAKAmf-B7WJ3v3AECigQbuwZ5if1_jtV4mGasqxZ5WK8Q5lQb3Z3ijVKuWSLMTQkIAI2FsXQljofhd1d-LA_kGQBGdrbUz8d2TkY1L6gvS3p5RbTr8ydaXZ_qbCog8UY-XeuQN6yaSXDlhspFDYY8dHw8b7xfH1RUsg%26cry%3D1%26dbm_d%3DAKAmf-AVpp1jwiiXx2VClnCYnIaQvuVK6Lti2H_AGNI0zaKQreS_TuvopOPZHxXX8fGe2UAupnuzQ_oUqnZHspfqEU2f4D9VUYNOhIUWeqBOMm3ABTPj8CyMXPVKAr3ZNZ7BAOBjH1kzcuwbGsk6HkKzpyKR0NaY1zimhLP77AVK_p5WPufNRjzs4hSbKjFMm23mPBLVAYYcfCeJ1jqJsSC4VNIzM9JQ94D6psBylGaCSFKbLb4waihLd_ZxOh1vbQEluAYPlvWCJbN8Bcu6bdV-WcGJwdIEf6ePiHCIS_2Y5mypMkYa5G0cF9FGdqERU0w3TrILSbJVSCl27KylqyY668EfqVnQP9_jENX2mATGd_W5e66TVIWKm8Ple6o9XYuOmlCynW-l0ZmsmEEW1F0Bqcx75-oKXWwzUHd6g71-Mdl8kShF50_OO_YvksHC77Lid3H57hOR%26adurl%3D&documentReferer=https%3A%2F%2Fwww.webmail.co.za%2F&ancestorOrigins=https%3A%2F%2Fwww.webmail.co.za&random=8551438510214&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Bad Schwalbach, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: pb.media01.eu
:scheme: https
:path: /view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=79416800156334100710616011692005&actionid=731824&produktid=businessgiro&dt_url=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 20 Aug 2021 09:00:58 GMT
server: Microsoft-IIS/10.0
set-cookie: ASP.NET_SessionId=3d50u2qacavgaphde5oooptq; path=/; secure; HttpOnly; SameSite=None DTU=AE4F0CF3DAE5179A510DC30F10815853; expires=Sun, 20-Aug-2023 19:00:58 GMT; path=/; SameSite=None; secure; HttpOnly; SameSite=None
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Fri, 20 Aug 2021 19:00:57 GMT
content-length: 0

Redirect headers

Server: nginx/1.17.5
Date: Fri, 20 Aug 2021 19:00:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Keep-Alive: timeout=20
X-Powered-By: PHP/7.2.21
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials: true
Set-Cookie: trscj=MTYyOTQ4NjA1OHxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRNekJoTjJSbU9HUmxaR0UwWVdFMlAzTjFZbWxrUFRjNU5ERTJPREF3TVRVMk16TTBNVEF3TnpFd05qRTJNREV4TmpreU1EQTFKblE5YUhSc2NBPT18YUhSMGNITTZMeTltWm1FM04ySTNOMlpsT1dZNU9XSmlOemM0TURabFpHVmpOV1kxT0RKa05DNXpZV1psWm5KaGJXVXVaMjl2WjJ4bGMzbHVaR2xqWVhScGIyNHVZMjl0THc9PQ%3D%3D; expires=Sat, 20-Aug-2022 19:00:58 GMT; Max-Age=31536000; path=/; samesite=none; domain=.medialead.de; secure SERVERID177589=1|YR/77|YR/77; path=/; HttpOnly
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=79416800156334100710616011692005&actionid=731824&produktid=businessgiro&dt_url=
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID: C3B5AE59:3A8C_91EFC182:01BB_611FFBEA_87CAD63:12831
X-IPLB-Instance: 40027
Cache-control: private

GET
H2 200 / Show response
adv.office-partner.de/ Frame 02B0 930 B
1 KB 32ms
6ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=ba6b11b46f&subid=&uid=05ed6050b9cc5a9c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYLPo6PsfYeSuIIr2-gadsI_ACbXN-YNXzN65q-UM8C4QASD_wrQiYJWCgICYB8gBCakCa8t8_Eqisz6oAwGqBO8BT9B6JdCHOYtZeZp9-ezrZR2Hi-bnyZCuve-oV79UOlj6nqh4QaajLFcx6I4I4867VG1gyoyqM8VrUoJ5ThkG1wHE3qh9dFSapOQY_Y9rHfgChb7lSUKnvY_OnwfOhlwvpIXEFEfBewC4ArD_C_OhK_BwE8_jNzhE_Gno6xM0xreNtoiZiNSY2PQ3oLSBQXN7UiY3953x5XvxaTnZ_9S9eAad69f-j2ur2eT-IlkK4qhIxIUOh6wrUAVFaa7jM01bnXPEVGM1f_HmdB8FqLMdrzhWUSdUsDGj06OHe_qDs6hK61RhQFak2fDwkMD2NFXABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoaTaHB8E6VtXafEgWbwMeTuA1pQ%26sig%3DAOD64_0tqTFYzTXNFuStwTK1zqvBbUdp3Q%26client%3Dca-pub-2370948078851435%26dbm_c%3DAKAmf-B7WJ3v3AECigQbuwZ5if1_jtV4mGasqxZ5WK8Q5lQb3Z3ijVKuWSLMTQkIAI2FsXQljofhd1d-LA_kGQBGdrbUz8d2TkY1L6gvS3p5RbTr8ydaXZ_qbCog8UY-XeuQN6yaSXDlhspFDYY8dHw8b7xfH1RUsg%26cry%3D1%26dbm_d%3DAKAmf-AVpp1jwiiXx2VClnCYnIaQvuVK6Lti2H_AGNI0zaKQreS_TuvopOPZHxXX8fGe2UAupnuzQ_oUqnZHspfqEU2f4D9VUYNOhIUWeqBOMm3ABTPj8CyMXPVKAr3ZNZ7BAOBjH1kzcuwbGsk6HkKzpyKR0NaY1zimhLP77AVK_p5WPufNRjzs4hSbKjFMm23mPBLVAYYcfCeJ1jqJsSC4VNIzM9JQ94D6psBylGaCSFKbLb4waihLd_ZxOh1vbQEluAYPlvWCJbN8Bcu6bdV-WcGJwdIEf6ePiHCIS_2Y5mypMkYa5G0cF9FGdqERU0w3TrILSbJVSCl27KylqyY668EfqVnQP9_jENX2mATGd_W5e66TVIWKm8Ple6o9XYuOmlCynW-l0ZmsmEEW1F0Bqcx75-oKXWwzUHd6g71-Mdl8kShF50_OO_YvksHC77Lid3H57hOR%26adurl%3D&documentReferer=https%3A%2F%2Fwww.webmail.co.za%2F&ancestorOrigins=https%3A%2F%2Fwww.webmail.co.za&random=8551438510214&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

:method: GET
:authority: adv.office-partner.de
:scheme: https
:path: /?utm_source=webgains&utm_campaign=webgains
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/

Response headers

server: keycdn-engine
date: Fri, 20 Aug 2021 19:00:58 GMT
content-type: text/html
content-length: 930
last-modified: Thu, 06 May 2021 15:37:28 GMT
etag: "3a2-5c1ab16ba8ac4"
expires: Fri, 27 Aug 2021 19:00:58 GMT
cache-control: max-age=604800
link: <http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache: HIT
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 4F66 12 KB
12 KB 165ms
91ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=79416800156334100710616011692005&nw=1
Requested by: Host: www.webmail.co.za
URL: https://www.webmail.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
Software: Apache /
Resource Hash: fab8e840cc6976ac57bfb95d76ebaef8f51746be63525d765e3d9db65e2779a8

