urlscan.io logo urlscan.io
SecurityTrails logo

mtnc.yazdangh.site Open in urlscan Pro
2606:4700:3031::6815:5b03  Public Scan

Go To Rescan Add Verdict Report
URL: https://mtnc.yazdangh.site/
Submission: On January 31 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 109 IPs in 8 countries across 105 domains to perform 314 HTTP transactions. The main IP is 2606:4700:3031::6815:5b03, located in United States and belongs to CLOUDFLARENET, US. The main domain is mtnc.yazdangh.site.
TLS certificate: Issued by GTS CA 1P5 on January 30th 2024. Valid for: 3 months.
This is the only time mtnc.yazdangh.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
28 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2400:52e0:1a0... 200325 (BUNNYCDN)
4 2606:4700::68... 13335 (CLOUDFLAR...)
7 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 3.162.3.76 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
1 13.32.151.38 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 3.162.8.154 16509 (AMAZON-02)
1 99.84.252.55 16509 (AMAZON-02)
1 54.154.104.171 16509 (AMAZON-02)
1 3 192.184.69.215 16509 (AMAZON-02)
2 34.95.69.49 396982 (GOOGLE-CL...)
1 34.120.111.33 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 18.200.207.104 16509 (AMAZON-02)
1 54.192.51.26 16509 (AMAZON-02)
1 205.251.251.220 16509 (AMAZON-02)
4 23.35.158.76 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
10 17 68.67.160.24 29990 (ASN-APPNEX)
10 12 35.71.131.137 16509 (AMAZON-02)
1 147.135.119.114 16276 (OVH)
2 3.222.156.11 14618 (AMAZON-AES)
1 2607:f350:3:2... 27630 (AS-XFERNET)
1 104.36.115.111 62713 (AS-PUBMATIC)
1 54.245.116.245 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
10 147.28.146.89 54825 (PACKET)
13 104.18.43.178 13335 (CLOUDFLAR...)
1 208.115.232.150 46475 (LIMESTONE...)
1 2602:803:c002... 26667 (RUBICONPR...)
1 52.7.244.219 14618 (AMAZON-AES)
1 7 35.244.159.8 15169 (GOOGLE)
1 2620:100:a001... 19750 (AS-CRITEO)
4 11 172.64.151.101 13335 (CLOUDFLAR...)
1 35.174.193.222 14618 (AMAZON-AES)
1 15 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:26a... 16509 (AMAZON-02)
1 2606:ae80:147... 25751 (VALUECLICK)
6 52.31.207.164 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
9 32 8.28.7.83 62713 (AS-PUBMATIC)
6 8 8.43.72.98 26667 (RUBICONPR...)
4 6 34.111.113.62 396982 (GOOGLE-CL...)
16 21 142.251.16.157 15169 (GOOGLE)
1 1 172.240.155.76 7979 (SERVERS-COM)
4 4 198.148.27.131 19189 (PULSEPOINT)
1 2607:f8b0:400... 15169 (GOOGLE)
10 15 8.43.72.97 26667 (RUBICONPR...)
1 2 52.0.156.250 14618 (AMAZON-AES)
4 2607:f8b0:400... 15169 (GOOGLE)
2 162.19.138.116 16276 (OVH)
3 2607:f8b0:400... 15169 (GOOGLE)
1 3.215.187.101 14618 (AMAZON-AES)
3 3 35.244.154.8 396982 (GOOGLE-CL...)
1 2600:9000:269... 16509 (AMAZON-02)
2 8 52.46.143.56 16509 (AMAZON-02)
1 52.19.231.135 16509 (AMAZON-02)
1 104.244.42.131 13414 (TWITTER)
1 2607:f8b0:400... 15169 (GOOGLE)
8 12 162.19.138.117 16276 (OVH)
3 3 3.208.170.161 14618 (AMAZON-AES)
3 3 52.44.173.38 14618 (AMAZON-AES)
1 1 178.250.1.9 44788 (ASN-CRITE...)
1 1 50.16.49.36 14618 (AMAZON-AES)
10 10 54.161.18.58 14618 (AMAZON-AES)
1 4 104.36.115.113 62713 (AS-PUBMATIC)
2 4 2620:100:a001::c 19750 (AS-CRITEO)
1 2 35.244.193.51 396982 (GOOGLE-CL...)
3 74.119.119.139 19750 (AS-CRITEO)
1 23.215.40.187 16625 (AKAMAI-AS)
2 104.18.38.76 13335 (CLOUDFLAR...)
4 23.215.40.199 16625 (AKAMAI-AS)
4 12 35.71.139.29 16509 (AMAZON-02)
4 23.48.9.103 16625 (AKAMAI-AS)
1 5 162.55.233.29 24940 (HETZNER-AS)
1 8 2607:f350:3:2... 27630 (AS-XFERNET)
3 3 199.38.167.131 54312 (ROCKETFUEL)
2 2 82.145.213.8 39832 (NO-OPERA)
2 2 54.204.225.159 14618 (AMAZON-AES)
7 8 35.211.178.172 15169 (GOOGLE)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
1 3.161.213.118 16509 (AMAZON-02)
2 2620:100:a001::4 19750 (AS-CRITEO)
2 3 151.101.66.49 54113 (FASTLY)
2 5 2600:1f18:4e9... 14618 (AMAZON-AES)
3 2620:1ec:21::14 8068 (MICROSOFT...)
2 2 74.119.119.150 19750 (AS-CRITEO)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 23.105.12.158 30633 (LEASEWEB-...)
1 2600:1f18:61c... 14618 (AMAZON-AES)
5 6 3.225.218.10 14618 (AMAZON-AES)
2 2 3.217.51.221 14618 (AMAZON-AES)
1 1 23.105.12.172 30633 (LEASEWEB-...)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
4 5 104.36.113.110 62713 (AS-PUBMATIC)
1 3 162.248.18.34 62713 (AS-PUBMATIC)
1 8.18.47.7 398989 (DEEPINTENT)
1 1 54.163.229.247 14618 (AMAZON-AES)
2 2 54.197.121.110 14618 (AMAZON-AES)
1 40.76.134.238 8075 (MICROSOFT...)
2 2 35.236.220.17 396982 (GOOGLE-CL...)
2 2 2606:ae80:147... 25751 (VALUECLICK)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
1 2 38.98.69.175 174 (COGENT-174)
1 3.210.33.43 14618 (AMAZON-AES)
1 67.220.226.238 16509 (AMAZON-02)
1 23.58.127.99 ()
1 34.200.143.154 14618 (AMAZON-AES)
1 44.194.20.78 14618 (AMAZON-AES)
2 2 35.227.252.103 396982 (GOOGLE-CL...)
3 5 131.153.242.59 19437 (SS-ASH)
1 1 23.198.95.152 16625 (AKAMAI-AS)
2 37.157.6.233 198622 (ADFORM)
2 2 207.198.113.86 13768 (COGECO-PEER1)
2 2 185.167.164.49 ()
1 204.237.133.243 3257 (GTT-BACKB...)
2 2 172.240.127.129 7979 (SERVERS-COM)
1 2 3.211.27.57 ()
1 2 2606:4700::68... ()
1 1 69.90.254.78 ()
1 1 35.214.250.24 ()
1 1 216.200.232.249 ()
4 4 69.194.240.13 ()
1 35.186.193.173 ()
1 162.55.120.196 ()
2 2 23.58.232.192 ()
1 2 23.23.156.183 ()
1 44.218.250.129 ()
1 52.55.97.47 ()
1 1 64.227.64.62 ()
1 18.238.55.58 ()
1 1 107.178.254.65 ()
1 2 52.71.57.44 ()
314 109
28    2606:4700:3031::6815:5b03 (United States)

