ltoexam.com Open in urlscan Pro
172.67.144.162 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ltoexam.com/
Submission: On January 17 via manual (January 17th 2022, 10:13:37 pm UTC) from IN — Scanned from DE

Summary HTTP 128 Redirects Behaviour Indicators

Summary

This website contacted 33 IPs in 7 countries across 38 domains to perform 128 HTTP transactions. The main IP is 172.67.144.162, located in United States and belongs to CLOUDFLARENET, US. The main domain is ltoexam.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 24th 2021. Valid for: a year.

This is the only time ltoexam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	172.67.144.162 172.67.144.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	104.20.229.67 104.20.229.67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	54.241.51.109 54.241.51.109	16509 (AMAZON-02) (AMAZON-02)
32	172.66.41.9 172.66.41.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.129.176 151.101.129.176	54113 (FASTLY) (FASTLY)
7	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2600:9000:225... 2600:9000:2251:1000:c:95c2:e940:21	16509 (AMAZON-02) (AMAZON-02)
1 2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
2 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
4 4	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 5	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1 1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	198.47.127.20 198.47.127.20	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
2 3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	50.31.142.191 50.31.142.191	23352 (SERVERCEN...) (SERVERCENTRAL)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	52.49.40.119 52.49.40.119	16509 (AMAZON-02) (AMAZON-02)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	3.251.21.8 3.251.21.8	16509 (AMAZON-02) (AMAZON-02)
2 2	18.185.166.245 18.185.166.245	16509 (AMAZON-02) (AMAZON-02)
1	38.27.122.158 38.27.122.158	174 (COGENT-174) (COGENT-174)
2 2	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	67.202.105.24 67.202.105.24	32748 (STEADFAST) (STEADFAST)
1 2	52.46.154.242 52.46.154.242	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:d29... 2a05:d018:d29:3605:7ea4:f1cc:2176:cd9d	16509 (AMAZON-02) (AMAZON-02)
1 1	3.208.105.70 3.208.105.70	14618 (AMAZON-AES) (AMAZON-AES)
1	54.71.47.92 54.71.47.92	16509 (AMAZON-02) (AMAZON-02)
2 3	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
19	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
1	2606:2800:233... 2606:2800:233:8173:898f:63b3:95c3:79d2	15133 (EDGECAST) (EDGECAST)
3	2606:2800:233... 2606:2800:233:7ee2:97c:ab4c:6c70:be36	15133 (EDGECAST) (EDGECAST)
6	199.212.255.244 199.212.255.244	25948 (FHMNET) (FHMNET)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
128	33

24 172.67.144.162 (United States)

ASN13335 (CLOUDFLARENET, US)

ltoexam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.229.67 (None, )

ASN13335 (CLOUDFLARENET, US)

secure.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.241.51.109 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-241-51-109.us-west-1.compute.amazonaws.com

bdv.bidvertiser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rt3042.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.176 (United States)

ASN54113 (FASTLY, US)

free.timeanddate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2251:1000:c:95c2:e940:21 (United States)

ASN16509 (AMAZON-02, US)

d2b9l3u54v5v39.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.79 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.91 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.31.142.191 (United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.40.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-40-119.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.251.21.8 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-21-8.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.166.245 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-166-245.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.27.122.158 (Chestertown, United States)

ASN174 (COGENT-174, US)

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.154.242 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:7ea4:f1cc:2176:cd9d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.105.70 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-105-70.compute-1.amazonaws.com

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.71.47.92 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-47-92.us-west-2.compute.amazonaws.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.242.53 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 199.212.255.244 (Canada)

ASN25948 (FHMNET, CA)

node227.impressionssl.adshop.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	infolinks.com resources.infolinks.com — Cisco Umbrella Rank: 7980 router.infolinks.com — Cisco Umbrella Rank: 2877 rt3042.infolinks.com — Cisco Umbrella Rank: 77417 node227.impressionssl.adshop.infolinks.com — Cisco Umbrella Rank: 308969	302 KB
24	ltoexam.com ltoexam.com	509 KB
23	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1493 pbs.twimg.com — Cisco Umbrella Rank: 668 abs.twimg.com — Cisco Umbrella Rank: 1941 ton.twimg.com — Cisco Umbrella Rank: 5586	433 KB
9	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 592 syndication.twitter.com — Cisco Umbrella Rank: 844	214 KB
7	pubmatic.com 7 redirects image8.pubmatic.com — Cisco Umbrella Rank: 609 image2.pubmatic.com — Cisco Umbrella Rank: 1032 image4.pubmatic.com — Cisco Umbrella Rank: 848	2 KB
5	doubleclick.net 4 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 197	1 KB
5	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	7 KB
4	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 283 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470	2 KB
4	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 241	4 KB
3	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 990	1 KB
3	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 329	1 KB
3	cloudfront.net d2b9l3u54v5v39.cloudfront.net	4 KB
3	gstatic.com fonts.gstatic.com	78 KB
3	bidvertiser.com bdv.bidvertiser.com — Cisco Umbrella Rank: 315637	15 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 419	891 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 284	1 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 690	1 KB
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 327	677 B
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 675	647 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 528	1 KB
2	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 98	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	83 KB
2	timeanddate.com free.timeanddate.com — Cisco Umbrella Rank: 62809	2 KB
2	statcounter.com secure.statcounter.com — Cisco Umbrella Rank: 14791 c.statcounter.com — Cisco Umbrella Rank: 7747	14 KB
1	brand-display.com dmp.brand-display.com — Cisco Umbrella Rank: 1929	261 B
1	advangelists.com 1 redirects nep.advangelists.com — Cisco Umbrella Rank: 2192	232 B
1	33across.com ssc-cms.33across.com — Cisco Umbrella Rank: 877	72 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 702	759 B
1	bnmla.com match.bnmla.com — Cisco Umbrella Rank: 1587	114 B
1	adkernel.com dsp.adkernel.com — Cisco Umbrella Rank: 4389	233 B
1	cpx.to s.cpx.to — Cisco Umbrella Rank: 2057	944 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 1044	478 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 588	288 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905	475 B
1	openx.net u.openx.net — Cisco Umbrella Rank: 710	305 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1056	814 B
1	tynt.com de.tynt.com — Cisco Umbrella Rank: 1328	289 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
128	38

	Domain	Requested by
24	ltoexam.com	ltoexam.com
18	pbs.twimg.com	ltoexam.com platform.twitter.com
15	router.infolinks.com	resources.infolinks.com router.infolinks.com ssum-sec.casalemedia.com
9	resources.infolinks.com	ltoexam.com resources.infolinks.com
8	rt3042.infolinks.com	resources.infolinks.com ltoexam.com
7	platform.twitter.com	ltoexam.com platform.twitter.com
6	node227.impressionssl.adshop.infolinks.com	ltoexam.com blank
5	cm.g.doubleclick.net	4 redirects ssum-sec.casalemedia.com
4	ib.adnxs.com	4 redirects
4	image8.pubmatic.com	4 redirects
3	ton.twimg.com	platform.twitter.com ton.twimg.com
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	match.adsrvr.org	2 redirects ssum-sec.casalemedia.com
3	ups.analytics.yahoo.com	3 redirects
3	d2b9l3u54v5v39.cloudfront.net	bdv.bidvertiser.com
3	fonts.gstatic.com	fonts.googleapis.com
3	bdv.bidvertiser.com	ltoexam.com bdv.bidvertiser.com
2	pixel.tapad.com	1 redirects resources.infolinks.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	ap.lijit.com	2 redirects
2	pixel.advertising.com	2 redirects
2	ad.360yield.com	2 redirects
2	sync.1rx.io	2 redirects
2	image4.pubmatic.com	2 redirects
2	ssum-sec.casalemedia.com	1 redirects router.infolinks.com
2	syndication.twitter.com	1 redirects platform.twitter.com
2	www.facebook.com	1 redirects connect.facebook.net
2	connect.facebook.net	ltoexam.com connect.facebook.net
2	free.timeanddate.com	ltoexam.com free.timeanddate.com
1	abs.twimg.com	ltoexam.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	dmp.brand-display.com	ssum-sec.casalemedia.com
1	nep.advangelists.com	1 redirects
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	ssc-cms.33across.com	router.infolinks.com
1	p.rfihub.com	1 redirects
1	match.bnmla.com	router.infolinks.com
1	dsp.adkernel.com	router.infolinks.com
1	s.cpx.to	router.infolinks.com
1	sync.go.sonobi.com	router.infolinks.com
1	b1sync.zemanta.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	u.openx.net	router.infolinks.com
1	image2.pubmatic.com	1 redirects
1	onetag-sys.com	router.infolinks.com
1	de.tynt.com	router.infolinks.com
1	c.statcounter.com	secure.statcounter.com
1	secure.statcounter.com	ltoexam.com
1	fonts.googleapis.com	ltoexam.com
128	50

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-24` - `2022-06-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
us-dallas.statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-06` - `2022-12-06`	a year	crt.sh
*.bidvertiser.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-03` - `2022-12-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.timeanddate.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-27` - `2022-01-25`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G2	`2021-12-30` - `2023-01-31`	a year	crt.sh
*.bnmla.com Go Daddy Secure Certificate Authority - G2	`2021-01-06` - `2022-02-07`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
*.knorex.com Amazon	`2021-08-26` - `2022-09-24`	a year	crt.sh
node227.impressionssl.adshop.infolinks.com R3	`2022-01-16` - `2022-04-16`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://ltoexam.com/
Frame ID: 63EB4C317BD952388BE4F412B2DC4533
Requests: 62 HTTP requests in this frame

Frame: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=20166&bid=1186827&RD=9037291577915&DIF=1&bd_ref_v=ltoexam.com&tref=1&win_name=null&docref=&jsrand=9037291577915&js1loc=-&loctitle=%20Philippine%20Driver%27s%20License%20Exam%20Reviewer
Frame ID: B41FA4CB6175048D5610761A5EB396EA
Requests: 4 HTTP requests in this frame

Frame: https://free.timeanddate.com/clock/i4r9k07r/n145/tlph/fn2/fs19/fc469bd1/tc222/pct/pa8/tt0/th2/ta1/tb4
Frame ID: 9055B8B67A8AFEA549B296412D710F40
Requests: 2 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F
Frame ID: 51E76C3ABAC0CD673D2425AE7A82CBD6
Requests: 18 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.e37c957bd3ae00473b95800b99e19cff.html?origin=https%3A%2F%2Fltoexam.com
Frame ID: A5757874C3ED2138897832B022D8E7D7
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df142a02fd2e74d4%2526domain%253Dltoexam.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fltoexam.com%25252Ff383fb26271704c%2526relation%253Dparent.parent%26container_width%3D360%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLTOExam%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse
Frame ID: 60E98ABD3CE8E068EC36117CC554B33C
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: 97E85AEEFD5C4ED7EF8F67B7A4E4C0D3
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: AD3F857A0061A69A128D581E2C3C9821
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: D7819E9024C615E684C0ED4A0BD02921
Requests: 1 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1481896488082939907/Di8VSY1k?format=jpg&name=144x144_2
Frame ID: 73DF1C6351FFACD818D12CEFC282FF60
Requests: 27 HTTP requests in this frame

Frame: https://node227.impressionssl.adshop.infolinks.com/impression/?vh=1494721233&agy=414981&aid=637313&cid=640282&gid=643927&id=643930&st=1642457611&kwid=0&skw=home&sid=437263_0&sip=3117783808&pid=15&tid=2&mime=image/jpeg&dev=0&mtyp=502&agtyp=0&rid=2bde0c48-79fe-41fd-ac06-83347dd07b00&idfa=&gaid=&site_cat=18
Frame ID: 08574D2D9938972814C85F7C46F59C1B
Requests: 1 HTTP requests in this frame

Frame: https://node227.impressionssl.adshop.infolinks.com/impression/?vh=1494731966&agy=414981&aid=637313&cid=640282&gid=643927&id=643934&st=1642457612&kwid=0&skw=free&sid=437263_0&sip=3117783808&pid=14&tid=2&mime=image/png&dev=0&mtyp=502&agtyp=0&rid=2bde0c48-79fe-41fd-ac06-83347dd07b00&idfa=&gaid=&site_cat=18
Frame ID: 0B1AABC8073366CC4A65F86E16617B09
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 3D70CD0C728952B7D1045B3BFA66F331
Requests: 1 HTTP requests in this frame

Frame: https://node227.impressionssl.adshop.infolinks.com/impression/?vh=1494733649&agy=414981&aid=637313&cid=640282&gid=642205&id=643963&st=1642457612&kwid=0&skw=advertises&sid=437263_0&sip=3117783808&pid=14&tid=2&mime=image/png&dev=0&mtyp=502&agtyp=0&rid=2bde0c48-79fe-41fd-ac06-83347dd07b00&idfa=&gaid=&site_cat=18
Frame ID: 4D155BD218F6AA20925F9677D2279808
Requests: 1 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/container-1.0.html
Frame ID: 0F038D7D08DE6401D8E4C7E44D367246
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Philippine Driver's License Exam Reviewer - LTOExam.com

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

128
Requests

88 %
HTTPS

23 %
IPv6

38
Domains

50
Subdomains

33
IPs

7
Countries

1665 kB
Transfer

3123 kB
Size

54
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df142a02fd2e74d4%26domain%3Dltoexam.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fltoexam.com%252Ff383fb26271704c%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FLTOExam&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df142a02fd2e74d4%2526domain%253Dltoexam.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fltoexam.com%25252Ff383fb26271704c%2526relation%253Dparent.parent%26container_width%3D360%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLTOExam%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse

Request Chain 50

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Request Chain 52

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Nzg0QzU3NTItMzNENC00QkMwLTgzODUtRTc0MDMyRUVEQzlC&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Nzg0QzU3NTItMzNENC00QkMwLTgzODUtRTc0MDMyRUVEQzlC&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D784C5752-33D4-4BC0-8385-E74032EEDC9B HTTP 302
https://router.infolinks.com/dyn/pbm-usync?uid=784C5752-33D4-4BC0-8385-E74032EEDC9B

Request Chain 53

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
https://router.infolinks.com/dyn/apn-usync?user_id=2397853370907302375

Request Chain 55

https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
https://router.infolinks.com/dyn/VR-usync?uid=y-ITXbFJNE2uGkeKmSLoec5TgaSgzbaT9n4LVQsRE-~A

Request Chain 56

https://sync.1rx.io/usersync2/infolinks HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8347891128 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8347891128 HTTP 302
https://sync.1rx.io/usersync/tradedesk/498e318f-0081-4efd-85a1-8e3e7b1da618 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b038f8e0-da20-41e9-ada3-5f3934edf5aa-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-b038f8e0-da20-41e9-ada3-5f3934edf5aa-003 HTTP 302
https://router.infolinks.com/dyn/r1-usync?uid=RX-b038f8e0-da20-41e9-ada3-5f3934edf5aa-003

Request Chain 57

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
https://router.infolinks.com/dyn/zmn-usync?uid=