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:58 GMT
Last-Modified: Fri, 20 Aug 2021 19:00:58 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal90005.redintelligence.net/ Frame F573 7 KB
2 KB 36ms
12ms Document
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/request_content.php?s=79416800156334100710616011692005&a=f2008bb6
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=ba6b11b46f&subid=&uid=05ed6050b9cc5a9c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYLPo6PsfYeSuIIr2-gadsI_ACbXN-YNXzN65q-UM8C4QASD_wrQiYJWCgICYB8gBCakCa8t8_Eqisz6oAwGqBO8BT9B6JdCHOYtZeZp9-ezrZR2Hi-bnyZCuve-oV79UOlj6nqh4QaajLFcx6I4I4867VG1gyoyqM8VrUoJ5ThkG1wHE3qh9dFSapOQY_Y9rHfgChb7lSUKnvY_OnwfOhlwvpIXEFEfBewC4ArD_C_OhK_BwE8_jNzhE_Gno6xM0xreNtoiZiNSY2PQ3oLSBQXN7UiY3953x5XvxaTnZ_9S9eAad69f-j2ur2eT-IlkK4qhIxIUOh6wrUAVFaa7jM01bnXPEVGM1f_HmdB8FqLMdrzhWUSdUsDGj06OHe_qDs6hK61RhQFak2fDwkMD2NFXABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoaTaHB8E6VtXafEgWbwMeTuA1pQ%26sig%3DAOD64_0tqTFYzTXNFuStwTK1zqvBbUdp3Q%26client%3Dca-pub-2370948078851435%26dbm_c%3DAKAmf-B7WJ3v3AECigQbuwZ5if1_jtV4mGasqxZ5WK8Q5lQb3Z3ijVKuWSLMTQkIAI2FsXQljofhd1d-LA_kGQBGdrbUz8d2TkY1L6gvS3p5RbTr8ydaXZ_qbCog8UY-XeuQN6yaSXDlhspFDYY8dHw8b7xfH1RUsg%26cry%3D1%26dbm_d%3DAKAmf-AVpp1jwiiXx2VClnCYnIaQvuVK6Lti2H_AGNI0zaKQreS_TuvopOPZHxXX8fGe2UAupnuzQ_oUqnZHspfqEU2f4D9VUYNOhIUWeqBOMm3ABTPj8CyMXPVKAr3ZNZ7BAOBjH1kzcuwbGsk6HkKzpyKR0NaY1zimhLP77AVK_p5WPufNRjzs4hSbKjFMm23mPBLVAYYcfCeJ1jqJsSC4VNIzM9JQ94D6psBylGaCSFKbLb4waihLd_ZxOh1vbQEluAYPlvWCJbN8Bcu6bdV-WcGJwdIEf6ePiHCIS_2Y5mypMkYa5G0cF9FGdqERU0w3TrILSbJVSCl27KylqyY668EfqVnQP9_jENX2mATGd_W5e66TVIWKm8Ple6o9XYuOmlCynW-l0ZmsmEEW1F0Bqcx75-oKXWwzUHd6g71-Mdl8kShF50_OO_YvksHC77Lid3H57hOR%26adurl%3D&documentReferer=https%3A%2F%2Fwww.webmail.co.za%2F&ancestorOrigins=https%3A%2F%2Fwww.webmail.co.za&random=8551438510214&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 800ed4f8d59f6caf5ecd9f7d20b3c1260d8671ce3932d67040d5a74631a90962

Request headers

Host: hal90005.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=fd20c73f4335415a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/

Response headers

Date: Fri, 20 Aug 2021 19:00:58 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 20 Aug 2021 20:00:58 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2035
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 4F66
Redirect Chain

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=79416800156334100710616011692005
https://ad-server.eu/wm/pb/native.png

68 B
312 B

28ms
28ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:03:54 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Fri, 20 Aug 2021 19:00:58 GMT
Server: nginx/1.19.7
X-IPLB-Request-ID: C3B5AE59:3B0E_91EFC182:01BB_611FFBEA_87D10C1:1282E
X-Powered-By: PHP/7.2.34
X-IPLB-Instance: 40027
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type: text/html; charset=UTF-8
Location: https://ad-server.eu/wm/pb/native.png
Cache-control: private
Transfer-Encoding: chunked
Keep-Alive: timeout=20

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 4F66 43 B
702 B 13ms
12ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2601049&v=18332&q=376776&r=296283&pref1=79416800156334100710616011692005&pv=1

Requested by

Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:58 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ Frame 4F66 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73981d58f300958e6b274317fc1a24d24909238adbc9def23bcd15a311d19b29

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 02B0 90 KB
35 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc8c6af82a9db674a511cd173b400728718708daca3a3307d8a46f7bf604fc27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36187
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 20 Aug 2021 19:00:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F573 4 KB
744 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=79416800156334100710616011692005&a=f2008bb6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 18:57:38 GMT
server: ESF
date: Fri, 20 Aug 2021 19:00:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Aug 2021 19:00:58 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame F573 15 KB
15 KB 35ms
12ms Image
image/png 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/laptop_1200x627.jpg
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=79416800156334100710616011692005&a=f2008bb6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: 451071d21df680d637f74e9fa5861daffb00b42eaffda14e9940f3ca30aef9ab

Request headers

Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:00:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 15248
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame F573 15 KB
15 KB 1072ms
13ms Image
image/png 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52343/creativesup/1200x627_2.jpg
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=79416800156334100710616011692005&a=f2008bb6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: f17f36f04e07e7b60e76a1f092982680f337cbc1f964fbace102ad4759955177

Request headers

Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:00:59 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 15246
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame F573 16 KB
16 KB 1569ms
16ms Image
image/png 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=79416800156334100710616011692005&a=f2008bb6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: 94f4086c3d0f8d74a5e7490879c9e5ea7763bbee8adcf5fcf10194495a42b1f9

Request headers

Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:01:00 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16529
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal90005.redintelligence.net/ Frame F573 0
150 B 2380ms
13ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/viewability?s=79416800156334100710616011692005&a=cdf9fb55&vb=m
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=79416800156334100710616011692005&a=f2008bb6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90005.redintelligence.net/request_content.php?s=79416800156334100710616011692005&a=f2008bb6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:01:00 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame F573 16 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hal90005.redintelligence.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 17:54:23 GMT
x-content-type-options: nosniff
age: 349595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15948
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:32 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 17:54:23 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame F573 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hal90005.redintelligence.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 13:27:21 GMT
x-content-type-options: nosniff
age: 279217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 13:27:21 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 984A 42 B
64 B 33ms
32ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstpIjJRFn57YGpYsRmKeBkjRzWczhCo6wJvFaanP3ZhH8Xx95_ie_SJCWZHotZS5tx9W44KpUwS80er0NldiU_sxGLLnF2TGJeZ6IBouaEsAoXFMKUBbhGe3e8zFA&sai=AMfl-YSRhsn-EdPsyIrTiRQZDV88b2QT8UkIG2lL6msM15rdfKuGKE5AFFa1il6hy1eB8oMniTfkesQ-r6rUCziCtbgrxpuXPmhJ4nmF4nIVQJzBq3CF4lXpZ7OeH4nlzgc&sig=Cg0ArKJSzOy-GftBGoUZEAE&id=ampim&o=315,167&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=39&tls=1039&g=100&h=100&tt=1039&r=v&avms=ampa&adk=2857028136

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 84 KB
27 KB 48ms
22ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: adxbid.info
URL: https://adxbid.info/webmail_homepage_desktop.js?_=1629486055380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 9b34825eb68ebbe49410251b863c07e811c9e406286c7a8f00f88e83d9729c68

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:58 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 15:58:00 GMT
server: nginx
etag: W/"61154508-14e39"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Aug 2021 19:00:58 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 4F66 60 KB
61 KB 43ms
14ms Script
application/javascript 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=79416800156334100710616011692005&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 056581eb31e79e98718114a4bd8c104cb64eec86bc5a996a28e61220f3aad189