ASN13335 (CLOUDFLARENET, US)
mtnc.yazdangh.site
2    2607:f8b0:4004:c06::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4004:c0b::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2400:52e0:1a00::845:1 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)
hb.vntsm.com
4    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
cloudflareinsights.com
7    2607:f8b0:4004:c08::8b (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:10::ac43:2483 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.vntsm.io
1    2607:f8b0:4004:c0b::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    3.162.3.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-76.yul62.r.cloudfront.net
ats.rlcdn.com
1    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
4    2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    13.32.151.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-151-38.iad66.r.cloudfront.net
geo.privacymanager.io
1    2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
3    3.162.8.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-8-154.yul62.r.cloudfront.net
c.amazon-adsystem.com
1    99.84.252.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-252-55.mia3.r.cloudfront.net
cdn.exelator.com
1    54.154.104.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-104-171.eu-west-1.compute.amazonaws.com
p.cpx.to
3    192.184.69.215 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
1    34.120.111.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.111.120.34.bc.googleusercontent.com
cdn.edkt.io
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
3    18.200.207.104 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-207-104.eu-west-1.compute.amazonaws.com
track.venatusmedia.com
1    54.192.51.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-26.yul62.r.cloudfront.net
config.aps.amazon-adsystem.com
1    205.251.251.220 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-205-251-251-220.yul62.r.cloudfront.net
aax.amazon-adsystem.com
4    23.35.158.76 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-158-76.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
17    68.67.160.24 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
12    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    147.135.119.114 (United States)

ASN16276 (OVH, FR)
PTR: ip114.ip-147-135-119.us
prg.smartadserver.com
2    3.222.156.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-156-11.compute-1.amazonaws.com
ap.lijit.com
1    2607:f350:3:2569:0:10:0:a (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    54.245.116.245 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-245-116-245.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
1    2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
10    147.28.146.89 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
sync.a-mo.net
13    104.18.43.178 (None, )

ASN13335 (CLOUDFLARENET, US)
elb.the-ozone-project.com
1    208.115.232.150 (United States)

ASN46475 (LIMESTONENETWORKS, US)
PTR: 150-232-115-208.static.reverse.lstn.net
shb.richaudience.com
1    2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    52.7.244.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-244-219.compute-1.amazonaws.com
krk.kargo.com
7    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
venatusmedia-d.openx.net
u.openx.net
us-u.openx.net
1    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
11    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
1    35.174.193.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-193-222.compute-1.amazonaws.com
tlx.3lift.com
15    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
ids.ad.gt
pixels.ad.gt
1    2600:9000:26a0:1400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2606:ae80:1471:13::820 (United States)

ASN25751 (VALUECLICK, US)
proc.ad.cpe.dotomi.com
6    52.31.207.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-207-164.eu-west-1.compute.amazonaws.com
s.cpx.to
2    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
1    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
p.ad.gt
32    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
8    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
6    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
21    142.251.16.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net
cm.g.doubleclick.net
1    172.240.155.76 (United States)