Request Chain 59

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fltoexam.com%252F&pid=12306&adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fltoexam.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fltoexam.com%2F&pid=12306&adnxs_uid=8290647816966742529

Request Chain 61

https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
https://router.infolinks.com/dyn/imd-usync?user_id=7284890d-e8f1-4477-b9c5-009837409d87&partner_id=1531

Request Chain 62

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb4dd0337-77e2-11ec-94db-0221d7e25822 HTTP 302
https://router.infolinks.com/dyn/outh-usync?uid=y-aGjO1WNE2uHxiJ.qt2k_voLYFSBol4yl~A~UPb4dd0337-77e2-11ec-94db-0221d7e25822

Request Chain 64

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
https://router.infolinks.com/dyn/sovrn-usync?uid=61887da0081525ca2dd7f055

Request Chain 65

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D784C5752-33D4-4BC0-8385-E74032EEDC9B HTTP 302
https://router.infolinks.com/dyn/usersync?pmuservalue=784C5752-33D4-4BC0-8385-E74032EEDC9B

Request Chain 66

https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
https://router.infolinks.com/dyn/zeta-usync?uid=5107433822390592981

Request Chain 70

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeXqDLgyUCFXWLl0EsHs8gAABGYAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeXqDLgyUCFXWLl0EsHs8gAABGYAAAAB&dcc=t

Request Chain 71

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YeXqDLgyUCFXWLl0EsHs8gAA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YeXqDLgyUCFXWLl0EsHs8gAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGiRyID52pK3ef3ZfsmA_jI&google_cver=1&gdpr=1

Request Chain 74

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-50e5b92c-df72-4f73-a27a-8e42864accbc

Request Chain 76

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6957440121022534310&uid=Q6957440121022534310&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 127

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 132

https://pixel.tapad.com/idsync/ex/receive?partner_device_id=7dfb888d-23b3-470b-9160-35b2507a8190=&partner_id=3337 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=7dfb888d-23b3-470b-9160-35b2507a8190=&partner_id=3337

128 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ltoexam.com/ 30 KB
9 KB 637ms
589ms Document
text/html 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ltoexam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.24
Resource Hash: 5359adccfa961eaf36b7e5b4a9de42e16851a3cc7818b17617b7cc74c703b40d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 17 Jan 2022 22:13:30 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.24
cf-edge-cache: cache,platform=wordpress
link: <https://ltoexam.com/wp-json/>; rel="https://api.w.org/" <https://ltoexam.com/wp-json/wp/v2/pages/87>; rel="alternate"; type="application/json" <https://ltoexam.com/>; rel=shortlink
x-litespeed-cache: hit
vary: Accept-Encoding,User-Agent
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HfW37uKrIJkaR9MYXHbC%2B8uBJAXlTUeQmPI2B9Wf9croTHl62c0g9%2Fd1uCLM%2FVDuwGNdCbU%2BFdpp%2BPQoqlVb%2FnWW46k%2FAvZlIjRUXk%2Fhp46TXt7ctBae2RhnRTyNGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6cf2ee60ba245c38-FRA
content-encoding: br

GET
H2 200 mtq_core_style.css
ltoexam.com/wp-content/plugins/mtouch-quiz/ 7 KB
2 KB 20ms
18ms Stylesheet
text/css 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ltoexam.com/wp-content/plugins/mtouch-quiz/mtq_core_style.css?ver=3.1.3
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e4f0aa8f9a3c6d640a3dd3342237fb9ccdd3a8ca8d6e3816552ecaee2513cc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53499
cf-polished: origSize=8471
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 12 Dec 2015 14:59:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RN7HvBKSXcMl4G3Sgh9CQKYO%2BcohPq28%2FaRIszV4jA%2BGDcrmsRkYy%2BJ%2B5je%2BPidaUHDJRi5oyxkOs2MW%2FIb8UIAA%2F%2FxlKpkfWkP80faFRmUoaNi4PUmIiJHd6rhtdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6cf2ee648b075c38-FRA
expires: Mon, 24 Jan 2022 07:21:53 GMT

GET
H2 200 mtq_theme_style.css
ltoexam.com/wp-content/plugins/mtouch-quiz/ 19 KB
3 KB 21ms
20ms Stylesheet
text/css 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ltoexam.com/wp-content/plugins/mtouch-quiz/mtq_theme_style.css?ver=3.1.3
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57c765e0bc6134f999371ef0c35516524ddf73ef9404e081f6f15f0660be2529

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53499
cf-polished: origSize=29924
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 12 Dec 2015 14:59:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cgjP2acLiCKvdWxICQ0DrtaMRTShy%2B90jmwGVEB%2BPMZ2Lb%2B%2BgKdemodEvIMRJT0wY7%2F63kHFrpC5w1Vfs2YQPf7YFhD4NTCdBlkkVH8ySP8NDCTvc57Hq2MOFRDOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6cf2ee648b0a5c38-FRA
expires: Mon, 24 Jan 2022 07:21:53 GMT

GET
H2 200 style.css
ltoexam.com/wp-content/themes/magazine-pro/ 30 KB
6 KB 20ms
19ms Stylesheet
text/css 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ltoexam.com/wp-content/themes/magazine-pro/style.css?ver=3.1
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b4d6f2df3963da6825c49d2e56972f8a872a9887af8ea4344e394c8159f53ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53498
cf-polished: origSize=43471
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 12 Oct 2016 08:19:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2dVwzZUSLaLXYpNNM0tP3EVVyLa9B5eEKFeFTf%2FrWL0IZ82PaTEy1PSxIG5trKwmtyduCvKgNF%2B3BLQ3QnmuDyXODmjH27E5%2BiWeCAiETdOIZBgHxE1yBGsPIUDzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6cf2ee648b0d5c38-FRA
expires: Mon, 24 Jan 2022 07:21:54 GMT

GET
H2 200 style.min.css
ltoexam.com/wp-includes/css/dist/block-library/ 79 KB
11 KB 449ms
447ms Stylesheet
text/css 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ltoexam.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 20 Jul 2021 23:24:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Xo1SeweErMlH4mDoQczkct1h%2FE5JDvJ%2F8hdg8NznDeVDX31PvRU2i3owBMJnPKGpc02G7Ma9fzjCtej2Ifzy0NK796138GZ7v3NzTSSBkiww3xobAj2I1%2FtToPZ9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6cf2ee648b0f5c38-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 24 Jan 2022 22:13:32 GMT

GET
H2 200 dashicons.min.css
ltoexam.com/wp-includes/css/ 58 KB
35 KB 586ms
585ms Stylesheet
text/css 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ltoexam.com/wp-includes/css/dashicons.min.css?ver=5.8.3
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 09 May 2021 06:22:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Roz2JbmOm%2F%2Bj1cj%2BfQWzLnS6DHwj8lUjlGECGaZ7gApLC51xqvOaKyPkYTniHGHq2qD184cQTmecgjctHREMn4Iz8ELQVrLJo4rUMtUQlxkduqNc%2FXHHU%2BgH5oLytg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6cf2ee648b105c38-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 24 Jan 2022 22:13:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 136ms
48ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.1

Requested by

Host: ltoexam.com
URL: https://ltoexam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

077a3aa33ead99e1558d71766ed96c904173f1c8f542124fdf6a90c8c56dac92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 21:54:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 17 Jan 2022 22:13:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Jan 2022 22:13:31 GMT

GET
H2 200 jquery.min.js Show response
ltoexam.com/wp-includes/js/jquery/ 87 KB
32 KB 581ms
580ms Script
application/javascript 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ltoexam.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 20 Jul 2021 23:24:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O54by14Mlxk3lNdUUeoL%2B8BzotEdz9AmOXu5X%2Bc1HUnyvmaRtv8j5Zxc%2BDCQKPlho5IGJl%2B0%2BF65iThIVh8YZqB9YxYq3BZWHaKkr4mZe8fq8qTM3QsdwIeHPtkF%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6cf2ee648b115c38-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 24 Jan 2022 22:13:32 GMT

GET
H2 200 jquery-migrate.min.js Show response
ltoexam.com/wp-includes/js/jquery/ 11 KB
5 KB 437ms
436ms Script
application/javascript 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ltoexam.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 09 May 2021 06:22:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoRaY4%2Bql2lzzHml597HHZ9wmmMUNoKOkS14bQVzTtnirQuYBkU3JjsSYAmR5ihSZQpmJqnooXLExzhoclz4r6pICkT86gnMahO%2BSHeCH3iYrVq%2Bs1UZkyNTceQQYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6cf2ee648b135c38-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 24 Jan 2022 22:13:32 GMT

GET
H2 200 script.js Show response
ltoexam.com/wp-content/plugins/mtouch-quiz/ 35 KB
6 KB 24ms
24ms Script
application/javascript 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ltoexam.com/wp-content/plugins/mtouch-quiz/script.js?ver=3.1.3
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0e985c68ac4cb7a3a25b7a2403b592c4d85c0281152b75af532d7be93704346

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53498
cf-polished: origSize=46187
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 12 Dec 2015 14:59:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxGjFvzdf0Y8N8%2BWXoaMt%2F0VB%2Bs9vt9KElNWJFJTD99z9%2BIcWGAAbeQyXMyxcOqU9l7s1RL5wY0t3LdoE4kvIbMTSWxip3aVxMbYuSTNEgtoNhnPoEWxjIEfBiqiGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6cf2ee648b145c38-FRA
expires: Mon, 24 Jan 2022 07:21:54 GMT

GET
H2 200 entry-date.js Show response
ltoexam.com/wp-content/themes/magazine-pro/js/ 218 B
427 B 23ms
23ms Script
application/javascript 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ltoexam.com/wp-content/themes/magazine-pro/js/entry-date.js?ver=1.0.0
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 693335ce59675a25146b80a05623079801ad5fa9f5ef011f9cd4b0f5e9409881

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53498
cf-polished: origSize=367
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Jul 2015 20:35:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqrjKhkYdodpUJwxG2mR0emRiS%2BZv91NuWQVTnB7T7fAGx3ifMH2Ibovga9%2FIBcAR%2FDF3kQev5kY6kyum%2F50AXs65ySV1sKQ3rinbigpIV4myKV0L5xXcgs%2FbMWUQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6cf2ee648b175c38-FRA
expires: Mon, 24 Jan 2022 07:21:54 GMT

GET
H2 200 responsive-menu.js Show response
ltoexam.com/wp-content/themes/magazine-pro/js/ 805 B
606 B 21ms
20ms Script
application/javascript 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ltoexam.com/wp-content/themes/magazine-pro/js/responsive-menu.js?ver=1.0.0
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17db8c2fe36a6e281047508a2516723ba277065d11a5b374712e5e5b2374aeea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53498
cf-polished: origSize=867
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Jul 2015 20:35:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yio5dxxltHN6%2B0PB4NuVM7duKZMGrsXh1WPJCJt8CoQ%2BJIZZ1mWHav0QOoUv7ADEUFlUPvP%2FP1PUAFqIr2upeegrWsSJ%2F0wfMZ%2FohJPtjF42Txop8ziiK%2Bt0bRQqBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6cf2ee648b185c38-FRA
expires: Mon, 24 Jan 2022 07:21:54 GMT

GET
H2 200 counter.js Show response
secure.statcounter.com/counter/ 39 KB
13 KB 55ms
23ms Script
application/x-javascript 104.20.229.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.statcounter.com/counter/counter.js
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76c3204c16180551c6575195c88969110daa632706c71fbfa154e5c2024b7022

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 17 Jan 2022 12:12:03 GMT
server: cloudflare
age: 19535
etag: W/"61e55d13-9d23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43200
cf-ray: 6cf2ee687a206951-FRA
expires: Tue, 18 Jan 2022 04:47:55 GMT

GET
H/1.1 200
OK bidvertiser.dbm Show response
bdv.bidvertiser.com/ 9 KB
9 KB 643ms
157ms Script
text/javascript 54.241.51.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bdv.bidvertiser.com/bidvertiser.dbm?pid=20166&bid=1186827
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: -1
Cache-Control: no-store
Connection: close
Content-Length: 9014
Content-Type: text/javascript

GET
H3 200 spn_lza1.gif
ltoexam.com/images/ 29 KB
30 KB 587ms
587ms Image
image/gif 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ltoexam.com/images/spn_lza1.gif
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6670e25a76218d25fd032f994958d529faa40ce305bed3dcb1dffbfcb4c8fa9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29856
last-modified: Wed, 08 Feb 2017 14:15:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bYjb2uSEH9whzOV0mnr8PoYi227xyHE7cJRqBR4wZ3auUscpaU4RjUuvCdSpxwlBRg2gjLaUk0KhA4DGY0N%2BW6OXKOAADagI0XYAFXhMrZ3ymSmvGwlF2kFbL%2BC8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6cf2ee684acf4ed4-FRA
expires: Mon, 24 Jan 2022 22:13:32 GMT

GET
H3 200 ltoexam_ph_transparency_seal.png
ltoexam.com/images/ 83 KB
84 KB 710ms
709ms Image
image/png 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ltoexam.com/images/ltoexam_ph_transparency_seal.png
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd5797588e186206c2f91c47bd0519ae43ceb4edfa641bfbe74965e4a92c634

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 85061
last-modified: Wed, 15 Jul 2015 09:19:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hq5xg87qoiKbQMUeqyx4vIFCeqtdioTXp8NeHjNC6TBj2%2F5LhK9uA4XIHGkaDr8Bb5GozrPXbo6CXydpcSDxrP4XZp65%2FcMaV3SOlXNhrnsV6jONKnemdMQnY%2F0opw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6cf2ee684ad14ed4-FRA
expires: Mon, 24 Jan 2022 22:13:32 GMT

GET
H3 200 ltoexam_ip.png
ltoexam.com/images/ 21 KB
22 KB 581ms
580ms Image
image/png 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ltoexam.com/images/ltoexam_ip.png
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b8d7173b54b42701fd995fd254393f10a12799f71827925353f961ab49635f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21627
last-modified: Wed, 26 Jun 2013 21:15:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXi9qcI6FiaZkTlbs6b0Zy92ZwyZqD9Okta5Pz9QEtwaGsvM%2B7AywggbGASY23AxHr4cdFszLUUTmYBObTjMbw4BuTBbdk35JMiwIpHpBANu%2BZRdIc9xp3CehncHXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6cf2ee684ad44ed4-FRA
expires: Mon, 24 Jan 2022 22:13:32 GMT

GET
H3 200 ltoexam_ph_seal.png
ltoexam.com/images/ 26 KB
26 KB 711ms
710ms Image
image/png 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ltoexam.com/images/ltoexam_ph_seal.png
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eff3409a0a27457eb3d71ba9766cccd8d72118ecf02aa6e5cd7d63df502b397a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 26180
last-modified: Mon, 08 Jul 2013 06:07:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LO2uvGBe0OU7%2FDCmYo64qmmPuDr2E0D6GLpPRHCWa4uEXk4bIM6MRXB1eCmL2YxjYTFI1or5hvk8%2FjwhthG5YDvzkki73NILUFrU99RttdojprEMhSY9U34r6R49Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6cf2ee684ad64ed4-FRA
expires: Mon, 24 Jan 2022 22:13:32 GMT