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: zmpZOOhCPWgwSGI0KhEOhezEiMOIyjV9
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jul 2021 09:15:25 GMT
server: AmazonS3
age: 25269
etag: "a36c650003d82cecddad8f5c37f2cc75"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 20 Aug 2021 11:59:50 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 61522
x-amz-cf-id: EO7ntiDMR6q230lDg6ozgspmiC5VWbRQEaMarGD2Tsk-6FF6ayi4-w==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 4F66 79 B
374 B 343ms
31ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=Fta44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcknw_AAKmmnzbPUxipMKmmxNFRbRe5btiedkRqRdzmUhtPiOuU66InnAvrnheaJ5obDdYejftckuyPBDjaY2ftckkCoq75uQ0F9v0uVWCp011tQVD_DJhCizgzH_y3EjNpmVWN9dPBSmxQs.BN1eNub9WDK1civynxPzCpxv5icCmVWN9e4WX3NlY5DtThuy.97S&wgcookie=%7B%22wgifp7121%22%3A%5B%2299582%22%2C%227121%22%2C%222513135%22%2C%22%22%2C%221629486058%22%2C%22https%253A%252F%252Fffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com%252F%22%2C%22%22%2C%22%22%2C%221637262058%22%2C%2279416800156334100710616011692005%22%5D%7D&wgchecksum=0df9477c9dfdd34b4a2ff56e79eee599&userIP=195.181.174.89&doAffectv=1&wgtime=1629486058
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=79416800156334100710616011692005&nw=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Epsom, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 20 Aug 2021 19:00:58 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 4F66 3 KB
3 KB 65ms
24ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=90785900139971800710690011692004&wglinkid=2513135
Requested by: Host: ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
URL: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
Software: Apache /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 19:00:58 GMT
Last-Modified: Fri, 20 Aug 2021 19:00:58 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Content-Length: 2808
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 84 KB
27 KB 50ms
26ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 9b34825eb68ebbe49410251b863c07e811c9e406286c7a8f00f88e83d9729c68

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:00:58 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 15:58:00 GMT
server: nginx
etag: W/"61154508-14e39"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Aug 2021 19:00:58 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 4F66 63 B
270 B 104ms
32ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=7ta44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcknw_AAKmmnzbPUxipMKmmxNFRbRe5btiedkRqRdzmUhtPiOuU66InnAvrnheaJ5obDdYejftckuyPBDjaY2ftckkCoq75uQ0F9v0uVWCp0pCRhk6Hb9LarUqUdHz16rgPtFFg4Jh5Dufs.BN1eNub9WDK1civynxPzCpxv5icCmVWN9e4WX3NlY5DtThuy.2oN
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 20 Aug 2021 19:00:58 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET load-cookie.html
user-sync.adxpremium.services/ Frame FD0B 0
0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 251C 281 B
554 B 28ms
8ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: adxbid.info
URL: https://adxbid.info/webmail_homepage_desktop.js?_=1629486055380
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.webmail.co.za/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.webmail.co.za/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 20 Aug 2021 19:00:58 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame EC86 42 B
64 B 30ms
29ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuI0rKMt_6TIYjb-vIbQPSPO8fnnkaB5ZrX8Hzn6yGG8rYsAZle3T238qPIJHnaHGpr4YInjlWHrfnHm1ch0N0_FSLq2vd4T6aJNyxb87FxPUF-HGba75J7zbVzqw&sai=AMfl-YQTyLWvTwPGvG1DGAubm8TH0EdP4i6xFjgEtlWRojHyA03p1oPjhvfI2Xk42-RLqvJSbhFfyLgLnvdt_e4Dx5QLMwsfdN0VFp3jGfFvTBJJZaSiCSs_KJ6jGnBx1sYu&sig=Cg0ArKJSzNb7y7_OT1g8EAE&id=ampim&o=320,497&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=62&tls=1062&g=100&h=100&tt=1062&r=v&avms=ampa&adk=3188712483

Requested by

Host: www.webmail.co.za
URL: https://www.webmail.co.za/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:00:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 251C 31 KB
10 KB 9ms
8ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: abc179734c50df8ccfa987a4a11ea9ba63d20e9af6bd04902dcc8598de57affd

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:00:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63358
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9360
Expires: Sat, 21 Aug 2021 12:36:56 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 251C 284 B
536 B 49ms
14ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/jpg

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 4F66 16 B
232 B 92ms
91ms Fetch
application/json 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-101-139.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 20 Aug 2021 19:00:59 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 113ms
29ms Preflight 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-101-139.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 20 Aug 2021 19:00:59 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 OpportunityServlet
am-vid-events.taboola.com/ 1 B
122 B 77ms
77ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_0_5/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.webmail.co.za
date: Fri, 20 Aug 2021 19:01:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 10 KB
6 KB 75ms
75ms XHR
application/json 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=6271935&noaop=5&sortOrderType=0&cb=1629486061858&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1263&pt=939837992&tz=120&viewable=true&ddast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2811025&dpubid=494845&abtst=206725b_vA!adh5c-1_vA!insc_vA!scec9_vB!smbs!spa2_vA!t45!uga_vB!ul95973_vE&mPre=0.033&cirf=https%3A%2F%2Fhttps&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 40ff429bd1b4efe73bfd797198615959d9786d13eb759fa2cf65bf76c5cbea7d

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

date: Fri, 20 Aug 2021 19:01:01 GMT
content-encoding: gzip
access-control-allow-origin: https://www.webmail.co.za
machineid: 1439
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra19146-FRA
pragma: no-cache
server: nginx
x-timer: S1629486062.861035,VS0,VE67
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://serverc.aivdesk.com>; rel=preconnect,<https://search.spotxchange.com>; rel=preconnect,<https://serverc.aivdesk.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 5cd7e859f2d3840015f29aad Show response
serverc.aivdesk.com/connections/5638c79739291a03009685cd/ 66 B
721 B 279ms
101ms XHR
text/xml 198.199.88.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serverc.aivdesk.com/connections/5638c79739291a03009685cd/5cd7e859f2d3840015f29aad?url=https%3A%2F%2Fhttps&playerWidth=400&playerHeight=225&param2=Taboola&userGdpr=1&us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.199.88.126 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 365464596a5c65ba5f030f24682d1209a3a3752c2ddeef4ca875cd18e082e066

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Date: Fri, 20 Aug 2021 19:01:02 GMT
Server: nginx
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: https://www.webmail.co.za
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: close
Content-Type: text/xml; charset=utf-8
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Content-Length: 66

GET
H/1.1 200
OK 313855 Show response
search.spotxchange.com/vast/2.00/ 67 B
1 KB 36ms
35ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.00/313855?VPAID=js&content_page_url=https%3A%2F%2Fhttps%3A%2F%2Fwww.webmail.co.za%3Ft%3D1629486055&player_width=400&player_height=225&vid_duration=NaN&content_id=inline&ad_mute=1&custom_skin=1&custom[content][]=IAB12-3&custom[pub_lang]=en&schain[schainobject]=1.0,1!taboola.com,1372681,1,-719753951&gdpr=1&gdpr_consent=&playtime=60&us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Date: Fri, 20 Aug 2021 19:01:01 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000295
X-SpotX-Timing-SpotMarket: 0.012685
X-SpotX-Timing-Page-Mux: 0.000296
X-SpotX-Timing-Page-Require: 0.000335
X-fe: 134
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000004
Content-Length: 77
X-SpotX-Timing-Page: 0.020269
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.003814
Last-Modified: Fri, 20 Aug 2021 19:01:01 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.012685
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.webmail.co.za
X-SpotX-Timing-Page-Misc: 0.002829
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000011
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 5e16ec7385c98e00170ec854 Show response
serverc.aivdesk.com/connections/5638c79739291a03009685cd/ 66 B
722 B 276ms
101ms XHR
text/xml 198.199.88.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serverc.aivdesk.com/connections/5638c79739291a03009685cd/5e16ec7385c98e00170ec854?url=https%3A%2F%2Fhttps&playerWidth=400&playerHeight=225&param2=Taboola&userGdpr=1&us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.199.88.126 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 365464596a5c65ba5f030f24682d1209a3a3752c2ddeef4ca875cd18e082e066