ASN7979 (SERVERS-COM, US)
sync.colossusssp.com
4    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)
8492babfad9c3c8e261c0201eda94599.safeframe.googlesyndication.com
15    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
mydmp.exelator.com
4    2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
lb.eu-1-id5-sync.com
3    2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    3.215.187.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-187-101.compute-1.amazonaws.com
onsite-tag-logs.apps.nielsen.com
3    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    2600:9000:269f:1000:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
8    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    52.19.231.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-231-135.eu-west-1.compute.amazonaws.com
nmcsync.imrworldwide.com
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    2607:f8b0:4004:c17::6a (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
12    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
3    3.208.170.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-170-161.compute-1.amazonaws.com
ice.360yield.com
ad.360yield.com
3    52.44.173.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-173-38.compute-1.amazonaws.com
sync.ipredictive.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.eu.criteo.com
1    50.16.49.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-49-36.compute-1.amazonaws.com
rtb.gumgum.com
10    54.161.18.58 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-18-58.compute-1.amazonaws.com
match.prod.bidr.io
4    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
3    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    23.215.40.187 (McAllen, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-40-187.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
4    23.215.40.199 (McAllen, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-40-199.deploy.static.akamaitechnologies.com
ads.pubmatic.com
12    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
4    23.48.9.103 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-48-9-103.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    162.55.233.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de
sync.richaudience.com
8    2607:f350:3:2569:0:10:0:d (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    54.204.225.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-225-159.compute-1.amazonaws.com
sync.srv.stackadapt.com
8    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    3.161.213.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-118.yul62.r.cloudfront.net
api.intentiq.com
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    2600:1f18:4e9:5a02:7a40:2956:c998:e321 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    2606:4700::6813:9e13 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
2    23.105.12.158 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync.smartadserver.com
ssbsync-global.smartadserver.com
1    2600:1f18:61c0:2205:c006:9cb1:4bb0:4b28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
d.adroll.com
6    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
2    3.217.51.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-51-221.compute-1.amazonaws.com
cm.adgrx.com
1    23.105.12.172 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
1    2603:c020:400d:3000:67b7:1059:7283:c690 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
5    104.36.113.110 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
3    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    8.18.47.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    54.163.229.247 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-229-247.compute-1.amazonaws.com
sonata-notifications.taptapnetworks.com
2    54.197.121.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-121-110.compute-1.amazonaws.com
pm.w55c.net
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
2    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
2    2606:ae80:1471:11::440 (United States)

ASN25751 (VALUECLICK, US)
pubmatic-match.dotomi.com
2    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    38.98.69.175 (North Bergen, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
1    3.210.33.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-33-43.compute-1.amazonaws.com
rtb.adentifi.com
1    67.220.226.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    23.58.127.99 (None, )

ASN- ()
hb.yahoo.net
1    34.200.143.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-143-154.compute-1.amazonaws.com
match.sharethrough.com
1    44.194.20.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-20-78.compute-1.amazonaws.com
ce.lijit.com
2    35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
5    131.153.242.59 (United States)

ASN19437 (SS-ASH, US)
id.a-mx.com
c3.a-mo.net
id.rtb.mx
1    23.198.95.152 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-95-152.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    207.198.113.86 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    185.167.164.49 (None, )

ASN- ()
c1.adform.net
1    204.237.133.243 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
ow.pubmatic.com
2    172.240.127.129 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    3.211.27.57 (None, )

ASN- ()
beacon.lynx.cognitivlabs.com
2    2606:4700::6812:18ad (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    69.90.254.78 (None, )

ASN- ()
ums.acuityplatform.com
1    35.214.250.24 (None, )

ASN- ()
csync.loopme.me
1    216.200.232.249 (None, )

ASN- ()
sync.mathtag.com
4    69.194.240.13 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
1    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    162.55.120.196 (None, )

ASN- ()
matching.truffle.bid
2    23.58.232.192 (None, )

ASN- ()
px.owneriq.net
2    23.23.156.183 (None, )

ASN- ()
thrtle.com
1    44.218.250.129 (None, )

ASN- ()
crb.kargo.com
1    52.55.97.47 (None, )

ASN- ()
sync.bfmio.com
1    64.227.64.62 (None, )

ASN- ()
match.adsby.bidtheatre.com
1    18.238.55.58 (None, )

ASN- ()
synchroscript.deliveryengine.adswizz.com
1    107.178.254.65 (None, )

ASN- ()
pippio.com
2    52.71.57.44 (None, )