GET
H3 200 ltoexam_secure.png
ltoexam.com/images/ 7 KB
7 KB 453ms
453ms Image
image/png 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ltoexam.com/images/ltoexam_secure.png
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58db12084761feda49437ff2cb427d126656727ae3bc4959cf87a66f30c2822e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6981
last-modified: Sun, 28 Jul 2013 19:35:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UyhrtQF2DJzaSAdG8HjI9YNHm4mcldZHcT2tjoRYfkgWA1jsVIy98c%2BCqO0M9rkJghxFfAfLmZRmuYHr1aoWqisgC3LDDApmZ4ciKrdnygDLxhsNJkIFkB%2FCLm3Ujw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6cf2ee684ad84ed4-FRA
expires: Mon, 24 Jan 2022 22:13:32 GMT

GET
H3 200 ltoexam_html5.png
ltoexam.com/images/ 10 KB
11 KB 431ms
431ms Image
image/png 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ltoexam.com/images/ltoexam_html5.png
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ca30b4ef2d39acc9064c289a25f7cf64c208ceb8878d086686484a2eb431114

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10567
last-modified: Mon, 13 Jul 2015 11:14:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lTjApsyc%2B0jThfldjF066IdDX%2B4fQovHBsLm8WikQ95gGzX6PpvleKuNMkcCP17AUHZNgxgS5Iye4vdq6FmIfxeH83cIOw99JhwNa77pXe9KllpAnteFesqJkCDh6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6cf2ee684ada4ed4-FRA
expires: Mon, 24 Jan 2022 22:13:32 GMT

GET
H3 200 ltoexam_copyscape.gif
ltoexam.com/images/ 1 KB
2 KB 430ms
429ms Image
image/gif 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ltoexam.com/images/ltoexam_copyscape.gif
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a045c3b4670c412f0d621b347d7828bec41c6563734cf5b746ed8c068c74f43e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1367
last-modified: Thu, 16 Jul 2015 17:09:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0EKPz1zFmLoXsyPIVhyM290A5TVzZvPAdNgfHu4fjkqwq0QX%2BfEW8rQf8OiwkrGxezamxyF%2BQRfiJ51jd4BYwNHHMZ9OMGDj01xsmUWzm5B3mELNjrTmERk7Y969ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6cf2ee684ade4ed4-FRA
expires: Mon, 24 Jan 2022 22:13:32 GMT

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
2 KB 75ms
43ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6802643a04a4e91582126d45e3e0b6bb28fbb413e10735900840a375d6b60d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6cf2ee686b3d5c5c-FRA
date: Mon, 17 Jan 2022 22:13:31 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 17 Jan 2022 13:24:09 GMT
server: cloudflare
age: 2951
etag: W/"d79-5d5c71150ff94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
content-encoding: gzip
expires: Mon, 17 Jan 2022 22:24:20 GMT

GET
H3 200 wp-embed.min.js Show response
ltoexam.com/wp-includes/js/ 1 KB
1 KB 479ms
479ms Script
application/javascript 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ltoexam.com/wp-includes/js/wp-embed.min.js?ver=5.8.3
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 15 Apr 2021 08:00:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5z3V4dLrsItLkEU5hoCPO9W%2FQrPFrdfUGRlU%2F4Nthsbrbd1hlKX4A6DTcenGYxII%2B83FIab0efNTbbdJ8DW8bunk%2BYVTYHlB95AP5dJXopc90%2BuMflegpdCxMbrw%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6cf2ee684ace4ed4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 24 Jan 2022 22:13:32 GMT

GET
H3 200 wp-emoji-release.min.js Show response
ltoexam.com/wp-includes/js/ 18 KB
5 KB 447ms
447ms Script
application/javascript 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ltoexam.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 20 Jul 2021 23:24:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6NELa%2BYXy9gpoGTmAcD2grNZ9SSJvxjeepneAj5O605UNRTEn3eGfx3KVlew4aCnKxzX3ftWx7z1ylzWqIaZeQn43GUP2XnbNU6OW0vHSMXU5wxa7TuBoEdYV3x6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6cf2ee684ae24ed4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 24 Jan 2022 22:13:32 GMT

GET
H3 200 ltoexam_mlogo.png
ltoexam.com/wp-content/uploads/2015/07/ 47 KB
48 KB 731ms
731ms Image
image/png 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ltoexam.com/wp-content/uploads/2015/07/ltoexam_mlogo.png
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 339427ed0687dc310fccb5d3d8f003db7dbf4c0c483e1c3eeaf1f8c7bda14ab7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 48595
last-modified: Mon, 13 Jul 2015 16:23:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r3HgRDukTE8Bdfz8ql8fAN55XSZGTh%2Fn5yLahYzRUAMGrXFerZwvvCSeO8nlRTkMPJAA%2BBcDApZp03fsU1K0X7GbxH%2B8CVXbTbBpnapuNjxpe2OQocC0MR%2B3GSmbOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6cf2ee684ae34ed4-FRA
expires: Mon, 24 Jan 2022 22:13:32 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 46 KB
46 KB 170ms
84ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ltoexam.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 17:19:18 GMT
x-content-type-options: nosniff
age: 536053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 11 Jan 2023 17:19:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 138ms
52ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ltoexam.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 447299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 12 Jan 2023 17:58:32 GMT

GET
H/1.1 200
OK bidvertiser.dbm Show response
bdv.bidvertiser.com/ 0
328 B 455ms
155ms Script
text/javascript 54.241.51.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bdv.bidvertiser.com/bidvertiser.dbm?pid=20166&bid=1186827&RD=04667752016105&DIF=2
Requested by: Host: bdv.bidvertiser.com
URL: https://bdv.bidvertiser.com/bidvertiser.dbm?pid=20166&bid=1186827
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Len: 0
Date: Monday, 17-Jan-2022 22:13:31 GMT
Cache-Control: no-store
Last-Modified: Sunday, 17-Jan-2021 22:13:31 GMT
CONNECTION: Close
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK BidVertiser.dbm Show response
bdv.bidvertiser.com/ Frame B41F 5 KB
6 KB 453ms
156ms Document
text/html 54.241.51.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=20166&bid=1186827&RD=9037291577915&DIF=1&bd_ref_v=ltoexam.com&tref=1&win_name=null&docref=&jsrand=9037291577915&js1loc=-&loctitle=%20Philippine%20Driver%27s%20License%20Exam%20Reviewer
Requested by: Host: bdv.bidvertiser.com
URL: https://bdv.bidvertiser.com/bidvertiser.dbm?pid=20166&bid=1186827
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1f978496a2461719a0d0d4de9b241b68729f787a47cfa5cbcc6aee7522f5465e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/

Response headers

Date: Monday, 17-Jan-2022 22:13:31 GMT
Cache-Control: no-store
Last-Modified: Sunday, 17-Jan-2021 22:13:31 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/html; charset=utf-8
Content-Len: 5292
CONNECTION: Close

GET
H2 200 tb4 Show response
free.timeanddate.com/clock/i4r9k07r/n145/tlph/fn2/fs19/fc469bd1/tc222/pct/pa8/tt0/th2/ta1/ Frame 9055 3 KB
2 KB 53ms
15ms Document
text/html 151.101.129.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://free.timeanddate.com/clock/i4r9k07r/n145/tlph/fn2/fs19/fc469bd1/tc222/pct/pa8/tt0/th2/ta1/tb4
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0443cd9db5c9d8bd81097d10c87ee95f463c54d3962afbd592f9c5e59ea09df3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/

Response headers

content-encoding: gzip
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
content-type: text/html; charset=UTF-8
accept-ranges: bytes
date: Mon, 17 Jan 2022 22:13:31 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hhn4028-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1642457612.650974,VS0,VE8
vary: Accept-Encoding
content-length: 1904

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 34ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) /
Resource Hash: 75807a010dd395e2989544d4deed5bc3d8d36b11bed0a8ea310fcb43e8442183

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 22:13:31 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jan 2022 20:08:29 GMT
Server: ECS (frb/67C0)
Age: 1065
Etag: "b607db789ce85f01d2c97329a89acfde+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29153

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 69ms
41ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ltoexam.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:39:48 GMT
x-content-type-options: nosniff
age: 290023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 14 Jan 2023 13:39:48 GMT

GET
H3 200 dt-300x238.jpg
ltoexam.com/wp-content/uploads/2012/01/ 21 KB
22 KB 582ms
581ms Image
image/jpeg 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ltoexam.com/wp-content/uploads/2012/01/dt-300x238.jpg
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d625a59fddcd3f132879f9fc4ab96aad1cc4c66d75df51dfa72ef99c86ee88d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21555
last-modified: Sun, 18 Mar 2012 18:42:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1xWbbSA04xZ6HTYK9QaI5Ym99bCOopUuCGHBW8Y1yGQKU%2BBDIegv2dBFQp%2F1O%2B7vCti%2FYoNY9bRra9dt2ELmev9FKRCnerBAQAoQBCsf%2FrE%2B1%2FuJAtn79vQ9BuT7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6cf2ee68cbdd4ed4-FRA
expires: Mon, 24 Jan 2022 22:13:32 GMT

GET
H3 200 click_here.png
ltoexam.com/wp-content/uploads/2012/03/ 14 KB
15 KB 567ms
567ms Image
image/png 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ltoexam.com/wp-content/uploads/2012/03/click_here.png
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8e9aa7b18f0d861289e776e963f39fb0cf9d8b14db449e7116a0257dcec422

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14261
last-modified: Sun, 18 Mar 2012 14:58:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKIpicrtmLTcPKDF%2FbwQegMZJEr2PkBCfKd6J2QPxUO7kyQIP2KJ3%2Fd8Mxpjj5SKfl4cWKuWWM%2F7KENrSIr8JpQWNdEl2EprpjRw2sFQFEs64TX6AviyQP9%2FOvX0cA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6cf2ee68cbdf4ed4-FRA
expires: Mon, 24 Jan 2022 22:13:32 GMT

GET
H3 200 ltoexam_more_fun_ph.png
ltoexam.com/wp-content/uploads/2012/01/ 127 KB
127 KB 854ms
853ms Image
image/png 172.67.144.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ltoexam.com/wp-content/uploads/2012/01/ltoexam_more_fun_ph.png
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 714c5e665abae559d000256a814e653c48fe3a938662c02018bffe3d4f10c475

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 129854
last-modified: Mon, 08 Jul 2013 05:29:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ff%2F1erR007DWv21Q%2FAevc6mbaMlXSsj4Juf9ElQEYA1l9jifdzedK1jzwDgpkUiKjF9AsPnxB72tTgCad8Cz%2F%2F8uF6RQ7uRph9QPzUK7RqOCrQl6DD%2Fky4Pn5e0w6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6cf2ee68cbe44ed4-FRA
expires: Mon, 24 Jan 2022 22:13:32 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
464 B 184ms
173ms XHR
application/json 104.20.229.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=7774730&u1=C52DFC5BB6A44F3B8338FD79CB26546E&java=1&security=fe2139ca&sc_snum=1&sess=64aa6d&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//ltoexam.com/&t=Philippine%20Driver%27s%20License%20Exam%20Reviewer%20-%20LTOExam.com&invisible=1&sc_rum_e_s=1342&sc_rum_e_e=1350&sc_rum_f_s=0&sc_rum_f_e=1318&get_config=true
Requested by: Host: secure.statcounter.com
URL: https://secure.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6cf2ee68eb366951-FRA
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: https://ltoexam.com
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1776.020-3.025/ 177 KB
55 KB 37ms
37ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1776.020-3.025/ice.js
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f7e767057a468113b4c95065391f5a6ae48144c9e72d3bd6285ecb843936175

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6cf2ee68dc5e5c5c-FRA
date: Mon, 17 Jan 2022 22:13:31 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 14:33:45 GMT
server: cloudflare
age: 6278
etag: W/"2c41c-5d54f572f012c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Wed, 16 Feb 2022 20:28:53 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 27ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: ltoexam.com
URL: https://ltoexam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fc6a70a42a0396a31a99a7446ca0d021be329a2306842eee40e97a46c89e469d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: qVYe09cUBXhaJs3fPzlvtg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Mon, 17 Jan 2022 22:17:51 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: j7AKChnvwh+zMe2SKhisPiVPGXsgy97PE9wTx/3t/MiIr3Z15iXu0ad/ltn9Bk2wdhDQpLvI5Yie6vIwyyt6RQ==
x-fb-trip-id: 917726464
x-fb-content-md5: 236fbb6a77847505663532b5171d9f89
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 17 Jan 2022 22:13:31 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "3e2693afd057e34ef1d77ceb3a4064dd"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 ts.php Show response
free.timeanddate.com/ Frame 9055 20 B
118 B 17ms
16ms XHR
text/plain 151.101.129.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://free.timeanddate.com/ts.php?t=1642457611679
Requested by: Host: free.timeanddate.com
URL: https://free.timeanddate.com/clock/i4r9k07r/n145/tlph/fn2/fs19/fc469bd1/tc222/pct/pa8/tt0/th2/ta1/tb4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 62fa2db314a81a38fc201afaa2e6bf7cdca9d76311ce08246808e45504871210

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://free.timeanddate.com/clock/i4r9k07r/n145/tlph/fn2/fs19/fc469bd1/tc222/pct/pa8/tt0/th2/ta1/tb4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 22:13:31 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hhn4028-HHN
vary: Accept-Encoding
x-cache: MISS
content-type: text/plain;charset=UTF-8
content-encoding: gzip
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-timer: S1642457612.682462,VS0,VE6
content-length: 40
x-cache-hits: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 285 KB
80 KB 23ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=137bc1fe905c0deef9c4a294d95e664c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4fd2fcb53f3f9617f239fe457a7c06b97b0a66f80668d605ed7e7e28d02d2127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ltoexam.com/
Origin: https://ltoexam.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 342eGvmyayr3g4Z+cc5ETQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Tue, 17 Jan 2023 20:57:00 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82072
x-fb-rlafr: 0
x-fb-debug: 0rMsK8ERpN+wvep27069W0ABArE0youwlCoL35I/tNPWod2TzqZeyqjKPY0eSnkEOn7kBWZnGUAg1uVkdZWJ2Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 96b157393f264105bfa703fe8fce23bb
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 17 Jan 2022 22:13:31 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "3ff4f63800ffb75f514bf6382730d784"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame 51E7 9 KB
2 KB 164ms
163ms Document
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1776.020-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daff172c6c3c7393b56a05190a5f037a8e5c5f79638b46d0d69ea05bf242b38a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6cf2ee6ab8a85c5c-FRA
content-encoding: gzip

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
44 B 192ms
181ms Script
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1776.020-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:31 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 6cf2ee696dc05c5c-FRA
content-length: 0

GET
H2 200 gsd Show response
router.infolinks.com/ 337 B
533 B 191ms
181ms Script
text/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/gsd?evt=afterGSD&pid=437263&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F&jsv=1776.020-3.025&_cb=16424576117330
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1776.020-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b78d3cb9d87c1307fde0eea3797a6a2733b74712c5a6642c54a3ba063f6bbae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 22:13:31 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cache-control: max-age=0
cf-ray: 6cf2ee696dc35c5c-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 doq.htm Show response
rt3042.infolinks.com/action/ 2 KB
2 KB 305ms
275ms XHR
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3042.infolinks.com/action/doq.htm?pcode=utf-8&r=16424576119721
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1776.020-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad4a1afc4560cb593b040532d849d19cbd6883efcf74b8c9fee44a9e5d733805

Request headers

Referer: https://ltoexam.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
x-application-context: application:prod
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-language: de-DE
access-control-allow-origin: https://ltoexam.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
cf-ray: 6cf2ee6b0e1068f2-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.e37c957bd3ae00473b95800b99e19cff.html Show response
platform.twitter.com/widgets/ Frame A575 319 KB
103 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.e37c957bd3ae00473b95800b99e19cff.html?origin=https%3A%2F%2Fltoexam.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E2) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 436305
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 17 Jan 2022 22:13:32 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Tue, 11 Jan 2022 20:06:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67E2)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H3

200

/
www.facebook.com/login/ Frame 60E9
Redirect Chain

https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df142a02fd2e74d4%26d...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...