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Date: Fri, 20 Aug 2021 19:01:02 GMT
Server: nginx
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: https://www.webmail.co.za
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: close
Content-Type: text/xml; charset=utf-8
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Content-Length: 66

POST
H2 204 visible Show response
trc.taboola.com/webmailza/log/3/ 0
292 B 22ms
22ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/webmailza/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210819-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 20 Aug 2021 19:01:02 GMT
via: 1.1 varnish
server: nginx
x-timer: S1629486063.661535,VS0,VE9
x-served-by: cache-fra19146-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.webmail.co.za
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 200 OpportunityServlet
am-vid-events.taboola.com/ 1 B
122 B 22ms
22ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_0_5/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.webmail.co.za
date: Fri, 20 Aug 2021 19:01:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 10 KB
7 KB 57ms
56ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=6271935&noaop=5&sortOrderType=0&cb=1629486066862&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1263&pt=939837992&tz=120&viewable=true&ddast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2811025&dpubid=494845&abtst=206725b_vA!adh5c-1_vA!insc_vA!scec9_vB!smbs!spa2_vA!t45!uga_vB!ul95973_vE&mPre=0.033&cirf=https%3A%2F%2Fhttps&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 3f3efe0b8e055ab1ad985ca103751829575479f3c74a29fdac5c9112c4ca250d

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:01:06 GMT
content-encoding: gzip
server: nginx
machineid: 1456
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.webmail.co.za
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
link: <https://search.spotxchange.com>; rel=preconnect,<https://serverc.aivdesk.com>; rel=preconnect,<https://serverc.aivdesk.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 313855 Show response
search.spotxchange.com/vast/2.00/ 67 B
1 KB 41ms
41ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.00/313855?VPAID=js&content_page_url=https%3A%2F%2Fhttps%3A%2F%2Fwww.webmail.co.za%3Ft%3D1629486055&player_width=400&player_height=225&vid_duration=NaN&content_id=inline&ad_mute=1&custom_skin=1&custom[content][]=IAB12-3&custom[pub_lang]=en&schain[schainobject]=1.0,1!taboola.com,1372681,1,-719753920&gdpr=1&gdpr_consent=&playtime=60&us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Date: Fri, 20 Aug 2021 19:01:06 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000414
X-SpotX-Timing-SpotMarket: 0.014751
X-SpotX-Timing-Page-Mux: 0.000338
X-SpotX-Timing-Page-Require: 0.000391
X-fe: 058
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000006
Content-Length: 77
X-SpotX-Timing-Page: 0.023518
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.005359
Last-Modified: Fri, 20 Aug 2021 19:01:06 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.014751
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.webmail.co.za
X-SpotX-Timing-Page-Misc: 0.002242
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000016
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 5cd7e859f2d3840015f29aad Show response
serverc.aivdesk.com/connections/5638c79739291a03009685cd/ 66 B
721 B 281ms
102ms XHR
text/xml 198.199.88.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serverc.aivdesk.com/connections/5638c79739291a03009685cd/5cd7e859f2d3840015f29aad?url=https%3A%2F%2Fhttps&playerWidth=400&playerHeight=225&param2=Taboola&userGdpr=1&us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.199.88.126 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 365464596a5c65ba5f030f24682d1209a3a3752c2ddeef4ca875cd18e082e066

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Date: Fri, 20 Aug 2021 19:01:07 GMT
Server: nginx
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: https://www.webmail.co.za
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: close
Content-Type: text/xml; charset=utf-8
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Content-Length: 66

GET
H/1.1 200
OK 5e16ec7385c98e00170ec854 Show response
serverc.aivdesk.com/connections/5638c79739291a03009685cd/ 66 B
721 B 278ms
100ms XHR
text/xml 198.199.88.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serverc.aivdesk.com/connections/5638c79739291a03009685cd/5e16ec7385c98e00170ec854?url=https%3A%2F%2Fhttps&playerWidth=400&playerHeight=225&param2=Taboola&userGdpr=1&us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.199.88.126 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 365464596a5c65ba5f030f24682d1209a3a3752c2ddeef4ca875cd18e082e066

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Date: Fri, 20 Aug 2021 19:01:07 GMT
Server: nginx
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: https://www.webmail.co.za
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: close
Content-Type: text/xml; charset=utf-8
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Content-Length: 66

POST
H2 200 OpportunityServlet
am-vid-events.taboola.com/ 1 B
122 B 27ms
27ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_0_5/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.webmail.co.za
date: Fri, 20 Aug 2021 19:01:11 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 4 KB
3 KB 59ms
59ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=6271935&noaop=5&sortOrderType=0&cb=1629486071865&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1263&pt=939837992&tz=120&viewable=true&ddast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2811025&dpubid=494845&abtst=206725b_vA!adh5c-1_vA!insc_vA!scec9_vB!smbs!spa2_vA!t45!uga_vB!ul95973_vE&mPre=0.033&cirf=https%3A%2F%2Fhttps&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: c0d558e397eda8c4d57c6b9180f0886446fac83946339ba88e10de6e1d341ea9

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:01:11 GMT
content-encoding: gzip
server: nginx
machineid: 1434
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.webmail.co.za
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
link: <https://serverc.aivdesk.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 5cd7e859f2d3840015f29aad Show response
serverc.aivdesk.com/connections/5638c79739291a03009685cd/ 66 B
722 B 278ms
100ms XHR
text/xml 198.199.88.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serverc.aivdesk.com/connections/5638c79739291a03009685cd/5cd7e859f2d3840015f29aad?url=https%3A%2F%2Fhttps&playerWidth=400&playerHeight=225&param2=Taboola&userGdpr=1&us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.199.88.126 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 365464596a5c65ba5f030f24682d1209a3a3752c2ddeef4ca875cd18e082e066

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Date: Fri, 20 Aug 2021 19:01:12 GMT
Server: nginx
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: https://www.webmail.co.za
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: close
Content-Type: text/xml; charset=utf-8
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Content-Length: 66

POST
H2 200 OpportunityServlet
am-vid-events.taboola.com/ 1 B
122 B 15ms
14ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_0_5/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.webmail.co.za
date: Fri, 20 Aug 2021 19:01:16 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 73C6 742 B
827 B 14ms
14ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_0_5/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.webmail.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.webmail.co.za/

Response headers

server: nginx
date: Fri, 20 Aug 2021 19:01:16 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 73C6 43 B
182 B 95ms
95ms Image
image/gif 2600:1f18:612b:4264:a698:31e8:5977:4024
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:a698:31e8:5977:4024 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:01:16 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 73C6 70 B
264 B 31ms
31ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:01:16 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 73C6
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=ff1458f8-01e8-11ec-82c6-1a4ab9540406&orig=video&us_privacy=1---gdpr=1&

0
229 B

13ms
13ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=ff1458f8-01e8-11ec-82c6-1a4ab9540406&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:01:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 9110

Redirect headers

Date: Fri, 20 Aug 2021 19:01:16 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=ff1458f8-01e8-11ec-82c6-1a4ab9540406&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 104
Connection: keep-alive
Content-Length: 0

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 4 KB
3 KB 60ms
60ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=6271935&noaop=5&sortOrderType=0&cb=1629486076868&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=1263&pt=939837992&tz=120&viewable=true&ddast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2811025&dpubid=494845&abtst=206725b_vA!adh5c-1_vA!insc_vA!scec9_vB!smbs!spa2_vA!t45!uga_vB!ul95973_vE&mPre=0.033&cirf=https%3A%2F%2Fhttps&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 94b3d85cde40a2e20644caead9a6eea5493a22cb6ec644b6808a0f7512c6bf76