ASN- ()
bcp.crwdcntrl.net
Apex Domain
Subdomains		 Transfer
50 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
image2.pubmatic.com — Cisco Umbrella Rank: 912
image6.pubmatic.com — Cisco Umbrella Rank: 805
ads.pubmatic.com — Cisco Umbrella Rank: 535
simage2.pubmatic.com — Cisco Umbrella Rank: 870
image8.pubmatic.com — Cisco Umbrella Rank: 664
image4.pubmatic.com — Cisco Umbrella Rank: 1237
ow.pubmatic.com — Cisco Umbrella Rank: 1571
simage4.pubmatic.com
54 KB
29 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520
token.rubiconproject.com — Cisco Umbrella Rank: 477
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
eus.rubiconproject.com — Cisco Umbrella Rank: 579
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 967
42 KB
28 yazdangh.site
mtnc.yazdangh.site
3 MB
25 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
169 KB
18 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1664
a.ad.gt — Cisco Umbrella Rank: 1857
p.ad.gt — Cisco Umbrella Rank: 2222
ids.ad.gt — Cisco Umbrella Rank: 1592
pixels.ad.gt — Cisco Umbrella Rank: 1982
20 KB
18 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
secure.adnxs.com — Cisco Umbrella Rank: 490
acdn.adnxs.com — Cisco Umbrella Rank: 598
35 KB
14 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
aax.amazon-adsystem.com — Cisco Umbrella Rank: 395
s.amazon-adsystem.com — Cisco Umbrella Rank: 326
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 801
84 KB
13 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 581
eb2.3lift.com — Cisco Umbrella Rank: 412
6 KB
13 the-ozone-project.com
elb.the-ozone-project.com — Cisco Umbrella Rank: 4452
16 KB
13 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 740
sync.a-mo.net — Cisco Umbrella Rank: 1528
assets.a-mo.net — Cisco Umbrella Rank: 1466
c3.a-mo.net — Cisco Umbrella Rank: 17331
12 KB
13 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 857
id5-sync.com — Cisco Umbrella Rank: 425
41 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
5 KB
11 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
5 KB
11 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
ssum.casalemedia.com — Cisco Umbrella Rank: 1252
7 KB
11 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 679
dis.eu.criteo.com — Cisco Umbrella Rank: 7526
gum.criteo.com — Cisco Umbrella Rank: 423
mug.criteo.com — Cisco Umbrella Rank: 3123
dis.criteo.com — Cisco Umbrella Rank: 608
11 KB
10 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 555
5 KB
9 openx.net
venatusmedia-d.openx.net — Cisco Umbrella Rank: 36438
u.openx.net — Cisco Umbrella Rank: 683
us-u.openx.net — Cisco Umbrella Rank: 524
rtb.openx.net — Cisco Umbrella Rank: 625
2 KB
9 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2202
sync.go.sonobi.com — Cisco Umbrella Rank: 976
8 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
4 KB
8 googlesyndication.com
8492babfad9c3c8e261c0201eda94599.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
42 KB
7 cpx.to
p.cpx.to — Cisco Umbrella Rank: 11499
s.cpx.to — Cisco Umbrella Rank: 8630
6 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
23 KB
6 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 501
2 KB
6 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 4312
sync.richaudience.com — Cisco Umbrella Rank: 1717
3 KB
4 adform.net
cm.adform.net — Cisco Umbrella Rank: 1147
c1.adform.net
2 KB
4 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 523
3 KB
4 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1533
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1724
1 KB
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1157
106 KB
4 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 4345
idsync.rlcdn.com — Cisco Umbrella Rank: 451
api.rlcdn.com Failed
35 KB
4 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 811
cloudflareinsights.com — Cisco Umbrella Rank: 794
21 KB
4 vntsm.com
hb.vntsm.com — Cisco Umbrella Rank: 30839
312 KB
3 1rx.io
sync.1rx.io
2 KB
3 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 1489
2 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
1 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 716
858 B
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
1 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 841
2 KB
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 906
1 KB
3 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1892
ad.360yield.com — Cisco Umbrella Rank: 698
1 KB
3 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2790
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3439
1 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 671
ce.lijit.com — Cisco Umbrella Rank: 859
1 KB
3 venatusmedia.com
track.venatusmedia.com — Cisco Umbrella Rank: 29092
499 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1603
mp.4dex.io — Cisco Umbrella Rank: 2539
25 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1364
pixel.quantserve.com — Cisco Umbrella Rank: 1007
cms.quantserve.com — Cisco Umbrella Rank: 764
11 KB
3 exelator.com
cdn.exelator.com — Cisco Umbrella Rank: 26425
mydmp.exelator.com — Cisco Umbrella Rank: 19701
11 KB
2 crwdcntrl.net
bcp.crwdcntrl.net
852 B
2 thrtle.com
thrtle.com
684 B
2 owneriq.net
px.owneriq.net
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com
831 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1908
2 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 722
938 B
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4970
967 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 843
952 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 875
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1563
959 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
58 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 730
2 KB
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1217
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
cdn.indexww.com — Cisco Umbrella Rank: 1576