0
0

148ms
139ms

Document
text/html

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df142a02fd2e74d4%2526domain%253Dltoexam.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fltoexam.com%25252Ff383fb26271704c%2526relation%253Dparent.parent%26container_width%3D360%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLTOExam%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=137bc1fe905c0deef9c4a294d95e664c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: xo6cNOQY1oS191d/ZH8KkeH9HRAB+8+Kt+rOdrvcxLHBfYHcLheCcN3wz17xuWhZ+uC64qRFZVdJAxQovKrD1w==
date: Mon, 17 Jan 2022 22:13:32 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df142a02fd2e74d4%2526domain%253Dltoexam.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fltoexam.com%25252Ff383fb26271704c%2526relation%253Dparent.parent%26container_width%3D360%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLTOExam%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v5.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: M9v2l70MnQEVNbsvPa7ruemGpd92MYZn5MRU5XK/19/VV1HT89uByUtznHtRR3cCXhjLGVopRFjhySA+OO03lw==
content-length: 0
date: Mon, 17 Jan 2022 22:13:32 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H2 200 default.css
d2b9l3u54v5v39.cloudfront.net/css/ Frame B41F 1 KB
1 KB 36ms
7ms Stylesheet
text/css 2600:9000:2251:1000:c:95c2:e940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2b9l3u54v5v39.cloudfront.net/css/default.css
Requested by: Host: bdv.bidvertiser.com
URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=20166&bid=1186827&RD=9037291577915&DIF=1&bd_ref_v=ltoexam.com&tref=1&win_name=null&docref=&jsrand=9037291577915&js1loc=-&loctitle=%20Philippine%20Driver%27s%20License%20Exam%20Reviewer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1000:c:95c2:e940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 27306e4a14ab04d39e59d9d73d6fac0fca90bbab3da5d9358c0000b9119c90af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bdv.bidvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 04:36:13 GMT
content-encoding: gzip
last-modified: Mon, 21 Sep 2015 08:25:40 GMT
server: Microsoft-IIS/10.0
age: 63439
etag: "70d0ec1947f4d01:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 682
x-amz-cf-id: xuzLmSfc_AeL9eqAtTJSgD6_Baj5yhtMArP6J6vMk0weLsrblIEiCQ==

GET
H2 200 88x726.css
d2b9l3u54v5v39.cloudfront.net/css/ Frame B41F 3 KB
1 KB 37ms
8ms Stylesheet
text/css 2600:9000:2251:1000:c:95c2:e940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2b9l3u54v5v39.cloudfront.net/css/88x726.css?cbst=2
Requested by: Host: bdv.bidvertiser.com
URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=20166&bid=1186827&RD=9037291577915&DIF=1&bd_ref_v=ltoexam.com&tref=1&win_name=null&docref=&jsrand=9037291577915&js1loc=-&loctitle=%20Philippine%20Driver%27s%20License%20Exam%20Reviewer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1000:c:95c2:e940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 816427321da11d1632fac7711648e373bcbc01cf8b7b372d7b9178827906430a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bdv.bidvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 04:35:19 GMT
content-encoding: gzip
last-modified: Thu, 18 Jan 2018 16:19:40 GMT
server: Microsoft-IIS/10.0
age: 65703
etag: "8ae83247890d31:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 943
x-amz-cf-id: Ob2Nnq5B0MBr91g-m6GznoPI-jkuSyYhDtRG0k3YOkG79XlMHIeMyA==

GET
H2 200 bdv_fsthd.js Show response
d2b9l3u54v5v39.cloudfront.net/activejs/ Frame B41F 1 KB
1 KB 36ms
7ms Script
application/javascript 2600:9000:2251:1000:c:95c2:e940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2b9l3u54v5v39.cloudfront.net/activejs/bdv_fsthd.js
Requested by: Host: bdv.bidvertiser.com
URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=20166&bid=1186827&RD=9037291577915&DIF=1&bd_ref_v=ltoexam.com&tref=1&win_name=null&docref=&jsrand=9037291577915&js1loc=-&loctitle=%20Philippine%20Driver%27s%20License%20Exam%20Reviewer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1000:c:95c2:e940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 871bcbf1631eba9d4218fddb8dd96a075fdf33725e1ff991b345808c15c66617

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bdv.bidvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 02:31:12 GMT
via: 1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jan 2021 11:27:17 GMT
server: Microsoft-IIS/10.0
age: 70940
etag: "977ef3668ead61:0"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 1199
x-amz-cf-id: d8KY16LZrm3NKcaTVlRa9frHcrb9a7dEIP0f_J4JdCFb2222uN_ycA==

GET
H2 200 settings Show response
syndication.twitter.com/ Frame A575 232 B
448 B 140ms
113ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=25d8f8303feb0b6a8921c3a2d7f83ebf1580979e

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.e37c957bd3ae00473b95800b99e19cff.html?origin=https%3A%2F%2Fltoexam.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 106
date: Mon, 17 Jan 2022 22:13:31 GMT
content-encoding: gzip
last-modified: Mon, 17 Jan 2022 22:13:32 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 59fbf5654258a841c22c5e3009c9e1d99b9dc7fb9f739d118ba3bbc49202d631
content-length: 166

GET
H2 200 / Show response
de.tynt.com/deb/ Frame 97E8 75 B
289 B 327ms
107ms Document
text/html 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/

Response headers

cache-control: max-age=86400
expires: Tue, 18 Jan 2022 22:13:32 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Mon, 17 Jan 2022 22:13:31 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame AD3F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

2 KB
3 KB

21ms
20ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c4c8f27ef7432157421e2074b643eca9e7caf86f80d6db17e1681c201e77e8ff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|241|45|230|73|195|191|31
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Expires: Mon, 17 Jan 2022 22:13:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 17 Jan 2022 22:13:32 GMT
Content-Length: 1808
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 311
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 17 Jan 2022 22:13:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 17 Jan 2022 22:13:32 GMT
Connection: keep-alive

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame D781 2 KB
814 B 30ms
7ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2

200

pbm-usync
router.infolinks.com/dyn/ Frame 51E7
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Nzg0QzU3NTItMzNENC00QkMwLTgzODUtRTc0MDMyRUVEQzlC&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Nzg0QzU3NTItMzNENC00QkMwLTgzODUtRTc0MDMyRUVEQzlC&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D784C5752-33D4-4BC0-8385-E74032EEDC9B
https://router.infolinks.com/dyn/pbm-usync?uid=784C5752-33D4-4BC0-8385-E74032EEDC9B

0
167 B

146ms
146ms

Image
text/html

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/pbm-usync?uid=784C5752-33D4-4BC0-8385-E74032EEDC9B
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 22:13:32 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, private
cf-ray: 6cf2ee6edb635c5c-FRA
content-length: 0
expires: Sun, 17 Jan 2021 22:13:32 GMT

Redirect headers

location: https://router.infolinks.com/dyn/pbm-usync?uid=784C5752-33D4-4BC0-8385-E74032EEDC9B
date: Mon, 17 Jan 2022 22:13:31 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

apn-usync
router.infolinks.com/dyn/ Frame 51E7
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
https://router.infolinks.com/dyn/apn-usync?user_id=2397853370907302375

35 B
235 B

180ms
180ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/apn-usync?user_id=2397853370907302375
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 22:13:32 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6cf2ee6cadb75c5c-FRA
content-length: 35
expires: Sun, 17 Jan 2021 22:13:32 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 17 Jan 2022 22:13:32 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c53d3765-72dd-4ebc-890e-bd8c4cf62496
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://router.infolinks.com/dyn/apn-usync?user_id=2397853370907302375
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cm
u.openx.net/w/1.0/ Frame 51E7 43 B
305 B 58ms
20ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 22:13:32 GMT
content-encoding: gzip
server: OXGW/17.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

VR-usync
router.infolinks.com/dyn/ Frame 51E7
Redirect Chain

https://ups.analytics.yahoo.com/ups/58422/occ
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
https://router.infolinks.com/dyn/VR-usync?uid=y-ITXbFJNE2uGkeKmSLoec5TgaSgzbaT9n4LVQsRE-~A

35 B
265 B

143ms
143ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/VR-usync?uid=y-ITXbFJNE2uGkeKmSLoec5TgaSgzbaT9n4LVQsRE-~A
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 22:13:32 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6cf2ee6c5cfd5c5c-FRA
content-length: 35
expires: Sun, 17 Jan 2021 22:13:32 GMT

Redirect headers

location: https://router.infolinks.com/dyn/VR-usync?uid=y-ITXbFJNE2uGkeKmSLoec5TgaSgzbaT9n4LVQsRE-~A
date: Mon, 17 Jan 2022 22:13:32 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

r1-usync
router.infolinks.com/dyn/ Frame 51E7
Redirect Chain

https://sync.1rx.io/usersync2/infolinks
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8347891128
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8347891128
https://sync.1rx.io/usersync/tradedesk/498e318f-0081-4efd-85a1-8e3e7b1da618
https://sync.targeting.unrulymedia.com/csync/RX-b038f8e0-da20-41e9-ada3-5f3934edf5aa-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-b038f8e0-da20-41e9-ada3-5f3934edf5aa-003
https://router.infolinks.com/dyn/r1-usync?uid=RX-b038f8e0-da20-41e9-ada3-5f3934edf5aa-003

35 B
204 B

145ms
145ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/r1-usync?uid=RX-b038f8e0-da20-41e9-ada3-5f3934edf5aa-003
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 22:13:32 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6cf2ee6de8e85c5c-FRA
content-length: 35
expires: Sun, 17 Jan 2021 22:13:32 GMT

Redirect headers

location: https://router.infolinks.com/dyn/r1-usync?uid=RX-b038f8e0-da20-41e9-ada3-5f3934edf5aa-003
date: Mon, 17 Jan 2022 22:13:32 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXb038f8e0da2041e9ada35f3934edf5aa003
content-type: text/html

GET
H2

200

zmn-usync
router.infolinks.com/dyn/ Frame 51E7
Redirect Chain

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
https://router.infolinks.com/dyn/zmn-usync?uid=

35 B
90 B

118ms
117ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store
cf-ray: 6cf2ee6e8a7c5c5c-FRA
content-length: 35

Redirect headers

Location: https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma: no-cache
Date: Mon, 17 Jan 2022 22:13:32 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 70
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 51E7 0
478 B 72ms
16ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jan 2022 22:13:32 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame 51E7
Redirect Chain

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fltoexam.com%252F&pid=12306&adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fltoexam.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fltoexam.com%2F&pid=12306&adnxs_uid=8290647816966742529

95 B
944 B

126ms
28ms

Image
image/png

52.49.40.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?ref=https%3A%2F%2Fltoexam.com%2F&pid=12306&adnxs_uid=8290647816966742529

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F

Protocol

HTTP/1.1

Server

52.49.40.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-40-119.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 17 Jan 2022 22:13:32 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Mon, 17 Jan 2022 22:13:32 UTC

Redirect headers

Pragma: no-cache
Date: Mon, 17 Jan 2022 22:13:32 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3952a25b-d407-4311-8221-ef3dd354f95e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/ca.png?ref=https%3A%2F%2Fltoexam.com%2F&pid=12306&adnxs_uid=8290647816966742529
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 51E7 42 B
233 B 265ms
87ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jan 2022 22:13:32 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

imd-usync
router.infolinks.com/dyn/ Frame 51E7
Redirect Chain

https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
https://router.infolinks.com/dyn/imd-usync?user_id=7284890d-e8f1-4477-b9c5-009837409d87&partner_id=1531

35 B
201 B

121ms
121ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/imd-usync?user_id=7284890d-e8f1-4477-b9c5-009837409d87&partner_id=1531
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 22:13:32 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6cf2ee6cde4a5c5c-FRA
content-length: 35
expires: Sun, 17 Jan 2021 22:13:32 GMT

Redirect headers

location: https://router.infolinks.com/dyn/imd-usync?user_id=7284890d-e8f1-4477-b9c5-009837409d87&partner_id=1531
date: Mon, 17 Jan 2022 22:13:32 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

outh-usync
router.infolinks.com/dyn/ Frame 51E7
Redirect Chain

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb4dd0337-77e2-11ec-94db-0221d7e25822
https://router.infolinks.com/dyn/outh-usync?uid=y-aGjO1WNE2uHxiJ.qt2k_voLYFSBol4yl~A~UPb4dd0337-77e2-11ec-94db-0221d7e25822

35 B
234 B

137ms
137ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/outh-usync?uid=y-aGjO1WNE2uHxiJ.qt2k_voLYFSBol4yl~A~UPb4dd0337-77e2-11ec-94db-0221d7e25822
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 22:13:32 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6cf2ee6cbde15c5c-FRA
content-length: 35
expires: Sun, 17 Jan 2021 22:13:32 GMT

Redirect headers

location: https://router.infolinks.com/dyn/outh-usync?uid=y-aGjO1WNE2uHxiJ.qt2k_voLYFSBol4yl~A~UPb4dd0337-77e2-11ec-94db-0221d7e25822
date: Mon, 17 Jan 2022 22:13:32 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK usersync
match.bnmla.com/ Frame 51E7 0
114 B 286ms
91ms Image
text/plain 38.27.122.158
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.158 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 22:13:32 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

sovrn-usync
router.infolinks.com/dyn/ Frame 51E7
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
https://router.infolinks.com/dyn/sovrn-usync?uid=61887da0081525ca2dd7f055

35 B
193 B

180ms
179ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sovrn-usync?uid=61887da0081525ca2dd7f055
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 22:13:32 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6cf2ee6e6a335c5c-FRA
content-length: 35
expires: Sun, 17 Jan 2021 22:13:32 GMT

Redirect headers

Date: Mon, 17 Jan 2022 22:13:32 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://router.infolinks.com/dyn/sovrn-usync?uid=61887da0081525ca2dd7f055
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

usersync
router.infolinks.com/dyn/ Frame 51E7
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D784C5752-33D4-4BC0-8385-E74032EEDC9B
https://router.infolinks.com/dyn/usersync?pmuservalue=784C5752-33D4-4BC0-8385-E74032EEDC9B