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:01:16 GMT
content-encoding: gzip
server: nginx
machineid: 1443
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.webmail.co.za
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
link: <https://serverc.aivdesk.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 5cd7e859f2d3840015f29aad Show response
serverc.aivdesk.com/connections/5638c79739291a03009685cd/ 66 B
722 B 280ms
100ms XHR
text/xml 198.199.88.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serverc.aivdesk.com/connections/5638c79739291a03009685cd/5cd7e859f2d3840015f29aad?url=https%3A%2F%2Fhttps&playerWidth=400&playerHeight=225&param2=Taboola&userGdpr=1&us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.199.88.126 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 365464596a5c65ba5f030f24682d1209a3a3752c2ddeef4ca875cd18e082e066

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Date: Fri, 20 Aug 2021 19:01:17 GMT
Server: nginx
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: https://www.webmail.co.za
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: close
Content-Type: text/xml; charset=utf-8
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Content-Length: 66

GET
H/1.1 200
OK viewability Show response
ad28.ad-srv.net/ Frame 8C0B 0
150 B 42ms
12ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad28.ad-srv.net/viewability?s=38187000132810000383832011692028&a=87fe2bc7&vb=v20
Requested by: Host: ad28.ad-srv.net
URL: https://ad28.ad-srv.net/request_content.php?s=38187000132810000383832011692028&a=5c14399e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad28.ad-srv.net/request_content.php?s=38187000132810000383832011692028&a=5c14399e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:01:17 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H2 200 OpportunityServlet
am-vid-events.taboola.com/ 1 B
122 B 14ms
14ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_0_5/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.webmail.co.za
date: Fri, 20 Aug 2021 19:01:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 4 KB
3 KB 62ms
61ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=6271935&noaop=5&sortOrderType=0&cb=1629486081871&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=6&pv=1263&pt=939837992&tz=120&viewable=true&ddast=V7TH0CFgOjb9WoRtwjMgSjb9WoRtwjMgUAAAAGBjsHHLlgcDaMFWsxW2w2s81uNVmulrPdYDdaLofAkQsGZ8NYsRazxWYz2-xWk-FiNxyuBrPhbgoOU3aaXJaDWiBrmlx-N7yg6XT4XPd6oel0-Fz3et3vd9e9LG6H02zX-O3Sh3_0Xswmy9FwNlit9nIAAAAAeAD4mv2F-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUODq0gCA4ogwy8Putbkup4PCbVA7nHZ_AAA8FIAAAAhgkAAcMPaXAKiQR54AAAAAAAAAALD8____xwzY83bJDPCvDPUAPPgAPBAVKBYxAgAAABiudc06mtQJlUUVAABBuhXAFQBAwB4ZfABxGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE0Iq_EgLUsCVUvsFBABY-wUEAGAbNwCAtwC4oCNoxWCwuoCYHQAAAMDd____vx6I2UYLm8M5MW4Wls3CZNoMNrvFbGEYbDYmw8q5296UVSJ6Wj8yep_DlJ0ml-WgFsiaJpfffhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Spwco0mzkcbpHDOXOLBiPHWuFxzdaK2cpmXDh3u5ltsxa9PqbjYjlczHZTPJiPy7mvXbgoGOCxF8FFOtG9LG6H02x9WMQSzckincgu-5pttLA5nBPjZmHZLEymzWCzW8wWhsFmYzKsnLt9a7AyzWYOh1vkcM7cosHIsVZ4XLO1YrayGRfO3W5m26xFr4_puFgOF7PdvjGbLEfD2WC12jdmk-VoOBusVvsOk-mZ-pyNpstS6jFZHt6XZRkzHxQug8X7k5gW0-7sIDr5jk6Zw6Ms6Iy-W_foNSg8B49pvLzVjuXts5k-DhOOg0ERSwSni3Qi9LtdFrFE8rRIJ6KRZTGaOFezlWcwWjkXi83IZNgtbKvNYONabIYTsURpukgner3u97vrXha3w2m2a_x26cOi_qNDLFdzxXAxV-xGc-FylQAAAAAAAAAAljBn3gQAAADgNKDlaDhaLReAQj5BF1gEAAAAAABgN4wT8zoKDqm4uPHjhHtZ3A6n2fow82bPBLFWq2UNAAAggA0AABDArZu3ALJIDg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2811025&dpubid=494845&abtst=206725b_vA!adh5c-1_vA!insc_vA!scec9_vB!smbs!spa2_vA!t45!uga_vB!ul95973_vE&mPre=0.033&cirf=https%3A%2F%2Fhttps&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 6c45b04e7a3a1a88e84c999e14af4d2ef77dfdf0337c3967fad79fbf47bda6b9

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:01:21 GMT
content-encoding: gzip
server: nginx
machineid: 1442
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.webmail.co.za
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
link: <https://serverc.aivdesk.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 5cd7e859f2d3840015f29aad Show response
serverc.aivdesk.com/connections/5638c79739291a03009685cd/ 66 B
721 B 280ms
102ms XHR
text/xml 198.199.88.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serverc.aivdesk.com/connections/5638c79739291a03009685cd/5cd7e859f2d3840015f29aad?url=https%3A%2F%2Fhttps&playerWidth=400&playerHeight=225&param2=Taboola&userGdpr=1&us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.199.88.126 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 365464596a5c65ba5f030f24682d1209a3a3752c2ddeef4ca875cd18e082e066

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Date: Fri, 20 Aug 2021 19:01:22 GMT
Server: nginx
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: https://www.webmail.co.za
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: close
Content-Type: text/xml; charset=utf-8
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Content-Length: 66

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 39ms
19ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021081701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d593905635ddf38347adf6102a58d34e3c3afa6ff36e9563f0966ac1c5af33e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 19:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8535
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 80B7 11 KB
5 KB 73ms
23ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.webmail.co.za

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=www.webmail.co.za
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.webmail.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.webmail.co.za/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1967
set-cookie: uid=f7cdea27-4ce6-4a5c-9eb9-8f1211050949; expires=Wed, 14 Sep 2022 19:01:23 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Fri, 20 Aug 2021 19:01:22 GMT
content-length: 4666

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 20 Aug 2021 19:01:23 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame BFB9 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.webmail.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.webmail.co.za/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 20 Aug 2021 18:34:19 GMT
expires: Sat, 20 Aug 2022 18:34:19 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1624
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BAEF 783 B
785 B 18ms
17ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0241800d0504229430bd6a14570a86c50c2fbfb1fb2e8123cc91d5635078277b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+74Qyldu4uNROL/PCF54TQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.webmail.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.webmail.co.za/

Response headers

expires: Fri, 20 Aug 2021 19:01:23 GMT
date: Fri, 20 Aug 2021 19:01:23 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-+74Qyldu4uNROL/PCF54TQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

sid Show response
mug.criteo.com/ Frame 80B7
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=webmail.co.za&sn=ChromeSyncframe&so=0&topUrl=www.webmail.co.za&cw=1
https://mug.criteo.com/sid?cpp=xQiefnxBaTRudEZSdXo0NzV3ZDkwNWJrdWtTNk1NZHBlSlJubVB6Ulp3QmZPN1hURmxPek0xSmE5ZnlHN3dMcjhJVjdkZWQ2dmZwTnVZdzVZWDc5RzcwM05WcW4vNGVEc2R4dzVMYlEyZFhzKzJLWVMwUjh4dzFZSzZqd3...