2 KB
2 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1517
594 B
2 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 2006
nmcsync.imrworldwide.com — Cisco Umbrella Rank: 7870
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 914
555 B
2 kargo.com
krk.kargo.com — Cisco Umbrella Rank: 7803
crb.kargo.com
1 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1234
104 B
2 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 36135
960 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
141 KB
1 pippio.com
pippio.com
632 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com
200 B
1 bidtheatre.com
match.adsby.bidtheatre.com
555 B
1 bfmio.com
sync.bfmio.com
425 B
1 truffle.bid
matching.truffle.bid
1 ctnsnet.com
ipac.ctnsnet.com
360 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
527 B
1 mathtag.com
sync.mathtag.com
739 B
1 loopme.me
csync.loopme.me
219 B
1 acuityplatform.com
ums.acuityplatform.com
674 B
1 rtb.mx
id.rtb.mx — Cisco Umbrella Rank: 3072
476 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 508
280 B
1 yahoo.net
hb.yahoo.net
651 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1259
285 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 4022
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 7736
346 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1026
339 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1913
4 KB
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1407
181 B
1 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1555
683 B
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1478
275 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 789
396 B
1 nielsen.com
onsite-tag-logs.apps.nielsen.com — Cisco Umbrella Rank: 18809
264 B
1 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 1430
675 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1345
1 KB
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3797
700 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1798
10 KB
1 edkt.io
cdn.edkt.io — Cisco Umbrella Rank: 14352
8 KB
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 2320
46 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1860
627 B
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 918
916 B
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
2 KB
0 iprom.net Failed
core.iprom.net Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 mobtrakk.com Failed
sync-dmp.mobtrakk.com Failed
314 105
Domain Requested by
28 mtnc.yazdangh.site mtnc.yazdangh.site
21 simage2.pubmatic.com 4 redirects ads.pubmatic.com
21 cm.g.doubleclick.net 16 redirects mtnc.yazdangh.site
us-u.openx.net
eb2.3lift.com
15 pixel.rubiconproject.com 10 redirects
13 elb.the-ozone-project.com hb.vntsm.com
cadmus.script.ac
elb.the-ozone-project.com
static.cloudflareinsights.com
ads.pubmatic.com
13 ib.adnxs.com 6 redirects cadmus.script.ac
hb.vntsm.com
eb2.3lift.com
acdn.adnxs.com
12 eb2.3lift.com 4 redirects cadmus.script.ac
eb2.3lift.com
ads.pubmatic.com
12 id5-sync.com 8 redirects hb.vntsm.com
12 match.adsrvr.org 10 redirects cadmus.script.ac
hb.vntsm.com
11 image2.pubmatic.com 5 redirects ads.pubmatic.com
11 ids.ad.gt 1 redirects mtnc.yazdangh.site
10 match.prod.bidr.io 10 redirects
8 x.bidswitch.net 7 redirects eb2.3lift.com
8 sync.go.sonobi.com 1 redirects
8 s.amazon-adsystem.com 2 redirects us-u.openx.net
ssum-sec.casalemedia.com
ads.pubmatic.com
8 token.rubiconproject.com 6 redirects eus.rubiconproject.com
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
mtnc.yazdangh.site
cadmus.script.ac
6 ups.analytics.yahoo.com 5 redirects assets.a-mo.net
6 sync.a-mo.net cadmus.script.ac
ads.pubmatic.com
6 pixel.tapad.com 4 redirects ads.pubmatic.com
6 s.cpx.to cadmus.script.ac
mtnc.yazdangh.site
5 image8.pubmatic.com 4 redirects
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 pr-bh.ybp.yahoo.com 2 redirects us-u.openx.net
ssum-sec.casalemedia.com
ads.pubmatic.com
5 sync.richaudience.com 1 redirects cadmus.script.ac
sync.richaudience.com
ads.pubmatic.com
5 us-u.openx.net cadmus.script.ac
us-u.openx.net
4 eus.rubiconproject.com cadmus.script.ac
eus.rubiconproject.com
assets.a-mo.net
4 ads.pubmatic.com cadmus.script.ac
ads.pubmatic.com
elb.the-ozone-project.com
sync.richaudience.com
4 gum.criteo.com 2 redirects cadmus.script.ac
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 pagead2.googlesyndication.com hb.vntsm.com
tpc.googlesyndication.com
4 bh.contextweb.com 4 redirects
4 secure.adnxs.com 4 redirects
4 prebid.a-mo.net hb.vntsm.com
4 secure.cdn.fastclick.net cadmus.script.ac
4 securepubads.g.doubleclick.net hb.vntsm.com
cadmus.script.ac
4 hb.vntsm.com mtnc.yazdangh.site
hb.vntsm.com
cadmus.script.ac
3 sync.1rx.io 3 redirects
3 id.a-mx.com 2 redirects
3 px.ads.linkedin.com eb2.3lift.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 creativecdn.com 3 redirects
3 p.rfihub.com 3 redirects
3 mug.criteo.com
3 sync.ipredictive.com 3 redirects
3 idsync.rlcdn.com 3 redirects
3 tpc.googlesyndication.com cadmus.script.ac
3 id.hadron.ad.gt hb.vntsm.com
3 track.venatusmedia.com hb.vntsm.com
3 c.amazon-adsystem.com hb.vntsm.com
3 static.cloudflareinsights.com mtnc.yazdangh.site
elb.the-ozone-project.com
2 bcp.crwdcntrl.net 1 redirects
2 thrtle.com 1 redirects
2 px.owneriq.net 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 ads.betweendigital.com 2 redirects
2 ssum.casalemedia.com 2 redirects
2 c1.adform.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 cm.adform.net
2 rtb.openx.net 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 ad.turn.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 um.simpli.fi 2 redirects
2 pm.w55c.net 2 redirects
2 image4.pubmatic.com 1 redirects ads.pubmatic.com
2 cm.adgrx.com 2 redirects
2 assets.a-mo.net sync.a-mo.net
assets.a-mo.net
2 dis.criteo.com 2 redirects
2 static.criteo.net cadmus.script.ac
hb.vntsm.com
2 sync.srv.stackadapt.com 2 redirects