0
157 B

131ms
130ms

Image
text/plain

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/usersync?pmuservalue=784C5752-33D4-4BC0-8385-E74032EEDC9B
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
cache-control: no-store
cf-ray: 6cf2ee6e19615c5c-FRA
content-length: 0

Redirect headers

location: https://router.infolinks.com/dyn/usersync?pmuservalue=784C5752-33D4-4BC0-8385-E74032EEDC9B
date: Mon, 17 Jan 2022 22:13:31 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

zeta-usync
router.infolinks.com/dyn/ Frame 51E7
Redirect Chain

https://p.rfihub.com/cm?pub=43153&in=1
https://router.infolinks.com/dyn/zeta-usync?uid=5107433822390592981

35 B
242 B

143ms
143ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zeta-usync?uid=5107433822390592981
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 22:13:32 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6cf2ee6e197f5c5c-FRA
content-length: 35
expires: Sun, 17 Jan 2021 22:13:32 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zeta-usync?uid=5107433822390592981
Date: Mon, 17 Jan 2022 22:13:32 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 51E7 0
72 B 327ms
103ms Image
text/plain 67.202.105.24
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-105.static.steadfastdns.net
Software: 33XP004 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-33x-status: 2000208
date: Mon, 17 Jan 2022 22:13:31 GMT
server: 33XP004

GET
H2 200 iq-usync
router.infolinks.com/dyn/ Frame 51E7 0
67 B 124ms
124ms Image
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/iq-usync
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/usync/manage?pid=437263&wsid=0&pdom=ltoexam.com&purl=https%3A%2F%2Fltoexam.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 6cf2ee6d8ff95c5c-FRA
content-length: 0

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame AD3F 70 B
264 B 92ms
35ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 22:13:32 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame AD3F
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeXqDLgyUCFXWLl0EsHs8gAABGYAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeXqDLgyUCFXWLl0EsHs8gAABGYAAAAB&dcc=t

43 B
645 B

103ms
102ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeXqDLgyUCFXWLl0EsHs8gAABGYAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Protocol

HTTP/1.1

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jan 2022 22:13:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 2BKGTPD92GECJ9V2BECX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 17 Jan 2022 22:13:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZP7XA9ABF8XP70BF68CE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeXqDLgyUCFXWLl0EsHs8gAABGYAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame AD3F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YeXqDLgyUCFXWLl0EsHs8gAA
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YeXqDLgyUCFXWLl0EsHs8gAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGiRyID52pK3ef3ZfsmA_jI&google_cver=1&gdpr=1

43 B
1001 B

14ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGiRyID52pK3ef3ZfsmA_jI&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jan 2022 22:13:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 17 Jan 2022 22:13:32 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Jan 2022 22:13:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGiRyID52pK3ef3ZfsmA_jI&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame AD3F 170 B
243 B 137ms
49ms Image
image/png 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YeXqDLgyUCFXWLl0EsHs8gAABGYAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 22:13:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 YeXqDLgyUCFXWLl0EsHs8gAABGYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame AD3F 43 B
875 B 107ms
33ms Image
image/gif 2a05:d018:d29:3605:7ea4:f1cc:2176:cd9d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YeXqDLgyUCFXWLl0EsHs8gAABGYAAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:7ea4:f1cc:2176:cd9d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame AD3F
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-50e5b92c-df72-4f73-a27a-8e42864accbc

43 B
1 KB

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-50e5b92c-df72-4f73-a27a-8e42864accbc
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jan 2022 22:13:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 17 Jan 2022 22:13:32 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-50e5b92c-df72-4f73-a27a-8e42864accbc
date: Mon, 17 Jan 2022 22:13:32 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2 200 index
dmp.brand-display.com/cm/api/ Frame AD3F 43 B
261 B 518ms
170ms Image
image/gif 54.71.47.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.71.47.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-71-47-92.us-west-2.compute.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 22:13:32 GMT
last-modified: Mon, 17 Jan 2022 22:13:32 GMT
server: nginx/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 17 Jan 2022 22:13:33 GMT

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame AD3F
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6957440121022534310&uid=Q6957440121022534310&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

13ms
13ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 22:13:32 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Mon, 17 Jan 2022 22:13:32 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 ix-usync
router.infolinks.com/dyn/ Frame AD3F 35 B
197 B 186ms
184ms Image
image/gif 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/ix-usync?uid=YeXqDLgyUCFXWLl0EsHs8gAA%261126
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 22:13:32 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6cf2ee6c5cf65c5c-FRA
content-length: 35
expires: Sun, 17 Jan 2021 22:13:32 GMT

GET
H/1.1 200
OK moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js Show response
platform.twitter.com/js/ 25 KB
8 KB 8ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6738) /
Resource Hash: 48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 22:13:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jan 2022 20:06:46 GMT
Server: ECS (frb/6738)
Age: 436305
Etag: "3123bdaf11a1d77bcf1836091c9b4631+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 8012

GET
H/1.1 200
OK timeline.34cf38a85ac899f1d6a0438a1659decc.js Show response
platform.twitter.com/js/ 20 KB
7 KB 17ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.34cf38a85ac899f1d6a0438a1659decc.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) /
Resource Hash: 8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 22:13:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jan 2022 20:06:46 GMT
Server: ECS (frb/67C0)
Age: 436304
Etag: "0a27acfd1028aaadad57ff8929bf7266+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6444

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 129 KB
10 KB 93ms
18ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_LTOExam_old&dnt=true&domain=ltoexam.com&lang=en&screen_name=LTOExam&suppress_response_codes=true&t=1824952&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D53) /

Resource Hash

77a561eb3f57cd0d2a7e02ffbd7bd122ef2bf650d4e0e577f7c4fed03412d908

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170
x-cache: HIT
content-disposition: attachment; filename=jsonp.jsonp
access-control-allow-methods: GET
vary: Accept-Encoding
content-length: 9873
x-xss-protection: 0
x-response-time: 169
last-modified: Mon, 17 Jan 2022 22:10:42 GMT
server: ECS (lcy/1D53)
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
expires: Mon, 17 Jan 2022 22:18:32 GMT
cache-control: must-revalidate, max-age=300
x-connection-hash: 5a7e6550afc2299612f23504265667bc1db8eeb7aec32ab82c5e8083ac10945a
accept-ranges: bytes
timing-allow-origin: *
x-transaction: 89b245c04b0d7bc4
access-contol-allow-origin: platform.twitter.com

GET
H2 200 in_search.js Show response
resources.infolinks.com/js/1776.020-3.025/ 123 KB
46 KB 22ms
21ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1776.020-3.025/in_search.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1776.020-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0ed4b80efbb81a92a82a727735aa23cd0e64ba7f8fe99507b31154f3042b9ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6cf2ee6cde4c5c5c-FRA
date: Mon, 17 Jan 2022 22:13:32 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 14:33:45 GMT
server: cloudflare
age: 6214
etag: W/"1eb61-5d54f572efd44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Wed, 16 Feb 2022 20:29:58 GMT

GET
H2 200 bubble.js Show response
resources.infolinks.com/js/1776.020-3.025/ 156 KB
47 KB 33ms
32ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1776.020-3.025/bubble.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1776.020-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2093eeb7c8703b51436f09e47b6c107f5dd5068fee50a9ece8dc2f757793ddeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6cf2ee6cde4d5c5c-FRA
date: Mon, 17 Jan 2022 22:13:32 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 14:33:45 GMT
server: cloudflare
age: 6266
etag: W/"27044-5d54f572ef95c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Wed, 16 Feb 2022 20:29:06 GMT

GET
H2 200 getads.htm Show response
rt3042.infolinks.com/action/ 2 KB
681 B 524ms
523ms Script
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3042.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22home%22%2C%22scs%22%3A%22VgX8Ko825W%22%7D%5D&rid=2bde0c48-79fe-41fd-ac06-83347dd07b00&jsv=1776.020-3.025&sr=1600X1200&rts=1642457612330&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=97.0.4692.71&dv=p&ce=t&purl=https%3A%2F%2Fltoexam.com%2F&tzo=-0000&c=c&strg=true&rsd=d1F4vI3py-iRugWv-5sb27Z4a_NmpUJVJpigvgtm0QjG7C1B-diTsue5fY5hsai8JPK5z2vBGkWq9B84eFkAAm-MpaulUeDJJ4JwkfIAhBpoZVcjUYFUo1WyD4XNoPIGq1TP4WbPU2deDCIjs4eYxI69ttIHMmgc&rsk=37&rcs=ktgAzvuwAbGeoMD4KagZwQ&hbnr=false
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1776.020-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36ca149f1763de196094e45f2736fe27d843a82d77ef9f43e0f0d63158fb308f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 22:13:32 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language: de-DE
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 6cf2ee6d1ed25c5c-FRA
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 in_text.js Show response
resources.infolinks.com/js/1776.020-3.025/ 10 KB
4 KB 28ms
27ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1776.020-3.025/in_text.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1776.020-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10000e50858213f4e33be0c6e50ffac69e77fe180e9aa08d4aa241273506bb91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6cf2ee6d2eee5c5c-FRA
date: Mon, 17 Jan 2022 22:13:32 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 14:33:45 GMT
server: cloudflare
age: 5715
etag: W/"29f5-5d54f572f08fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Wed, 16 Feb 2022 20:38:17 GMT

GET
H2 200 intag_incontent.js Show response
resources.infolinks.com/js/1776.020-3.025/ 173 KB
35 KB 31ms
30ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1776.020-3.025/intag_incontent.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1776.020-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 667d0547d8f8567828193f76f5fbd55bbb4244351313a8a8f3d85d171d1af49f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6cf2ee6d2eef5c5c-FRA
date: Mon, 17 Jan 2022 22:13:32 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 14:33:45 GMT
server: cloudflare
age: 6157
etag: W/"2b399-5d54f572f14b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Wed, 16 Feb 2022 20:30:55 GMT

GET
H2 200 Di8VSY1k
pbs.twimg.com/card_img/1481896488082939907/ Frame 73DF 10 KB
10 KB 23ms
16ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1481896488082939907/Di8VSY1k?format=jpg&name=144x144_2

Requested by

Host: ltoexam.com
URL: https://ltoexam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C1) /

Resource Hash

bfe68907b93407f84da520467be0dac328a163cca560e6939504a11c2d47ed03

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
x-content-type-options: nosniff
age: 299899
x-cache: HIT
content-length: 9880
x-response-time: 127
surrogate-key: card_img card_img/bucket/2 card_img/1481896488082939907
last-modified: Fri, 14 Jan 2022 07:48:29 GMT
server: ECS (frb/67C1)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 73b6e2203ac66761e06797393241a83b88abcccf32921aa30188354d574dde67
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 263a.png
abs.twimg.com/emoji/v2/72x72/ Frame 73DF 836 B
1 KB 58ms
13ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/263a.png

Requested by

Host: ltoexam.com
URL: https://ltoexam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F20) /

Resource Hash

6ba62723e34df401cdd78478b350203278f197b7f54aae7efe77a59731a5ce23

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
x-content-type-options: nosniff
age: 14978731
x-ton-expected-size: 836
x-cache: HIT
content-length: 836
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:42 GMT
server: ECAcc (frc/8F20)
etag: "4jKrwS3zq8ZFfkbqk+5yRg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 5a4a20617974f6f345dfefd7f17737d556e0206684beaf7dfe19bc0a55efa151
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 17 Jan 2023 22:13:32 GMT

GET
H2 200 26Jq_Csh
pbs.twimg.com/card_img/1481915612398239747/ Frame 73DF 44 KB
44 KB 14ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1481915612398239747/26Jq_Csh?format=png&name=144x144_2

Requested by

Host: ltoexam.com
URL: https://ltoexam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6795) /

Resource Hash

71923ae84a8f67cd56a66b036775826eb09e1d7d0d288c4ad5f20e49da69eef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
x-content-type-options: nosniff
age: 299899
x-cache: HIT
content-length: 44681
x-response-time: 234
surrogate-key: card_img card_img/bucket/6 card_img/1481915612398239747
last-modified: Fri, 14 Jan 2022 09:04:29 GMT
server: ECS (frb/6795)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b61822d6ad3ce5d4012816664a721c69f0c9ec46e55d750bdd25199e6b4a132b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1-FUh3fs
pbs.twimg.com/card_img/1481169283959123968/ Frame 73DF 8 KB
8 KB 13ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1481169283959123968/1-FUh3fs?format=jpg&name=144x144_2

Requested by

Host: ltoexam.com
URL: https://ltoexam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6772) /

Resource Hash

cdb248537d33e4280742b7a14eb911d1cab4a6ef9817f0dc06cef15a8d6670a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
x-content-type-options: nosniff
age: 471028
x-cache: HIT
content-length: 7907
x-response-time: 126
surrogate-key: card_img card_img/bucket/3 card_img/1481169283959123968
last-modified: Wed, 12 Jan 2022 07:38:50 GMT
server: ECS (frb/6772)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 44948e0e077d834cbf01a3a11349d2ae6e7bdf9857dfed04a4968349e272ceb1
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 7WKLXP6t
pbs.twimg.com/card_img/1481231026466996229/ Frame 73DF 7 KB
7 KB 14ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1481231026466996229/7WKLXP6t?format=jpg&name=144x144_2

Requested by

Host: ltoexam.com
URL: https://ltoexam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668C) /

Resource Hash

df44c84c3b7a66eae23dcb0852caf05e054082da17162c219b7999a711ea647d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
x-content-type-options: nosniff
age: 462890
x-cache: HIT
content-length: 6836
x-response-time: 130
surrogate-key: card_img card_img/bucket/7 card_img/1481231026466996229
last-modified: Wed, 12 Jan 2022 11:44:11 GMT
server: ECS (frb/668C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0c508c564d85a6920e798771ed782248a1f25001a12aa3705bce5e8c7b876d8e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame 73DF 53 KB
12 KB 7ms
7ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 22:13:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jan 2022 20:06:44 GMT
Server: ECS (frb/6796)
Age: 436305
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 8ms
8ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 22:13:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jan 2022 20:06:44 GMT
Server: ECS (frb/6796)
Age: 436305
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H2 200 loader.gif
resources.infolinks.com/static/skins/ 962 B
1 KB 27ms
26ms Image
image/gif 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.infolinks.com/static/skins/loader.gif
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b8ee13d35110d7006bc5c5147ee0a0c6c3e1f26b2f246b8d5e57edf4f6b97b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
via: 1.1 google
cf-cache-status: HIT
age: 6290
cf-polished: origSize=1631, status=webp_bigger
content-length: 962
last-modified: Mon, 14 Nov 2016 12:31:03 GMT
server: cloudflare
etag: "65f-54142035d0066"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
expires: Wed, 16 Feb 2022 20:28:42 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6cf2ee6d88005c5c-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 loader-bg.png
resources.infolinks.com/static/skins/ 902 B
1 KB 24ms
23ms Image
image/webp 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.infolinks.com/static/skins/loader-bg.png
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ddb995fe37710a4be439e4e3f45016cd7b7ecfa3423a29e4f4f4dcce63efff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
via: 1.1 google
cf-cache-status: HIT
age: 9608
cf-polished: origFmt=png, origSize=1488
content-disposition: inline; filename="loader-bg.webp"
content-length: 902
last-modified: Mon, 14 Nov 2016 12:31:03 GMT
server: cloudflare
etag: "5d0-541420359b4a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 16 Feb 2022 19:33:24 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6cf2ee6d88065c5c-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Di8VSY1k
pbs.twimg.com/card_img/1481896488082939907/ Frame 73DF 10 KB
10 KB 18ms
17ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1481896488082939907/Di8VSY1k?format=jpg&name=144x144_2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C1) /