438 B
621 B

50ms
20ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=xQiefnxBaTRudEZSdXo0NzV3ZDkwNWJrdWtTNk1NZHBlSlJubVB6Ulp3QmZPN1hURmxPek0xSmE5ZnlHN3dMcjhJVjdkZWQ2dmZwTnVZdzVZWDc5RzcwM05WcW4vNGVEc2R4dzVMYlEyZFhzKzJLWVMwUjh4dzFZSzZqd3pxQlBadTVTajVMenJnSHRjSWlJenR0eTdEMmEybmZvRUxZWXlzZDZ4Nzg5N0FhWEJYQU5LdEZxZU1OaXM2bHQrTEFuNjhnRjBLUHRYTGR2a3p4WTlsczB6Q0ZWbVlPNkh3NEpPV1E1NVg5b3Z5RE5oMElKc1NUaG9oV2wvOUVlQXYwNU90S08zdjluakREOWR3MXordTJZZDhIOG9LZz09fA&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

29c5a7bab1aa4b1aecd6f0cd0b41da06dadaba2afaff5847b0bb309524370504

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 20 Aug 2021 19:01:23 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3501
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 20 Aug 2021 19:01:23 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=xQiefnxBaTRudEZSdXo0NzV3ZDkwNWJrdWtTNk1NZHBlSlJubVB6Ulp3QmZPN1hURmxPek0xSmE5ZnlHN3dMcjhJVjdkZWQ2dmZwTnVZdzVZWDc5RzcwM05WcW4vNGVEc2R4dzVMYlEyZFhzKzJLWVMwUjh4dzFZSzZqd3pxQlBadTVTajVMenJnSHRjSWlJenR0eTdEMmEybmZvRUxZWXlzZDZ4Nzg5N0FhWEJYQU5LdEZxZU1OaXM2bHQrTEFuNjhnRjBLUHRYTGR2a3p4WTlsczB6Q0ZWbVlPNkh3NEpPV1E1NVg5b3Z5RE5oMElKc1NUaG9oV2wvOUVlQXYwNU90S08zdjluakREOWR3MXordTJZZDhIOG9LZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2010
content-length: 541
expires: 0

GET
H3-29 200 Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js Show response
pagead2.googlesyndication.com/bg/ Frame BFB9 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 16:26:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13491
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Aug 2022 16:26:46 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 29ms
29ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021081701&jk=2903850474286280&bg=!CwilCEzNAAZvV8FTb1c7ACkAdvg8WoUwAE_qqkrSVxlXToAI6WJuCYvva1XDQ8__w2YrIrSxQ2ZzxQIAAABnUgAAAAloAQcKAKY6bnCYMQ8HLMGeJZhvDkQ4GmuZ8M9AjLakCJ74PmLnIn6PXWh59mgtHJxQZoCA2I4wvm8_Uk2fy4adqkfAkTWSYcs9TYo_PYNMxKa8Nu19upVCy38JeTc7zQxOKEqXjQ8emFrx6kREtm_oZ506mD7aTr5YNiR-0YOJBraZLrVIqww7_S15Am0tMohkpfdUSXaVsEEKCV3fuq2Q1K5F9r_JpYbgS3nrmQJ1OUNUpf-0SguBmWDdT3KRDwff07issA_BTBgMJ-Wjq_8h0xlP0R7o-MEWGbcvbAk0mlV6_PB8yB4-P8PTwxJrF7zhGAHuvECCki-r2Fw1C4q_wJZUqO7Yqx_K0uIb1RzBqJ3sbTUtHCofhsnOXiguRxc7BgRq3aHKM4uU42P2b1r_s3aAN8vbH1wBRjS7eJS5Ir8VDcVuCOHEHqfDW81t_yE6jFXwP98muzXPsqSJt20Be93Kp2SkM4EHHpqrSeTPNRQ-2Lf74ljybDX3hmfp-OYCfzZuw9Vx3T_2xBu3mAObP6Hd1j1L0HfHUyPYnsf-tixfqmS_grLpjoHtlaTV1ca3Nbw-tzLstATlJa44Jex6W8LQCI2ad9LF3lLuEfVy0xyLd0K_htMOuRqHdjMoVfSlXAiSMcriS0mKvh7gRkE7n5kO7Vm_AeaWnp-Z26ev18FW1skKVLrQSGBb9FMKiuyn9sXcAgGcLM2yufuAGayUkXBCDEpIffzBlbaI5gOlpgqdF59ENxWFDTrXRJPY5gcx585Gk0fZKUOhFgm5iV20d56--1NgdFDEAjQjQKRZ7HPwjESI9URgorJEANm539IHSHVJDoWZmwC2OqKKdwquT1dtwyxCHbt5J8nbGnIOYrCjtLyCVAP_L6-eS4r9yoC1miegu2j6kLNKLcOPsSDHRlrWTEY4ALVsb81_D9pT3xrAHqzD2ObG4eJgkkh412w-ee0chReqCIR7_aXMLplvBLhiSqp0EeYmiJap4CfSMzpVAbSVC63CpihhSThBQnmdtOyqkHq_M9zld6JxLZrQhn-LkqVq3BZ0gR7Ywf3NOWwjwHg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:01:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 OpportunityServlet
am-vid-events.taboola.com/ 1 B
122 B 17ms
17ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_0_5/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.webmail.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.webmail.co.za
date: Fri, 20 Aug 2021 19:01:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics.adxbid.me
URL: https://analytics.adxbid.me/graphql