2 t.adx.opera.com 2 redirects
2 lexicon.33across.com 1 redirects
2 ice.360yield.com 2 redirects
2 lb.eu-1-id5-sync.com cadmus.script.ac
hb.vntsm.com
2 mydmp.exelator.com 1 redirects
2 a.ad.gt cadmus.script.ac
hb.vntsm.com
2 ap.lijit.com hb.vntsm.com
2 script.4dex.io cadmus.script.ac
2 i.clean.gg hb.vntsm.com
2 hb.vntsm.io hb.vntsm.com
2 www.googletagmanager.com mtnc.yazdangh.site
www.googletagmanager.com
1 pippio.com 1 redirects
1 synchroscript.deliveryengine.adswizz.com
1 match.adsby.bidtheatre.com 1 redirects
1 sync.bfmio.com
1 crb.kargo.com
1 matching.truffle.bid ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.mathtag.com 1 redirects
1 csync.loopme.me 1 redirects
1 ums.acuityplatform.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 ssbsync-global.smartadserver.com 1 redirects
1 id.rtb.mx assets.a-mo.net
1 ad.360yield.com 1 redirects
1 ow.pubmatic.com
1 secure-assets.rubiconproject.com 1 redirects
1 c3.a-mo.net 1 redirects
1 ce.lijit.com
1 match.sharethrough.com
1 hb.yahoo.net
1 aax-eu.amazon-adsystem.com
1 rtb.adentifi.com ads.pubmatic.com
1 us01.z.antigena.com ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 sync.technoratimedia.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 ssbsync.smartadserver.com 1 redirects
1 api.intentiq.com
1 js-sec.indexww.com cadmus.script.ac
1 acdn.adnxs.com cadmus.script.ac
1 rtb.gumgum.com 1 redirects
1 dis.eu.criteo.com 1 redirects
1 www.google.com cadmus.script.ac
1 analytics.twitter.com
1 nmcsync.imrworldwide.com
1 secure-gl.imrworldwide.com
1 onsite-tag-logs.apps.nielsen.com cdn.exelator.com
1 cloudflareinsights.com hb.vntsm.com
1 u.openx.net 1 redirects
1 pixels.ad.gt cadmus.script.ac
1 8492babfad9c3c8e261c0201eda94599.safeframe.googlesyndication.com cadmus.script.ac
1 sync.colossusssp.com 1 redirects
1 p.ad.gt cadmus.script.ac
1 pixel.quantserve.com mtnc.yazdangh.site
1 proc.ad.cpe.dotomi.com hb.vntsm.com
1 rules.quantcount.com cadmus.script.ac
1 tlx.3lift.com hb.vntsm.com
1 htlb.casalemedia.com hb.vntsm.com
1 bidder.criteo.com hb.vntsm.com
1 venatusmedia-d.openx.net hb.vntsm.com
1 krk.kargo.com hb.vntsm.com
1 fastlane.rubiconproject.com hb.vntsm.com
1 shb.richaudience.com hb.vntsm.com
1 mp.4dex.io hb.vntsm.com
1 hb-api.omnitagjs.com hb.vntsm.com
1 hbopenbid.pubmatic.com hb.vntsm.com
1 apex.go.sonobi.com hb.vntsm.com
1 prg.smartadserver.com hb.vntsm.com
1 cdn.id5-sync.com cadmus.script.ac
1 cdn.hadronid.net cadmus.script.ac
1 aax.amazon-adsystem.com hb.vntsm.com
1 config.aps.amazon-adsystem.com cadmus.script.ac
1 cdn.edkt.io cadmus.script.ac
1 secure.quantserve.com hb.vntsm.com
1 p.cpx.to hb.vntsm.com
1 cdn.exelator.com hb.vntsm.com
1 cadmus.script.ac hb.vntsm.com
1 geo.privacymanager.io ats.rlcdn.com
1 ad-delivery.net hb.vntsm.com
1 ats.rlcdn.com hb.vntsm.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com mtnc.yazdangh.site
0 core.iprom.net Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 sync-dmp.mobtrakk.com Failed
0 api.rlcdn.com Failed hb.vntsm.com
314 167
Subject Issuer Validity Valid
yazdangh.site
GTS CA 1P5		 2024-01-30 -
2024-04-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.vntsm.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-10 -
2024-04-08		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
ad-delivery.net
GTS CA 1P5		 2024-01-20 -
2024-04-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
script.ac
E1		 2023-12-29 -
2024-03-28		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
cdn.exelator.com
Amazon RSA 2048 M02		 2023-10-09 -
2024-11-04		 a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2024-01-09 -
2025-01-13		 a year crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2024-01-11 -
2024-04-10		 3 months crt.sh
api.edkt.io
GTS CA 1D4		 2024-01-23 -
2024-04-22		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.venatusmedia.com
Amazon RSA 2048 M02		 2023-12-25 -
2025-01-22		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-12-03 -
2024-03-02		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-17 -
2025-01-16		 a year crt.sh
*.lijit.com
Amazon RSA 2048 M02		 2023-03-12 -
2024-04-10		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2023-12-07 -
2025-01-07		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.omnitagjs.com
Amazon RSA 2048 M01		 2023-04-17 -
2024-05-16		 a year crt.sh
*.a-mo.net
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
the-ozone-project.com
E1		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.app.kargo.com
Amazon RSA 2048 M03		 2023-12-20 -
2025-01-16		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
id.hadron.ad.gt
E1		 2024-01-27 -
2024-04-26		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2024-01-09 -
2025-01-17		 a year crt.sh
a.ad.gt
E1		 2023-12-12 -
2024-03-11		 3 months crt.sh
p.ad.gt
Cloudflare Inc ECC CA-3		 2023-11-09 -
2024-11-07		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
onsite-tag-logs.apps.nielsen.com
Amazon RSA 2048 M01		 2023-04-09 -
2024-05-07		 a year crt.sh
*.imrworldwide.com
GlobalSign RSA OV SSL CA 2018		 2024-01-02 -
2025-02-02		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-11-05		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-10 -
2024-06-26		 6 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-01-30 -
2024-07-30		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-06		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-13 -
2024-12-22		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
id.a-mx.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-12 -
2024-11-10		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
truffle.bid
R3		 2024-01-08 -
2024-04-07		 3 months crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03		 2023-12-11 -
2025-01-08		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-07-04 -
2024-08-01		 a year crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-18 -
2024-09-17		 a year crt.sh