Resource Hash

bfe68907b93407f84da520467be0dac328a163cca560e6939504a11c2d47ed03

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
x-content-type-options: nosniff
age: 299899
x-cache: HIT
content-length: 9880
x-response-time: 127
surrogate-key: card_img card_img/bucket/2 card_img/1481896488082939907
last-modified: Fri, 14 Jan 2022 07:48:29 GMT
server: ECS (frb/67C1)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 73b6e2203ac66761e06797393241a83b88abcccf32921aa30188354d574dde67
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 26Jq_Csh
pbs.twimg.com/card_img/1481915612398239747/ Frame 73DF 44 KB
44 KB 8ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1481915612398239747/26Jq_Csh?format=png&name=144x144_2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6795) /

Resource Hash

71923ae84a8f67cd56a66b036775826eb09e1d7d0d288c4ad5f20e49da69eef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
x-content-type-options: nosniff
age: 299899
x-cache: HIT
content-length: 44681
x-response-time: 234
surrogate-key: card_img card_img/bucket/6 card_img/1481915612398239747
last-modified: Fri, 14 Jan 2022 09:04:29 GMT
server: ECS (frb/6795)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b61822d6ad3ce5d4012816664a721c69f0c9ec46e55d750bdd25199e6b4a132b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1-FUh3fs
pbs.twimg.com/card_img/1481169283959123968/ Frame 73DF 8 KB
8 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1481169283959123968/1-FUh3fs?format=jpg&name=144x144_2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6772) /

Resource Hash

cdb248537d33e4280742b7a14eb911d1cab4a6ef9817f0dc06cef15a8d6670a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
x-content-type-options: nosniff
age: 471028
x-cache: HIT
content-length: 7907
x-response-time: 126
surrogate-key: card_img card_img/bucket/3 card_img/1481169283959123968
last-modified: Wed, 12 Jan 2022 07:38:50 GMT
server: ECS (frb/6772)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 44948e0e077d834cbf01a3a11349d2ae6e7bdf9857dfed04a4968349e272ceb1
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 7WKLXP6t
pbs.twimg.com/card_img/1481231026466996229/ Frame 73DF 7 KB
7 KB 14ms
14ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1481231026466996229/7WKLXP6t?format=jpg&name=144x144_2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668C) /

Resource Hash

df44c84c3b7a66eae23dcb0852caf05e054082da17162c219b7999a711ea647d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
x-content-type-options: nosniff
age: 462890
x-cache: HIT
content-length: 6836
x-response-time: 130
surrogate-key: card_img card_img/bucket/7 card_img/1481231026466996229
last-modified: Wed, 12 Jan 2022 11:44:11 GMT
server: ECS (frb/668C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0c508c564d85a6920e798771ed782248a1f25001a12aa3705bce5e8c7b876d8e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 twtr_normal.png
pbs.twimg.com/profile_images/2064282180/ Frame 73DF 15 KB
15 KB 14ms
14ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/2064282180/twtr_normal.png

Requested by

Host: ltoexam.com
URL: https://ltoexam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D4) /

Resource Hash

05e4cacc737b3ea3eec6f20ef542709c2ce620468e75be99924a94d141ad5e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
x-content-type-options: nosniff
age: 378314
x-cache: HIT
content-length: 15090
x-response-time: 109
surrogate-key: profile_images profile_images/bucket/9 profile_images/2064282180
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
server: ECS (frb/67D4)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c7fe13e41a685a3fae79384b2f44782d404260d9c1d8b8e2e524030b6f906d19
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 XvlWU9Ok_normal.jpg
pbs.twimg.com/profile_images/1252287593955246088/ Frame 73DF 2 KB
2 KB 17ms
16ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1252287593955246088/XvlWU9Ok_normal.jpg

Requested by

Host: ltoexam.com
URL: https://ltoexam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6725) /

Resource Hash

be0b426b3df48c4b4127546e2d556855cf18966daec312af3d41b928d63b5aef

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
x-content-type-options: nosniff
age: 216294
x-cache: HIT
content-length: 2263
x-response-time: 108
surrogate-key: profile_images profile_images/bucket/7 profile_images/1252287593955246088
last-modified: Mon, 20 Apr 2020 17:24:43 GMT
server: ECS (frb/6725)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4bf35eae8ef32334dc5f4c4cbe381bbb1af670d9e13586429aa2d06f5a12645b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 CprMMc6VMAE5WYE
pbs.twimg.com/media/ Frame 73DF 37 KB
37 KB 11ms
10ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/CprMMc6VMAE5WYE?format=png&name=360x360

Requested by

Host: ltoexam.com
URL: https://ltoexam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BA) /

Resource Hash

c382e8b2c51212d4388300f60edea8990e5b212a75845ba1df24e10c91e8d540

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
x-content-type-options: nosniff
age: 123306
x-cache: HIT
content-length: 37581
x-response-time: 408
surrogate-key: media media/bucket/8 media/764147601084067841
last-modified: Fri, 12 Aug 2016 17:10:39 GMT
server: ECS (frb/67BA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d9785e5f4e0b83d5fb8584b1602d2f812cd8786712ab2e2a3f51fa64dccab00b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Bs9pgjMCQAEVVFn
pbs.twimg.com/media/ Frame 73DF 23 KB
24 KB 13ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Bs9pgjMCQAEVVFn?format=jpg&name=360x360

Requested by

Host: ltoexam.com
URL: https://ltoexam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BD) /

Resource Hash

dd7c31e47a94dfd92c188c43c4135bdc5947470790761931398a391dc243d682

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
x-content-type-options: nosniff
age: 123305
x-cache: HIT
content-length: 24018
x-response-time: 310
surrogate-key: media media/bucket/0 media/490726892329123841
last-modified: Sun, 20 Jul 2014 05:14:23 GMT
server: ECS (frb/67BD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6ffb1580beda24de5db96a18fe75323cf1570d91a94e11b976c9fe99ac91b61c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 getads.htm Show response
rt3042.infolinks.com/action/ 2 KB
655 B 551ms
550ms Script
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3042.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22IL_IN_ARTICLE0%22%2C%22bdc%22%3A2%2C%22prod_t%22%3A%22a%22%2C%22miw%22%3A5%2C%22maw%22%3A756%2C%22mih%22%3A12%2C%22mah%22%3A2400%2C%22capara%22%3A%22%7B%5C%22successfulAlgo%5C%22%3A%5C%22aapalgo%5C%22%2C%5C%22top%5C%22%3A696%2C%5C%22left%5C%22%3A230%2C%5C%22isAboveFold%5C%22%3A100%7D%22%2C%22sdata%22%3A%22free%22%2C%22scs%22%3A%22GMJP8aHmUr%22%7D%5D&rid=2bde0c48-79fe-41fd-ac06-83347dd07b00&jsv=1776.020-3.025&sr=1600X1200&rts=1642457612453&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=97.0.4692.71&dv=p&ce=t&purl=https%3A%2F%2Fltoexam.com%2F&tzo=-0000&c=c&strg=true&rsd=d1F4vI3py-iRugWv-5sb27Z4a_NmpUJVJpigvgtm0QjG7C1B-diTsue5fY5hsai8JPK5z2vBGkWq9B84eFkAAm-MpaulUeDJJ4JwkfIAhBpoZVcjUYFUo1WyD4XNoPIGq1TP4WbPU2deDCIjs4eYxI69ttIHMmgc&rsk=37&rcs=ktgAzvuwAbGeoMD4KagZwQ&hbnr=false
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1776.020-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 534738635c8ba8fa5bda843164f1e5e82cf04a7d8aa4bfae758f9581f4cd31ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 22:13:32 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language: de-DE
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 6cf2ee6dd8c95c5c-FRA
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 getads.htm Show response
rt3042.infolinks.com/action/ 2 KB
661 B 961ms
960ms Script
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3042.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22IL_IN_ARTICLE1%22%2C%22bdc%22%3A3%2C%22prod_t%22%3A%22a%22%2C%22miw%22%3A5%2C%22maw%22%3A756%2C%22mih%22%3A12%2C%22mah%22%3A2400%2C%22capara%22%3A%22%7B%5C%22successfulAlgo%5C%22%3A%5C%22aapalgo%5C%22%2C%5C%22top%5C%22%3A774%2C%5C%22left%5C%22%3A230%2C%5C%22isAboveFold%5C%22%3A100%7D%22%2C%22sdata%22%3A%22advertises%22%2C%22scs%22%3A%22EP36HxiITX%22%7D%5D&rid=2bde0c48-79fe-41fd-ac06-83347dd07b00&jsv=1776.020-3.025&sr=1600X1200&rts=1642457612454&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=97.0.4692.71&dv=p&ce=t&purl=https%3A%2F%2Fltoexam.com%2F&tzo=-0000&c=c&strg=true&rsd=d1F4vI3py-iRugWv-5sb27Z4a_NmpUJVJpigvgtm0QjG7C1B-diTsue5fY5hsai8JPK5z2vBGkWq9B84eFkAAm-MpaulUeDJJ4JwkfIAhBpoZVcjUYFUo1WyD4XNoPIGq1TP4WbPU2deDCIjs4eYxI69ttIHMmgc&rsk=37&rcs=ktgAzvuwAbGeoMD4KagZwQ&hbnr=false
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1776.020-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa9e1a5c1d25d94fce35f555fc1bf1015886522723a9049669323872034cf098

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 22:13:33 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language: de-DE
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 6cf2ee6dd8cb5c5c-FRA
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dcl.htm Show response
rt3042.infolinks.com/action/ 0
121 B 191ms
190ms Script
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3042.infolinks.com/action/dcl.htm?rid=2bde0c48-79fe-41fd-ac06-83347dd07b00&jsv=1776.020-3.025&capara=%7B%22mode%22%3A%22default%22%2C%22markers%22%3A2%7D
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1776.020-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 22:13:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 6cf2ee6dd8d05c5c-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 73DF 44 KB
7 KB 46ms
16ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381142
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 7
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 308668ede52f3a10e5eb48c6beb9fcf781331fd43aa694c0506adc1858d89e42
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Mon, 24 Jan 2022 22:13:32 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 48ms
18ms Image
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381142
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 7
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 308668ede52f3a10e5eb48c6beb9fcf781331fd43aa694c0506adc1858d89e42
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Mon, 24 Jan 2022 22:13:32 GMT

GET
DATA 200
OK truncated
/ Frame 73DF 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 73DF 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 73DF 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 73DF 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 73DF 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Di8VSY1k
pbs.twimg.com/card_img/1481896488082939907/ Frame 73DF 10 KB
10 KB 9ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1481896488082939907/Di8VSY1k?format=jpg&name=144x144_2

Requested by

Host: ltoexam.com
URL: https://ltoexam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C1) /

Resource Hash

bfe68907b93407f84da520467be0dac328a163cca560e6939504a11c2d47ed03

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
x-content-type-options: nosniff
age: 299899
x-cache: HIT
content-length: 9880
x-response-time: 127
surrogate-key: card_img card_img/bucket/2 card_img/1481896488082939907
last-modified: Fri, 14 Jan 2022 07:48:29 GMT
server: ECS (frb/67C1)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 73b6e2203ac66761e06797393241a83b88abcccf32921aa30188354d574dde67
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 news_stroke_v1_78ce5b21fb24a7c7e528d22fc25bd9f9df7f24e2.svg
ton.twimg.com/tfw/assets/ Frame 73DF 829 B
549 B 9ms
9ms Image
image/svg+xml 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/assets/news_stroke_v1_78ce5b21fb24a7c7e528d22fc25bd9f9df7f24e2.svg

Requested by

Host: ton.twimg.com
URL: https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F54) /

Resource Hash

5c0f79d0286f1fd3db48e1b689358017b302c0f4babde540329e8c644cf119c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 499394
x-ton-expected-size: 829
x-cache: HIT
vary: Accept-Encoding
content-length: 395
x-response-time: 7
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8F54)
etag: "CTUg6L9PuY+d9h5xpE0zmw=="
strict-transport-security: max-age=631138519
content-type: image/svg+xml
access-control-allow-origin: *
x-connection-hash: 4403c4238051467574cbc613ec5725e68d1895771ead8ad0dec297ca4801a381
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Mon, 24 Jan 2022 22:13:32 GMT

GET
H2 200 26Jq_Csh
pbs.twimg.com/card_img/1481915612398239747/ Frame 73DF 44 KB
44 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1481915612398239747/26Jq_Csh?format=png&name=144x144_2

Requested by

Host: ltoexam.com
URL: https://ltoexam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6795) /

Resource Hash

71923ae84a8f67cd56a66b036775826eb09e1d7d0d288c4ad5f20e49da69eef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
x-content-type-options: nosniff
age: 299899
x-cache: HIT
content-length: 44681
x-response-time: 234
surrogate-key: card_img card_img/bucket/6 card_img/1481915612398239747
last-modified: Fri, 14 Jan 2022 09:04:29 GMT
server: ECS (frb/6795)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b61822d6ad3ce5d4012816664a721c69f0c9ec46e55d750bdd25199e6b4a132b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1-FUh3fs
pbs.twimg.com/card_img/1481169283959123968/ Frame 73DF 8 KB
8 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1481169283959123968/1-FUh3fs?format=jpg&name=144x144_2

Requested by

Host: ltoexam.com
URL: https://ltoexam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6772) /

Resource Hash

cdb248537d33e4280742b7a14eb911d1cab4a6ef9817f0dc06cef15a8d6670a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
x-content-type-options: nosniff
age: 471028
x-cache: HIT
content-length: 7907
x-response-time: 126
surrogate-key: card_img card_img/bucket/3 card_img/1481169283959123968
last-modified: Wed, 12 Jan 2022 07:38:50 GMT
server: ECS (frb/6772)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 44948e0e077d834cbf01a3a11349d2ae6e7bdf9857dfed04a4968349e272ceb1
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 7WKLXP6t
pbs.twimg.com/card_img/1481231026466996229/ Frame 73DF 7 KB
7 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1481231026466996229/7WKLXP6t?format=jpg&name=144x144_2

Requested by

Host: ltoexam.com
URL: https://ltoexam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668C) /