Domain: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

248 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2108100143000 https://www.webmail.co.za/
console-api	info	URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2108100143000 https://www.webmail.co.za/
console-api	info	URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2108100143000 https://www.webmail.co.za/
console-api	info	URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2108100143000 https://www.webmail.co.za/
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
ad-server.eu
ad.ad-srv.net
ad13.adfarm1.adition.com
ad28.ad-srv.net
adservice.google.com
adservice.google.de
adv.office-partner.de
adx.adform.net
adxbid.info
ajax.googleapis.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
analytics.adxbid.me
analytics.webgains.io
ap.lijit.com
api.webgains.io
asset.conrad.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
c3.taboola.com
cdn.ampproject.org
cdn.contentspread.net
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
collector.effectivemeasure.net
detect-survey.effectivemeasure.net
diapi.webgains.com
dmp.adform.net
dsum-sec.casalemedia.com
eus-api.ccgateway.net
eus.rubiconproject.com
executivemail.co.za
fastlane.rubiconproject.com
ffa77b77fe9f99bb77806edec5f582d4.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90005.redintelligence.net
ib.adnxs.com
id5-sync.com
images.taboola.com
imagesrv.adition.com
imprammp.taboola.com
lh3.googleusercontent.com
match.adsrvr.org
mug.criteo.com
nocf.adxpremium.services
pagead2.googlesyndication.com
pb.media01.eu
pips.taboola.com
pixel.mathtag.com
pv.medialead.de
script.crazyegg.com
script.hotjar.com
search.spotxchange.com
securepubads.g.doubleclick.net
serverc.aivdesk.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
survey.effectivemeasure.net
sync-t1.taboola.com
sync.search.spotxchange.com
t.effectivemeasure.net
taboola-supply-partners.tremorhub.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
trc.taboola.com
user-sync.adxpremium.services
vars.hotjar.com
vidstat.taboola.com
wf.taboola.com
www.asmc.de
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.webmail.co.za
www.zenaps.com
x.bidswitch.net
za-ssl.effectivemeasure.net
analytics.adxbid.me
user-sync.adxpremium.services
104.111.239.217
13.224.196.125
13.224.196.67
13.224.96.116
13.224.96.50
13.224.96.92
135.125.163.79
138.201.63.165
141.226.224.32
141.226.228.48
142.250.184.226
142.250.185.226
144.76.91.199
145.239.193.130
145.239.2.103
151.101.13.44
159.69.70.9
178.250.0.165
178.250.2.146
178.79.242.245
18.184.94.176
184.30.20.207
185.94.180.124
185.94.180.125
195.154.207.108
195.154.207.134
198.199.88.126
2.18.234.21
213.19.162.41
216.52.2.19
217.79.188.54
217.79.188.60
23.37.42.132
2600:1f18:612b:4264:a698:31e8:5977:4024
2600:9000:20eb:4a00:b:3c99:a880:93a1
2600:9000:20eb:e000:1f:612c:5a80:93a1
2606:4700:20::ac43:452a
2606:4700:3036::ac43:9b70
2606:4700::6812:7e05
2606:4700::6813:9308
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2001
2a00:1450:4001:812::2004
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9a
2a02:2638:1::3
2a02:2638::1c
2a02:cb40:200::202
2a0b:4d07:101::1
3.237.175.195
34.194.97.217
37.157.4.39
37.157.6.246
37.252.172.45
46.236.13.147
52.215.101.139
52.48.137.92
52.48.181.96
54.36.109.155
54.76.176.197
69.173.144.138
76.223.111.131
81.29.72.47
88.198.250.30
88.99.165.19
99.81.82.31
0184843db150256de079daaf6dd648290ed1769d5a27c6e45573c6584a660897
01b9f17ba90d56f130244e293d9d04303a7595f612c8fe8be0af695a6f6f5c38
0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90
0241800d0504229430bd6a14570a86c50c2fbfb1fb2e8123cc91d5635078277b
028fac763131bbe421511369e5082fbbe8d89011f3dba8abab4101ceff2ec3ae
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
04a784f7aefba6d99ff88bbe9be2ea62aa5d9059b6414ecd9787d0f9e7f87efb
056581eb31e79e98718114a4bd8c104cb64eec86bc5a996a28e61220f3aad189
06192831a43dac617bb42d64a4e83c98ceb7c25203f434f2aaddc8c036f7d239
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e9c9358c36ea30656af161c43ed15bdf6bae04961543ee4a24dd60d81212989
1141878aad5c36f7728b49d6c00236c76c78ebf54eb0cb3a61f0b3b516c63142
11df01bd0eba66e77ca9090ce51be66999351b6c1addf9f7d7a3693b911aa931
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
129124b761eab75b73c4bddd8c3659e23ac30cf423a75f8759c5c34de1268946
13715833e57d32356b1b55ccbdb87d308d15cf5a665dc4dfd1d14ba3729a5ac0
13eb607b742e1aee4db2aa603b68a8887adb97733f4ba52ac85c4c00f0f1bdf1
14195189a9b91d79dee562dcfa7dd2cdd68251a18b5dd1d0cc41e9275f7b6969
155b36117f46d5d84fb616cb2c16b136faec4ba1ba931dbca4d3ff303bb586ef
165da72bd88856ca58087384fef059cc41df9c41ab8e7ffd53466a1959ebe72f
16fc03228919a07b4459c8cdfc0d02ceb0be0cf2aaf94f0ebcad05450e48c754
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
17d4cada1b4db0ac40f2f1ab1b2097ae6cd57adcd81e1ffeda0c1578612ccd34
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1953181e7750ee06e7d24cda91aac1dfe620a0d16aa3a44768eab0c57fdca04f
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19bcbba417f03dfe5358b46518999a4b3ef79d5e421d36c66bfc6925184646d9
1b816d4b2112adf5116c812751f40fc93de2feb480f0af48e4459b8a67f560a5
1c45bfa2dc80f54eb8564aa778a0929a00811168617ee6340cc59f0af48e5cca
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1
1d9d0eb6ef368661de76df7240452bce823c6b958f6d8dabf8b43f22ee3335cb
1de686b09435eefaa5fb9adae90ec317b9e980910aa705c8e46310f94caf4ff7
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
23dd6a2d48a5505a8883334b79af26ab857ffa1e3722393f9a24d5ed3d80d469
29c5a7bab1aa4b1aecd6f0cd0b41da06dadaba2afaff5847b0bb309524370504
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
3193e68f7f79b3793bcac0675dd385b086915d04387bd37e4d317dc79f269628
3243eecace016bb9a47ca02cdaf1520d1a5c2b3ecf1fa3628da50bd7915afc07
333fb113f4468b00a2770c69e043cf5d81c1603ec4becc5a30c9e56e2c5e8bb6
337a4e8a0cd99fc559843e3a0ffd37d784e13439db4c3efb0ca8c1657e10c90f
34793c7da07bd5c6237844e494be0a2af219a92e11f4ee81fb194f26eae8b5c9
3582f0cd7c94416fc64172a678e328e48cc2c0d89677b2c2811859784ce16d7f
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
365464596a5c65ba5f030f24682d1209a3a3752c2ddeef4ca875cd18e082e066
379587f0cc0fe0137ff92ac3ee3671dd1f90119e17e269e26a807a9a668642a9
37d75e6ce8bffa180f2d67f3d5dd3b06711e2b240ccb153af0c9741b8c5e429f
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3a1e0a29892482fad179e8030846ccea7c58a5d02d3f00c3d9ffc76261dc387b
3dada494a0c0fb4dcfb5fe401c3686054b5e017b549424c1ca412aeed7182cc7
3df216747f864d54a93248adc0ce73b510b43979fcfaef3f90af69481faa2968
3f3efe0b8e055ab1ad985ca103751829575479f3c74a29fdac5c9112c4ca250d
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40ff429bd1b4efe73bfd797198615959d9786d13eb759fa2cf65bf76c5cbea7d
416c66b64adf83bfdfcdd37b98c3d88ae15cc77370bd0f7b5edcc3e5b480e641
438da1276d1d3eda0a0ad7c3a798065015b616021e05b332c0a12c73b0d1de34
442522eb1346f40d3b871b87fd74d13dcd751a3f5a109e337630545c7daed6ae
451071d21df680d637f74e9fa5861daffb00b42eaffda14e9940f3ca30aef9ab
4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f
46576efa560e2014ef9d5144932a11a87dc7efe1637e39546c43dbfbb7230ad2
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c42596f24c1e738f9c8dfa2d5db6529afd1ebc6eebd19eef0fb930ce3fdfa33
4e57e1b23aaa8c26ceb43aae13a2a39a86c8ff62bbf7f54c0461596d6b44555b
4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8
4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f6cd5db4a1b54ee671148fd21fad7e5ba627a9092975519b1bb17b9033f2eeb
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50751afb202533244586716dc039eb6eeb1c0577be5077d6a805ae20dde1d2bf
50e17a9d9310a166aa40ac31f6c6557168e3a5cc01beda9846656f7b7111e907