This page contains 49 frames:

Primary Page: https://mtnc.yazdangh.site/
Frame ID: 565CC5A05665E93238F0583275241151
Requests: 149 HTTP requests in this frame

Frame: https://8492babfad9c3c8e261c0201eda94599.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 444B3A11A1349FACAB644D10DBA47F23
Requests: 1 HTTP requests in this frame

Frame: https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Frame ID: CADA470F241EF8C28B942496E625D54D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4980B704CCE92745FC72A0BCD22B0C80
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5FB2A7ACF2A854F8DEED70BB8D39C391
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Frame ID: 0A0731C987D4FEC26B911F308810BACD
Requests: 7 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=20a12167-4a78-416f-b741-9dd37fa33e6d&publisherId=OZONEVEN0005&siteId=3500000609&cb=1706668868958&bidder=ozone
Frame ID: DDF65D28041CBC9E50B1A574258CD070
Requests: 12 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5692AA7B0F82F52DF8064EBE417847A3
Requests: 3 HTTP requests in this frame

Frame: https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=CsQBShJtdG5jLnlhemRhbmdoLnNpdGVSC2Fhcy00ZWZjODdkWghwYmExLjMuMmoSbXRuYy55YXpkYW5naC5zaXRl-gEGNy4zNS4w6AIBiAPE5uatBqgDOuoDJGVkYzI4M2I2LTQ1M2UtNGEyNS05ZDkzLTJmOGFkYTU2NDYzZaoEA0RDSLIFA1VTRNIFCTEwNTE5OTM1ONgFAOAFAOoFB2Rlc2t0b3D6BQRkYzEzqgcDd2ViygcNeWF6ZGFuZ2guc2l0ZeAHAQ
Frame ID: 9DC0CEA791CE7E1EDFB1E556DE633D4E
Requests: 18 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 64CEBA872800ED997D8BE460A0E112F3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: F3D8F932D29162BEFD028583582DFE89
Requests: 24 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 7DA27B089C5495E893DA5F43DDE429DC
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8FBA29F0524A0FC7E6FCA253D0F725B1
Requests: 19 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=541309096&rd=1
Frame ID: 1987BF776A538ACD685E004DF166E6E7
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmtnc.yazdangh.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 09600ECFC292D7F7E553EE9AA1DB26C6
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=mtnc.yazdangh.site
Frame ID: B36D77D2B86CC9B889FC83B07F8C5940
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=BED543C3-DDAA-4404-9C99-43762BCDF25A&redir=true&gdpr=0&gdpr_consent=
Frame ID: 4F52A1EFF9877ACB0DF0E7DFE65C8414
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2306962077708004521&gdpr=0&gdpr_consent=
Frame ID: E57BA1DC6A8F06736C98BBAEB5ABC68C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=32ae9830-bfe2-11ee-8a80-b0ba7ef1e82d
Frame ID: A96EEC19CF734ACACA287552ACC51264
Requests: 1 HTTP requests in this frame

Frame: https://sync.a-mo.net/setuid?A=bf368814-a000-427c-8e0d-fef8d691693c&bidder=pubmatic&uid=BED543C3-DDAA-4404-9C99-43762BCDF25A
Frame ID: 74DB625441F1BD7B0A143145BAC8A54B
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: CB7F7D560A2F64F925C21B746522EBF1
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: A023B27621A69203A12F8AC5A4177E92
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d9bd276a-98a3-4198-8d32-4153ad57123c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 25651181E9A2BF604D4542F5CAD9FCA1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-KDlrKyms6Djp7X0q6Sq9vymsvTjorOt-aRbXsn4
Frame ID: C5B34BC05A39CA8A60E76D8AD8E75235
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3GHVfCkF1Rv0xi5&gdpr=0&gdpr_consent=
Frame ID: 8865A13E3824FA789F32D3FD890B04C8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: 3DB1B6BAF420F814DC0AC8CAE1331ADA
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Frame ID: 0F2ABA391373874BDB5594D7C6CD1512
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D
Frame ID: 0F28788A2F2C70935F9ABC1A26377F10
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BED543C3-DDAA-4404-9C99-43762BCDF25A
Frame ID: BE329578463DFAD05F935B70988968CB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 64B747908F3EE2F2491E481627121790
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-tBDgfwlV_hvwp42xPpc4iaEdkY&gdpr=0&gdpr_consent=
Frame ID: 9A368EC6F59007E9B16C812191649740
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: E99ADE89CB96767EC71E350886301D3C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968907275132306683
Frame ID: B7D563B82470F81A0E66F82A51609884
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=883402450069
Frame ID: F48BAD9799D4E85FE1FFCEFE308E4405
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 67816868EB5D2EB1CDB000BA9195D0FF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4cc465b9-b34b-4200-96b3-0741c0bdbc9f&gdpr=0&gdpr_consent=
Frame ID: 7254D063DF33047FE7DCADA5206F8589
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU4bd463b7bbca48b184a928935b34d339
Frame ID: F56E582CFE07F72E518F572156683C6E
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: BB42A1E68349F7DE3B92BAA9B26CCB84
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=97PKv8DRDaGhiZ4OTLO5ZQ
Frame ID: DA7B2E795B438635A4A83A2258FCC24E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-68e44af1-0fe7-4d2d-aa8a-4aef63cf4250-005
Frame ID: 2997D24923716EDE3E27B908FC2EDCA1
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 0E54242DD9FD2ED1EDA41541E055606A
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 27EDE2E3885A8A45B9E39E50C58530DC
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: EAF75E68242234607046A1003E52A01F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7599552751598215526
Frame ID: 9BC9A7870F5862BBA54D17F414C18D75
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D0C3B5AA26FB41FBB857059B376B5E1C&gdpr=0&gdpr_consent=
Frame ID: 6331AE6BD64B2E15BF93F7C9DEC4D98E
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=BED543C3-DDAA-4404-9C99-43762BCDF25A
Frame ID: 91A4EA4033B27B9B675C5CB49AA49709
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=BED543C3-DDAA-4404-9C99-43762BCDF25A
Frame ID: 0BA76DCB0FB181355383E0F8FF360BC9
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?gdpr=0&euconsent=&uid=BED543C3-DDAA-4404-9C99-43762BCDF25A
Frame ID: 74B3D149859C19C646F4C30D427A61B1
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?gdpr=0&euconsent=&uid=BED543C3-DDAA-4404-9C99-43762BCDF25A
Frame ID: 765B73CEBE2C9BA20547884DC29C156B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Clash of Clans Guides and Upgrade Tracker - Clash Ninja

Detected technologies

Overall confidence: 100%
Detected patterns
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