Resource Hash

df44c84c3b7a66eae23dcb0852caf05e054082da17162c219b7999a711ea647d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
x-content-type-options: nosniff
age: 462890
x-cache: HIT
content-length: 6836
x-response-time: 130
surrogate-key: card_img card_img/bucket/7 card_img/1481231026466996229
last-modified: Wed, 12 Jan 2022 11:44:11 GMT
server: ECS (frb/668C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0c508c564d85a6920e798771ed782248a1f25001a12aa3705bce5e8c7b876d8e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 26Jq_Csh
pbs.twimg.com/card_img/1481915612398239747/ Frame 73DF 44 KB
44 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1481915612398239747/26Jq_Csh?format=png&name=144x144_2

Requested by

Host: ltoexam.com
URL: https://ltoexam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6795) /

Resource Hash

71923ae84a8f67cd56a66b036775826eb09e1d7d0d288c4ad5f20e49da69eef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
x-content-type-options: nosniff
age: 299899
x-cache: HIT
content-length: 44681
x-response-time: 234
surrogate-key: card_img card_img/bucket/6 card_img/1481915612398239747
last-modified: Fri, 14 Jan 2022 09:04:29 GMT
server: ECS (frb/6795)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b61822d6ad3ce5d4012816664a721c69f0c9ec46e55d750bdd25199e6b4a132b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 26Jq_Csh
pbs.twimg.com/card_img/1481915612398239747/ Frame 73DF 44 KB
44 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1481915612398239747/26Jq_Csh?format=png&name=144x144_2

Requested by

Host: ltoexam.com
URL: https://ltoexam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6795) /

Resource Hash

71923ae84a8f67cd56a66b036775826eb09e1d7d0d288c4ad5f20e49da69eef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:32 GMT
x-content-type-options: nosniff
age: 299899
x-cache: HIT
content-length: 44681
x-response-time: 234
surrogate-key: card_img card_img/bucket/6 card_img/1481915612398239747
last-modified: Fri, 14 Jan 2022 09:04:29 GMT
server: ECS (frb/6795)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b61822d6ad3ce5d4012816664a721c69f0c9ec46e55d750bdd25199e6b4a132b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f42b6c9dab0b73174621c0daba5d82d4f2d841fed05a3784952e660b13fb78b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview.htm
rt3042.infolinks.com/action/ 0
158 B 192ms
191ms Image
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rt3042.infolinks.com/action/adview.htm?rid=2bde0c48-79fe-41fd-ac06-83347dd07b00&bdc=1&midx=0&emd=NDI0fjY0MDI4Ml82NDM5MzA&rts=1642457612860&prod_t=d&jsv=1776.020-3.025&skin=sidebar&theme=lightBlue&sdata=home&scs=VgX8Ko825W&rsd=d1F4vI3py-iRugWv-5sb27Z4a_NmpUJVJpigvgtm0QjG7C1B-diTsue5fY5hsai8JPK5z2vBGkWq9B84eFkAAm-MpaulUeDJJ4JwkfIAhBpoZVcjUYFUo1WyD4XNoPIGq1TP4WbPU2deDCIjs4eYxI69ttIHMmgc&rsk=37&rcs=ktgAzvuwAbGeoMD4KagZwQ
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 22:13:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 6cf2ee708f515c5c-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
node227.impressionssl.adshop.infolinks.com/impression/ 37 B
221 B 497ms
94ms Image
image/gif 199.212.255.244
FHMNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://node227.impressionssl.adshop.infolinks.com/impression/?vh=1494721233&agy=414981&aid=637313&cid=640282&gid=643927&id=643930&st=1642457611&kwid=0&skw=home&sid=437263_0&sip=3117783808&pid=15&tid=2&mime=image/jpeg&dev=0&mtyp=502&agtyp=0&rid=2bde0c48-79fe-41fd-ac06-83347dd07b00&idfa=&gaid=&site_cat=18&pixel=1
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.212.255.244 , Canada, ASN25948 (FHMNET, CA),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 19:33:15 GMT
x-replied-from: 199.212.255.221:26080
server: nginx/1.16.1
content-type: image/gif
cache-control: no-cache, max-age=0, must-revalidate, no-store, post-check=0, pre-check=0
content-length: 37
expires: 0

GET
H2 200 /
node227.impressionssl.adshop.infolinks.com/impression/ Frame 0857 41 KB
41 KB 3684ms
3287ms Image
image/jpeg 199.212.255.244
FHMNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://node227.impressionssl.adshop.infolinks.com/impression/?vh=1494721233&agy=414981&aid=637313&cid=640282&gid=643927&id=643930&st=1642457611&kwid=0&skw=home&sid=437263_0&sip=3117783808&pid=15&tid=2&mime=image/jpeg&dev=0&mtyp=502&agtyp=0&rid=2bde0c48-79fe-41fd-ac06-83347dd07b00&idfa=&gaid=&site_cat=18
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.212.255.244 , Canada, ASN25948 (FHMNET, CA),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7df3ba5968f14615238df049f607d61b523a5a418120388e88a4f789e4accd2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 19:33:18 GMT
x-replied-from: 199.212.255.75:26080
server: nginx/1.16.1
content-type: image/jpeg
cache-control: no-cache, max-age=0, must-revalidate, no-store, post-check=0, pre-check=0
content-length: 41560
expires: 0

GET
H2 200 /
node227.impressionssl.adshop.infolinks.com/impression/ 37 B
221 B 353ms
94ms Image
image/gif 199.212.255.244
FHMNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://node227.impressionssl.adshop.infolinks.com/impression/?vh=1494731966&agy=414981&aid=637313&cid=640282&gid=643927&id=643934&st=1642457612&kwid=0&skw=free&sid=437263_0&sip=3117783808&pid=14&tid=2&mime=image/png&dev=0&mtyp=502&agtyp=0&rid=2bde0c48-79fe-41fd-ac06-83347dd07b00&idfa=&gaid=&site_cat=18&pixel=1
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.212.255.244 , Canada, ASN25948 (FHMNET, CA),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 19:33:15 GMT
x-replied-from: 199.212.255.227:26080
server: nginx/1.16.1
content-type: image/gif
cache-control: no-cache, max-age=0, must-revalidate, no-store, post-check=0, pre-check=0
content-length: 37
expires: 0

GET
H2 200 adview.htm
rt3042.infolinks.com/action/ 0
135 B 182ms
182ms Image
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rt3042.infolinks.com/action/adview.htm?rid=2bde0c48-79fe-41fd-ac06-83347dd07b00&bdc=2&midx=0&emd=NDI0fjY0MDI4Ml82NDM5MzQ&rts=1642457613026&prod_t=a&jsv=1776.020-3.025&sdata=free&scs=GMJP8aHmUr&rsd=d1F4vI3py-iRugWv-5sb27Z4a_NmpUJVJpigvgtm0QjG7C1B-diTsue5fY5hsai8JPK5z2vBGkWq9B84eFkAAm-MpaulUeDJJ4JwkfIAhBpoZVcjUYFUo1WyD4XNoPIGq1TP4WbPU2deDCIjs4eYxI69ttIHMmgc&rsk=37&rcs=ktgAzvuwAbGeoMD4KagZwQ
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 22:13:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 6cf2ee7169825c5c-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
node227.impressionssl.adshop.infolinks.com/impression/ Frame 0B1A 38 KB
38 KB 344ms
93ms Image
image/png 199.212.255.244
FHMNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://node227.impressionssl.adshop.infolinks.com/impression/?vh=1494731966&agy=414981&aid=637313&cid=640282&gid=643927&id=643934&st=1642457612&kwid=0&skw=free&sid=437263_0&sip=3117783808&pid=14&tid=2&mime=image/png&dev=0&mtyp=502&agtyp=0&rid=2bde0c48-79fe-41fd-ac06-83347dd07b00&idfa=&gaid=&site_cat=18
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.212.255.244 , Canada, ASN25948 (FHMNET, CA),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 61a24e928ec1c9acd43e891e78204eae77d6826a1cd02b5fa2f999b2c868252a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 19:33:15 GMT
x-replied-from: 199.212.255.224:26080
server: nginx/1.16.1
content-type: image/png
cache-control: no-cache, max-age=0, must-revalidate, no-store, post-check=0, pre-check=0
content-length: 38520
expires: 0

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame 3D70
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
571 B

7ms
7ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://ltoexam.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 436307
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 17 Jan 2022 22:13:33 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Tue, 11 Jan 2022 20:08:28 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6712)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Mon, 17 Jan 2022 22:13:33 GMT
pragma: no-cache
server: tsa_o
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Mon, 17 Jan 2022 22:13:33 GMT
x-transaction: 6533e4d4d175c560
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-response-time: 126
x-connection-hash: 59fbf5654258a841c22c5e3009c9e1d99b9dc7fb9f739d118ba3bbc49202d631

GET
H2 200 /
node227.impressionssl.adshop.infolinks.com/impression/ 37 B
221 B 139ms
138ms Image
image/gif 199.212.255.244
FHMNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://node227.impressionssl.adshop.infolinks.com/impression/?vh=1494733649&agy=414981&aid=637313&cid=640282&gid=642205&id=643963&st=1642457612&kwid=0&skw=advertises&sid=437263_0&sip=3117783808&pid=14&tid=2&mime=image/png&dev=0&mtyp=502&agtyp=0&rid=2bde0c48-79fe-41fd-ac06-83347dd07b00&idfa=&gaid=&site_cat=18&pixel=1
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.212.255.244 , Canada, ASN25948 (FHMNET, CA),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 19:33:15 GMT
x-replied-from: 199.212.255.74:26080
server: nginx/1.16.1
content-type: image/gif
cache-control: no-cache, max-age=0, must-revalidate, no-store, post-check=0, pre-check=0
content-length: 37
expires: 0

GET
H2 200 adview.htm
rt3042.infolinks.com/action/ 0
238 B 180ms
180ms Image
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rt3042.infolinks.com/action/adview.htm?rid=2bde0c48-79fe-41fd-ac06-83347dd07b00&bdc=3&midx=0&emd=NDI0fjY0MDI4Ml82NDM5NjM&rts=1642457613433&prod_t=a&jsv=1776.020-3.025&sdata=advertises&scs=EP36HxiITX&rsd=d1F4vI3py-iRugWv-5sb27Z4a_NmpUJVJpigvgtm0QjG7C1B-diTsue5fY5hsai8JPK5z2vBGkWq9B84eFkAAm-MpaulUeDJJ4JwkfIAhBpoZVcjUYFUo1WyD4XNoPIGq1TP4WbPU2deDCIjs4eYxI69ttIHMmgc&rsk=37&rcs=ktgAzvuwAbGeoMD4KagZwQ
Requested by: Host: ltoexam.com
URL: https://ltoexam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 22:13:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 6cf2ee73ffe75c5c-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
node227.impressionssl.adshop.infolinks.com/impression/ Frame 4D15 23 KB
23 KB 133ms
133ms Image
image/png 199.212.255.244
FHMNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://node227.impressionssl.adshop.infolinks.com/impression/?vh=1494733649&agy=414981&aid=637313&cid=640282&gid=642205&id=643963&st=1642457612&kwid=0&skw=advertises&sid=437263_0&sip=3117783808&pid=14&tid=2&mime=image/png&dev=0&mtyp=502&agtyp=0&rid=2bde0c48-79fe-41fd-ac06-83347dd07b00&idfa=&gaid=&site_cat=18
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.212.255.244 , Canada, ASN25948 (FHMNET, CA),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c22fc88baf003b5f80a08fe025e95a491e9e9f18f9b51aae8c1b4ce72e18efe4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 19:33:15 GMT
x-replied-from: 199.212.255.228:26080
server: nginx/1.16.1
content-type: image/png
cache-control: no-cache, max-age=0, must-revalidate, no-store, post-check=0, pre-check=0
content-length: 23072
expires: 0

GET
H2 200 container-1.0.html Show response
resources.infolinks.com/static/ Frame 0F03 430 B
493 B 20ms
19ms Document
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/static/container-1.0.html
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1776.020-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42307b6e2231b2de1535854ab77c8fd201f88822e3f87ca3c4e8d3624ce65678

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ltoexam.com/

Response headers

date: Mon, 17 Jan 2022 22:13:36 GMT
content-type: text/html; charset=UTF-8
last-modified: Wed, 17 Nov 2021 13:25:02 GMT
cache-control: max-age=2592000
expires: Wed, 16 Feb 2022 20:28:50 GMT
via: 1.1 google
cf-cache-status: HIT
age: 6286
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6cf2ee882a1c5c5c-FRA
content-encoding: gzip

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 0F03
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_device_id=7dfb888d-23b3-470b-9160-35b2507a8190=&partner_id=3337
https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=7dfb888d-23b3-470b-9160-35b2507a8190=&partner_id=3337

95 B
426 B

20ms
20ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=7dfb888d-23b3-470b-9160-35b2507a8190=&partner_id=3337