543c6a7a7a7f6703901337e93a45487781689a53efb697386dfbfd24786d160e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55e472b889b155b4d12b5bfd0693b2c56618f21337f9f7cacb210fdce69a1b9f
55eb3eb01377061935108c9c4b1ca14e3e45a2745e82386599555e5f165822d7
56bbc4cd8d76bf95810fce9c5a11c0ead96308330fbb88499e0b7919b51647b5
58138ae9386e3492c24f00208a1e12bab4972bf3aed9179d22454ef53391e464
587f1945cbbf31ea5f1f1c6179608b48fd091b68cfe95dcd8daac04b3127f7b6
58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c
5a34c954c0cfe6823a3fcc2922a78d866d9f3a0925f0152f9f1014ea98725d09
5bff8aab6316785594ff5732f3a6846dac632ffe91c9a6beb1eb04cfd0b0af6f
5c7a12789b4d95f75ecff88493d99d31956b8aab167890ac42139605256b1ee7
5d51e764d5fc2f47875154466cdb3c4834bc37910376276b06bde387d862c358
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
606b7081b34fa6b4f139e5adc74f672f81fbd628bc2aa0a9b4b9cda1740b7104
607fe49372f521f5a6c6c7fcde31ebb07f017c1efea75cbbf167612641e006e7
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
60efaeefd78f774274b4f751203535607b96b44e2304682c9d044bbde53784f4
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0
62cdccf1ab4b4215586295612a4a2ef96fa490250fa96dbccc565f659cab86ab
63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90
663fb629f188104bc6893c08bac5e7a5030e49e4d2eb46eac667be04f0479fb6
68965b80c1088d7cf7ccddb4823a1bb7a2e4817f4ea9d56f9ad7f99f480e1dee
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b626078da119a9ed2ee6a979f326699d9fffaf6304e7a8dac893d8aed2278e0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c45b04e7a3a1a88e84c999e14af4d2ef77dfdf0337c3967fad79fbf47bda6b9
6c692adedf52dfebfc9322fb29a927981ed8f898d5abe973b7b1735837bda6bb
6e07734fe1015f88d67a257108878aed46f82946feba5973a0d306aa927ad71a
73981d58f300958e6b274317fc1a24d24909238adbc9def23bcd15a311d19b29
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
79cf2260d11ab5daf2449098aa462fa27156c2edd2808c7a8b23adfe21c73a8d
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7a7c9e417d35db8c63c623e0c9cccf4b5aeef583267c5251faa771e15b4568d8
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
800ed4f8d59f6caf5ecd9f7d20b3c1260d8671ce3932d67040d5a74631a90962
80481994d0a77569f67968014cb98435b9fad9720566644a53774b3af4269741
80552188ade64dd7f4ffd7b9dc82b63a67cd59265cde1fb838d7a0d4f0cc56e9
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
80f5433df727188d43a64cda6f7060bc5117045b2cbcd1492a00183caff5f1ec
8166bdde246d7a93b8ba6e7d2f97c62d006e7530872c083d65af2b3c83683894
81908424bdea3020d71c24ffcb3e04fdf5be4f1df00cc9feeaa2284b38910aa3
81c198d08fd0e404f6dd93c131d85bf7973a7772d3ea2a18f59afafacaf82803
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
8563b8052bfc03a4406a64fefc1554c7d0108e23ccd29cb46fb4bb4e006914e2
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3
88424804595f1d70a8f3a4465887544c6ab4d8f867773380d878e6104ec78a20
8c0118aff2cd8ba7367f4ab37167f8acced9388a11c35d87a32615688599b5d9
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e5793f2e9d5f80929b4633f3d3b7bb93174743c7ac62f1b40a899e4c1816be1
8ecc2196eeef72d4360abc7274f25be67703b7e3df63c0a5515b706a60fe502e
8fcb0634eb65be4266931d8f9535d0eef075c15438aced48de81179a8f774611
9123db5c48778937f18e95513cca2eead9a98287052a50c17057761fedb14833
932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
94b3d85cde40a2e20644caead9a6eea5493a22cb6ec644b6808a0f7512c6bf76
94f4086c3d0f8d74a5e7490879c9e5ea7763bbee8adcf5fcf10194495a42b1f9
95495acd2cfee985e69c7d76d78d17ad65291aa9261263b138e0f446f83e96c1
969231fe165a93933d6908d45bfa09c364b66de37160efea47d87d18d7d37bd8
9b34825eb68ebbe49410251b863c07e811c9e406286c7a8f00f88e83d9729c68
9dd189ef52ea74a10651864dd73d21639d99289fb8ca5be69df4aa29c81afc4d
9e4190277624abe62a79ed1a6361094c53e9b80dcb42608d0d576d4c0d872cfd
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2514d3437998e4033ac8dcb2d10cae7c13980f6786dc622462748375bedb563
a49c77e4a789d033016be86da36a832282033657eef7d55a88c677b2e7f5e1fb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a63a29481ee8241be6a48255235d18af10510b1b713858d4bacec40fb4e23505
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a75961f3d8dda1dd685c2ef7a53ef3536f35114b487134ca32f8c87e6b8883ba
a7bf67883867f93d08cbf4eeac0485e641cb9e5b123e18bef046b7c706cffd28
a8128a12543e5c8871a4c26ed1aec5db7c0621f30fea1d478d179c501f42daf1
a8565a0aa214e2ecf8ad9dba771e98012ce6303a370e05806269a1c220a0fd0b
a87352099e9b3946d71f4f73c69f9217ef99278088a177d5eef09df78c11e4ae
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201
aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
abc179734c50df8ccfa987a4a11ea9ba63d20e9af6bd04902dcc8598de57affd
acd646fe1822313c9f2825e223c45ff00794adf5df9ea3a02d960122c2707355
ae89f5236f82d6e3bc59c732078ffeba5adf9b95bf9633fc4cab6eff51d78c63
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b00176dbbd9e4c77629b36fae58d076c8c3b55754e7c2dd3a6e4986e7ec9c37b
b131d45599f927d91ae219b43f6d2ba69b26d53132f7e4e7d4deff043844e709
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b646e7ffbc66071e42f1027eadcc593772e9728738516f4bb79d1b3c9c137eb7
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b8388f548352d8a7bc13150e1bdf323ddba14e24f6c90b5af0c2dd47cd6467ac
b8e39dad2211fe2aafd3c487471c94934a5230aeb00608f59b80c880ce777440
bacba1e9608664aed59ef9696179f3cbf39b188dba1a4f4427ae3758bad4ca40
bcfa40b3ba947da30270542f058116fb102667d9664fbbf7d5a646410c7959ac
be1c4031c965bdf06827008cc018d79cbed689468cd9be0e6810a56a5f6617d7
bf1397985806ff8d22bd8bef2c60cd4272f47a4377d3bf3ed614a59d68825d0a
c0d558e397eda8c4d57c6b9180f0886446fac83946339ba88e10de6e1d341ea9
c2c79710c9f7e6dd62cb9f52e1cfabb600952b0118557bdc1a934621bdf88e57
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cce2d9e56822ca13d0bc323ca0d7a4a6205b58a7006eea4ca3256f77da7a6a0c
cdd1a26159ce6938b63734d54d4fb519633960019cdb383c177462246a656ee1
d0161fa3d19a3937c7eef09ff278e55b87ef4b7e01cdcfc716830d1b0d17d876
d16b65f7b062f8bc8d44a544baeca656c01cde0fe00838c08eed9c73163fb9d4
d3a3dd792926131439a7199edbb72a7196483cf08adc3bf4b6bdba6f2107b420
d593905635ddf38347adf6102a58d34e3c3afa6ff36e9563f0966ac1c5af33e8
d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8
dc8c6af82a9db674a511cd173b400728718708daca3a3307d8a46f7bf604fc27
dd0a6000b695de5dfca13ed9f411f2dbb72423deb244b5f002b34f0f8badef45
df29cecb951253bed2573157a70d381a81b64f31742ddd4e3c7aff14be2609c3
df5eab9b06fde8ac0deb3494e9f37422802b69045bf976973bbbbcf3291d425d
e03e5473724b007756be2f4097e713221b593bfa10a927896ace93eaaacb911f
e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90
e95623e9082ef2c44c96252359f39cd05a5b21f5155f025a493244d5f7b40357
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f05533317139a5a18a37d4ea1d9385d1852680313f297f48fab3b4924299f1fe
f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8
f17f36f04e07e7b60e76a1f092982680f337cbc1f964fbace102ad4759955177
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fa172610ae27e81034f959f8583a92a01eb6ad15778c9a942b6ed79ff5597bbb
fab8e840cc6976ac57bfb95d76ebaef8f51746be63525d765e3d9db65e2779a8
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fdd3265c70a5a8541e4efc5414b7eb82a3bfb25d2dc928041dc864b0892f01b4
feff660b40200996753b622d58b6618e469168e897278fc6cbec52989b9b56fc

www.webmail.co.za Open in urlscan Pro 195.154.207.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

322 Requests

99 %HTTPS

36 %IPv6

52 Domains

90 Subdomains

73 IPs

9 Countries

3941 kBTransfer

9283 kBSize

0 Cookies

33 Outgoing links

Page URL History

Redirected requests

322 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.webmail.co.za Open in urlscan Pro
195.154.207.108 Public Scan

Screenshot
Live screenshot

Full Image

322
Requests

99 %
HTTPS

36 %
IPv6

52
Domains

90
Subdomains

73
IPs

9
Countries

3941 kB
Transfer

9283 kB
Size

0
Cookies

322 HTTP transactions
7 data transactions