Requested by

Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/container-1.0.html

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://resources.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 22:13:36 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=7dfb888d-23b3-470b-9160-35b2507a8190=&partner_id=3337
date: Mon, 17 Jan 2022 22:13:36 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ltoexam.com/	1970-01-20 17:45:29	Name: sc_is_visitor_unique Value: rx7774730.1642457612.C52DFC5BB6A44F3B8338FD79CB26546E.1.1.1.1.1.1.1.1.1
ltoexam.com/	1969-12-31 23:59:59	Name: logglytrackingsession Value: 387d1242-e785-4be2-a8f7-387cc9ddd61d
.statcounter.com/	1970-01-21 20:02:46	Name: is_unique Value: sc7774730.1642457611.0
.infolinks.com/	1970-01-20 17:45:29	Name: cuid Value: 7dfb888d-23b3-470b-9160-35b2507a8190
.casalemedia.com/	1970-01-20 08:59:53	Name: CMID Value: YeXqDLgyUCFXWLl0EsHs8gAA
.casalemedia.com/	1970-01-20 02:23:53	Name: CMPS Value: 3271
.yahoo.com/	1970-01-20 09:00:15	Name: A3 Value: d=AQABBAzq5WECEKvQh-YyKbSSzvoucAJjpXUFEgEBAQE752HvYQAAAAAA_eMAAA&S=AQAAApkQiKxUTliLQy2kHy9dz7A
.casalemedia.com/	1970-01-20 02:23:53	Name: CMPRO Value: 1126
.casalemedia.com/	1970-01-20 00:15:44	Name: CMST Value: YeXqDGHl6gwA
.pubmatic.com/	1970-01-20 00:15:44	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 02:23:53	Name: SyncRTB3 Value: 1643587200%3A220
.pubmatic.com/	1970-01-20 02:23:53	Name: KADUSERCOOKIE Value: 784C5752-33D4-4BC0-8385-E74032EEDC9B
.advertising.com/	1970-01-20 09:01:20	Name: APID Value: UPb4dd0337-77e2-11ec-94db-0221d7e25822
.360yield.com/	1970-01-20 02:23:53	Name: tuuid Value: 7284890d-e8f1-4477-b9c5-009837409d87
.360yield.com/	1970-01-20 02:23:53	Name: tuuid_lu Value: 1642457612
.adnxs.com/	1970-01-20 02:23:53	Name: uuid2 Value: 2397853370907302375
.owneriq.net/	1970-01-20 17:45:29	Name: si Value: Q6957440121022534310
.owneriq.net/	1970-01-20 00:28:41	Name: p2 Value: cc
.analytics.yahoo.com/	1970-01-20 09:01:20	Name: IDSYNC Value: "192u~22py:18xp~22py"
.yahoo.com/	1970-01-20 00:34:33	Name: APID Value: UPb4dd0337-77e2-11ec-94db-0221d7e25822
.yahoo.com/	1970-01-20 00:15:44	Name: APIDTS Value: 1642457612
.facebook.com/	1970-01-20 17:45:29	Name: sb Value: DOrlYU1kEs0LPdqiLa06TRIj
.facebook.com/	1970-01-20 02:23:53	Name: fr Value: 05ErZujyKUOas6lFi..Bh5eoM.Yt.AAA.0.0.Bh5eoM.AWWNQCTZrLQ
.adsrvr.org/	1970-01-20 08:59:53	Name: TDID Value: 498e318f-0081-4efd-85a1-8e3e7b1da618
.adsrvr.org/	1970-01-20 08:59:53	Name: TDCPM Value: CAEYBSABKAIyCwiwq43DqoStOhAFOAE.
.infolinks.com/	1970-01-20 00:15:44	Name: VRUSERCOOKIE Value: y-ITXbFJNE2uGkeKmSLoec5TgaSgzbaT9n4LVQsRE-~A
.1rx.io/	1970-01-20 08:59:53	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-b038f8e0-da20-41e9-ada3-5f3934edf5aa-003%22%7D
.cpx.to/	1970-01-20 08:59:53	Name: cpSess Value: 5da53bc659ad3a5
.cpx.to/	1970-01-20 08:59:53	Name: dsp_app_nexus Value: 8290647816966742529#1642457612356
.infolinks.com/	1970-01-20 00:15:44	Name: IXUSERCOOKIE Value: YeXqDLgyUCFXWLl0EsHs8gAA&1126
.infolinks.com/	1970-01-20 00:15:44	Name: OUTHUSERCOOKIE Value: y-aGjO1WNE2uHxiJ.qt2k_voLYFSBol4yl~A~UPb4dd0337-77e2-11ec-94db-0221d7e25822
.infolinks.com/	1970-01-20 00:14:21	Name: IMDUSERCOOKIE Value: 7284890d-e8f1-4477-b9c5-009837409d87
.targeting.unrulymedia.com/	1970-01-20 08:59:53	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-b038f8e0-da20-41e9-ada3-5f3934edf5aa-003%22%7D
.lijit.com/	1970-01-20 08:59:53	Name: ljt_reader Value: 61887da0081525ca2dd7f055
.infolinks.com/	1970-01-20 02:23:53	Name: ANUSERCOOKIE Value: 2397853370907302375
.doubleclick.net/	1970-01-20 09:35:53	Name: IDE Value: AHWqTUnojQ4uFngfxEip-vfJrtfGF8QJ4GsmB0cGRwZ4MCuI7mfcbJbwXQKhCZroteE
.rfihub.com/	1970-01-20 09:35:53	Name: eud Value: H4sIAAAAAAAAAFslzmtoZmJkYmpuZmhkYm4AAEiF1bwQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MDcxNrYwMjK2NDC1NLK0MBTiM9QNzAgLKa9IzK4MjncGAKY7W-4lAAAA
.rfihub.com/	1970-01-20 09:35:53	Name: rud Value: H4sIAAAAAAAAAOMSNjU0MDcxNrYwMjK2NDC1NLK0MBTiM9QNzAgLKa9IzK4MjneW4jU0MzEyMTU3MzQyMTcAAPmuc4s0AAAA
.casalemedia.com/	1970-01-20 08:59:53	Name: CMRUM3 Value: bf61e5ea0c05a0&4961e5ea0c05a0&1f61e5ea0c05a00&c361e5ea0c2760av-50e5b92c-df72-4f73-a27a-8e42864accbc&e661e5ea0c2760&2761e5ea0c0b40&2d61e5ea0c2760CAESEGiRyID52pK3ef3ZfsmA_jI&f161e5ea0c05a0
.pubmatic.com/	1970-01-20 02:23:53	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 00:15:44	Name: pi Value: 156872:3
.pubmatic.com/	1970-01-20 02:23:53	Name: chkChromeAb67Sec Value: 3
.infolinks.com/	1970-01-20 00:15:44	Name: R1USERCOOKIE Value: RX-b038f8e0-da20-41e9-ada3-5f3934edf5aa-003
.infolinks.com/	1970-01-20 00:15:44	Name: KADUSERCOOKIE Value: 784C5752-33D4-4BC0-8385-E74032EEDC9B~1642457698956
.infolinks.com/	1970-01-20 00:15:44	Name: ZTUSERCOOKIE Value: 5107433822390592981
.infolinks.com/	1970-01-20 00:15:44	Name: SOVRNUSERCOOKIE Value: 61887da0081525ca2dd7f055
.infolinks.com/	1970-01-20 00:15:44	Name: PUBMUSERCOOKIE Value: 784C5752-33D4-4BC0-8385-E74032EEDC9B
.ltoexam.com/	1970-01-20 08:59:53	Name: fc Value: %7B%22NDI0fjY0MDI4Ml82NDM5MzA%22%3A%221%3A1642457612859%22%2C%22NDI0fjY0MDI4Ml82NDM5MzQ%22%3A%221%3A1642457613025%22%2C%22NDI0fjY0MDI4Ml82NDM5NjM%22%3A%221%3A1642457613433%22%7D
.ltoexam.com/	1970-01-20 08:59:53	Name: pv Value: %7B%22d%22%3A%221%3A1642457612859%22%2C%22a%22%3A%222%3A1642457613025%22%7D
.infolinks.com/	1970-01-20 00:14:52	Name: tv Value: \|NDI0fjY0MDI4Ml82NDM5MzQ~1\|NDI0fjY0MDI4Ml82NDM5NjM~1
.tapad.com/	1970-01-20 01:40:41	Name: TapAd_TS Value: 1642457616749
.tapad.com/	1970-01-20 01:40:41	Name: TapAd_DID Value: be0f9588-6c3d-477f-b678-1d9888e6ddac
.tapad.com/	1970-01-20 01:40:41	Name: TapAd_3WAY_SYNCS Value:

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abs.twimg.com
ad.360yield.com
ap.lijit.com
b1sync.zemanta.com
bdv.bidvertiser.com
c.statcounter.com
cdn.syndication.twimg.com
cm.g.doubleclick.net
connect.facebook.net
d2b9l3u54v5v39.cloudfront.net
de.tynt.com
dmp.brand-display.com
dsp.adkernel.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
free.timeanddate.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
ltoexam.com
match.adsrvr.org
match.bnmla.com
nep.advangelists.com
node227.impressionssl.adshop.infolinks.com
onetag-sys.com
p.rfihub.com
pbs.twimg.com
pixel.advertising.com
pixel.tapad.com
platform.twitter.com
pr-bh.ybp.yahoo.com
px.owneriq.net
resources.infolinks.com
router.infolinks.com
rt3042.infolinks.com
s.amazon-adsystem.com
s.cpx.to
secure.statcounter.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
sync.1rx.io
sync.go.sonobi.com
sync.targeting.unrulymedia.com
syndication.twitter.com
ton.twimg.com
u.openx.net
ups.analytics.yahoo.com
www.facebook.com
104.111.242.53
104.20.229.67
104.244.42.200
15.197.193.217
151.101.129.176
172.217.18.98
172.66.41.9
172.67.144.162
174.137.133.49
178.162.133.149
18.185.166.245
185.33.221.91
185.64.189.110
185.64.190.79
193.0.160.129
198.47.127.20
199.212.255.244
2.18.234.21
213.19.147.45
2600:9000:2251:1000:c:95c2:e940:21
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:808::2003
2a00:1450:4001:811::200a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a05:d018:d29:3605:7ea4:f1cc:2176:cd9d
3.126.56.137
3.208.105.70
3.251.21.8
35.227.248.159
35.244.159.8
38.27.122.158
50.31.142.191
51.89.9.254
52.46.154.242
52.49.40.119
54.241.51.109
54.71.47.92
67.202.105.24
67.202.105.32
72.251.249.13
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0443cd9db5c9d8bd81097d10c87ee95f463c54d3962afbd592f9c5e59ea09df3
05e4cacc737b3ea3eec6f20ef542709c2ce620468e75be99924a94d141ad5e2a
077a3aa33ead99e1558d71766ed96c904173f1c8f542124fdf6a90c8c56dac92
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
0e4f0aa8f9a3c6d640a3dd3342237fb9ccdd3a8ca8d6e3816552ecaee2513cc2
10000e50858213f4e33be0c6e50ffac69e77fe180e9aa08d4aa241273506bb91
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
17db8c2fe36a6e281047508a2516723ba277065d11a5b374712e5e5b2374aeea
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1b8d7173b54b42701fd995fd254393f10a12799f71827925353f961ab49635f9
1f42b6c9dab0b73174621c0daba5d82d4f2d841fed05a3784952e660b13fb78b
1f7e767057a468113b4c95065391f5a6ae48144c9e72d3bd6285ecb843936175
1f978496a2461719a0d0d4de9b241b68729f787a47cfa5cbcc6aee7522f5465e
2093eeb7c8703b51436f09e47b6c107f5dd5068fee50a9ece8dc2f757793ddeb
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
27306e4a14ab04d39e59d9d73d6fac0fca90bbab3da5d9358c0000b9119c90af
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
339427ed0687dc310fccb5d3d8f003db7dbf4c0c483e1c3eeaf1f8c7bda14ab7
36ca149f1763de196094e45f2736fe27d843a82d77ef9f43e0f0d63158fb308f
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42307b6e2231b2de1535854ab77c8fd201f88822e3f87ca3c4e8d3624ce65678
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
4fd2fcb53f3f9617f239fe457a7c06b97b0a66f80668d605ed7e7e28d02d2127
534738635c8ba8fa5bda843164f1e5e82cf04a7d8aa4bfae758f9581f4cd31ab
5359adccfa961eaf36b7e5b4a9de42e16851a3cc7818b17617b7cc74c703b40d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57c765e0bc6134f999371ef0c35516524ddf73ef9404e081f6f15f0660be2529
58db12084761feda49437ff2cb427d126656727ae3bc4959cf87a66f30c2822e
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c0f79d0286f1fd3db48e1b689358017b302c0f4babde540329e8c644cf119c7
61a24e928ec1c9acd43e891e78204eae77d6826a1cd02b5fa2f999b2c868252a
62fa2db314a81a38fc201afaa2e6bf7cdca9d76311ce08246808e45504871210
6670e25a76218d25fd032f994958d529faa40ce305bed3dcb1dffbfcb4c8fa9d
667d0547d8f8567828193f76f5fbd55bbb4244351313a8a8f3d85d171d1af49f
693335ce59675a25146b80a05623079801ad5fa9f5ef011f9cd4b0f5e9409881
6ba62723e34df401cdd78478b350203278f197b7f54aae7efe77a59731a5ce23
714c5e665abae559d000256a814e653c48fe3a938662c02018bffe3d4f10c475
71923ae84a8f67cd56a66b036775826eb09e1d7d0d288c4ad5f20e49da69eef9
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
75807a010dd395e2989544d4deed5bc3d8d36b11bed0a8ea310fcb43e8442183
76c3204c16180551c6575195c88969110daa632706c71fbfa154e5c2024b7022
77a561eb3f57cd0d2a7e02ffbd7bd122ef2bf650d4e0e577f7c4fed03412d908
7ca30b4ef2d39acc9064c289a25f7cf64c208ceb8878d086686484a2eb431114
7df3ba5968f14615238df049f607d61b523a5a418120388e88a4f789e4accd2e
7f8e9aa7b18f0d861289e776e963f39fb0cf9d8b14db449e7116a0257dcec422
816427321da11d1632fac7711648e373bcbc01cf8b7b372d7b9178827906430a
871bcbf1631eba9d4218fddb8dd96a075fdf33725e1ff991b345808c15c66617
8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9b4d6f2df3963da6825c49d2e56972f8a872a9887af8ea4344e394c8159f53ce
9b78d3cb9d87c1307fde0eea3797a6a2733b74712c5a6642c54a3ba063f6bbae
a045c3b4670c412f0d621b347d7828bec41c6563734cf5b746ed8c068c74f43e
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
aa9e1a5c1d25d94fce35f555fc1bf1015886522723a9049669323872034cf098
ad4a1afc4560cb593b040532d849d19cbd6883efcf74b8c9fee44a9e5d733805
b0e985c68ac4cb7a3a25b7a2403b592c4d85c0281152b75af532d7be93704346
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be0b426b3df48c4b4127546e2d556855cf18966daec312af3d41b928d63b5aef
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bfe68907b93407f84da520467be0dac328a163cca560e6939504a11c2d47ed03
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c22fc88baf003b5f80a08fe025e95a491e9e9f18f9b51aae8c1b4ce72e18efe4
c382e8b2c51212d4388300f60edea8990e5b212a75845ba1df24e10c91e8d540
c4c8f27ef7432157421e2074b643eca9e7caf86f80d6db17e1681c201e77e8ff
c5ddb995fe37710a4be439e4e3f45016cd7b7ecfa3423a29e4f4f4dcce63efff
c6802643a04a4e91582126d45e3e0b6bb28fbb413e10735900840a375d6b60d4
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdb248537d33e4280742b7a14eb911d1cab4a6ef9817f0dc06cef15a8d6670a7
d625a59fddcd3f132879f9fc4ab96aad1cc4c66d75df51dfa72ef99c86ee88d8
daff172c6c3c7393b56a05190a5f037a8e5c5f79638b46d0d69ea05bf242b38a
dcd5797588e186206c2f91c47bd0519ae43ceb4edfa641bfbe74965e4a92c634
dd7c31e47a94dfd92c188c43c4135bdc5947470790761931398a391dc243d682
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df44c84c3b7a66eae23dcb0852caf05e054082da17162c219b7999a711ea647d
e0ed4b80efbb81a92a82a727735aa23cd0e64ba7f8fe99507b31154f3042b9ba
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b8ee13d35110d7006bc5c5147ee0a0c6c3e1f26b2f246b8d5e57edf4f6b97b
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff3409a0a27457eb3d71ba9766cccd8d72118ecf02aa6e5cd7d63df502b397a
fc6a70a42a0396a31a99a7446ca0d021be329a2306842eee40e97a46c89e469d

ltoexam.com Open in urlscan Pro 172.67.144.162 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

128 Requests

88 %HTTPS

23 %IPv6

38 Domains

50 Subdomains

33 IPs

7 Countries

1665 kBTransfer

3123 kBSize

54 Cookies

0 Outgoing links

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ltoexam.com Open in urlscan Pro
172.67.144.162 Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

88 %
HTTPS

23 %
IPv6

38
Domains

50
Subdomains

33
IPs

7
Countries

1665 kB
Transfer

3123 kB
Size

54
Cookies

128 HTTP transactions
6 data transactions