314
Requests

67 %
HTTPS

27 %
IPv6

105
Domains

167
Subdomains

109
IPs

8
Countries

4054 kB
Transfer

7853 kB
Size

224
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001706668869-NC0ND848-F2P9&adnxs_id=$UID&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001706668869-NC0ND848-F2P9%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001706668869-NC0ND848-F2P9&adnxs_id=2306962077708004521&gdpr=0
Request Chain 97
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001706668869-NC0ND848-F2P9&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=b9981059-739e-4e10-a96d-9edd1611ca81&id=AU1D-0100-001706668869-NC0ND848-F2P9
Request Chain 98
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001706668869-NC0ND848-F2P9 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001706668869-NC0ND848-F2P9 HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=6E3D3200-BEF6-4CEF-A409-7CA74C1323A4&id=AU1D-0100-001706668869-NC0ND848-F2P9
Request Chain 99
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001706668869-NC0ND848-F2P9&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001706668869-NC0ND848-F2P9&rub=LS16KVDN-1Z-BKXU&gdpr=0
Request Chain 100
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001706668869-NC0ND848-F2P9&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001706668869-NC0ND848-F2P9%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001706668869-NC0ND848-F2P9&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001706668869-NC0ND848-F2P9%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f09cef3f-1901-42e1-9971-5f901e32b7f7%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001706668869-NC0ND848-F2P9%252526tapad_id%25253Df09cef3f-1901-42e1-9971-5f901e32b7f7%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b9981059-739e-4e10-a96d-9edd1611ca81&ttd_puid=f09cef3f-1901-42e1-9971-5f901e32b7f7%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001706668869-NC0ND848-F2P9%2526tapad_id%253Df09cef3f-1901-42e1-9971-5f901e32b7f7%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001706668869-NC0ND848-F2P9&tapad_id=f09cef3f-1901-42e1-9971-5f901e32b7f7
Request Chain 101
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001706668869-NC0ND848-F2P9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001706668869-NC0ND848-F2P9&google_tc= HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001706668869-NC0ND848-F2P9&google_gid=CAESEHMCMFxRtjzaw_h_dN0IYzA&google_cver=1&google_ula=450542624,0
Request Chain 102
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001706668869-NC0ND848-F2P9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNjY2ODg2OS1OQzBORDg0OC1GMlA5
Request Chain 104
  • https://sync.colossusssp.com/ebfa23da174faa55634171c5e49d0152.gif?puid=AU1D-0100-001706668869-NC0ND848-F2P9&redir=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fcolossus%3Fcls_id%3D%5BUID%5D%26id%3DAU1D-0100-001706668869-NC0ND848-F2P9 HTTP 302
  • https://ids.ad.gt/api/v1/colossus?cls_id=07f06953-ba87-4281-9bb4-f437731cc030&id=AU1D-0100-001706668869-NC0ND848-F2P9
Request Chain 105
  • https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001706668869-NC0ND848-F2P9 HTTP 302
  • https://ids.ad.gt/api/v1/ppnt_match?uid=3KEwEOmCDu6O&ev=1&pid=562316&id=AU1D-0100-001706668869-NC0ND848-F2P9
Request Chain 113
  • https://pixel.rubiconproject.com/token?pid=34010&customParamenters HTTP 302
  • https://s.cpx.to/sync?dsp=rubicon&dsp_uid=LS16KVDN-1Z-BKXU&customParamenters=
Request Chain 114
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm HTTP 302
  • https://s.cpx.to/sync?dsp_uid=CAESEKt9UENBRn9xGozoHMANpqA&dsp=dbm&google_cver=1
Request Chain 115
  • https://u.openx.net/w/1.0/cm?id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://s.cpx.to/sync?dsp=OPENX&dsp_uid=5371101b-69ed-4e73-b330-e62c2572cf18
Request Chain 116
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D13058%26url%3Dhttps%253A%252F%252Fmtnc.yazdangh.site%252F%26hn_ver%3D72%26fid%3D41128eb7-99aa-47e8-9c3a-70ae6e860691%26dsp%3Dpub_common%26dsp_uid%3Dc0e00351-fcc2-4d8b-8b70-d66840c2e367%26dsp%3DTTD%26dsp_uid%3Db9981059-739e-4e10-a96d-9edd1611ca81 HTTP 302
  • https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=2306962077708004521&pid=13058&url=https%3A%2F%2Fmtnc.yazdangh.site%2F&hn_ver=72&fid=41128eb7-99aa-47e8-9c3a-70ae6e860691&dsp=pub_common&dsp_uid=c0e00351-fcc2-4d8b-8b70-d66840c2e367&dsp=TTD&dsp_uid=b9981059-739e-4e10-a96d-9edd1611ca81
Request Chain 117
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=BED543C3-DDAA-4404-9C99-43762BCDF25A
Request Chain 120
  • https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d HTTP 307
  • https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1
Request Chain 127
  • https://idsync.rlcdn.com/397416.gif?partner_uid=5b6a1c586bb28b42691cc7d42ab498eb HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=COigGBIrCicIARDaFRogNWI2YTFjNTg2YmIyOGI0MjY5MWNjN2Q0MmFiNDk4ZWIQABoNCMbm5q0GEgUI6AcQAEIASgA HTTP 307
  • https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008BwbEnqmTIfglLJhKfnwqDIQPSqjp6yLKDtQGgxR4AXI
Request Chain 128
  • https://s.amazon-adsystem.com/dcm?pid=7be11c9c-3fd1-4409-a016-f23294a75c34&id=5b6a1c586bb28b42691cc7d42ab498eb HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=7be11c9c-3fd1-4409-a016-f23294a75c34&id=5b6a1c586bb28b42691cc7d42ab498eb&dcc=t
Request Chain 137
  • https://id5-sync.com/i/258/8.gif?id5id=ID5*kjVlCgbW1D0aQ-Iu8MM2wtDtmSEIsi4eujBPJPboT1eArdh6sSt5h77TPzMfpXjigK4ZbMN_eTE8KbPGAgN6_A&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-977brdSGVbFBsEZbwWSqe-_LSaOwfHYRMh1MXeodPw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F258%2F124%2F7%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-977brdSGVbFBsEZbwWSqe-_LSaOwfHYRMh1MXeodPw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F258%2F124%2F7%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/258/124/7/2.gif?puid=d6f1afb1-0dca-4ba7-8eb1-2598288c441a&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/258/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/258/2/6/3.gif?puid=2306962077708004521&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F796%2F5%2F4.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/258/796/5/4.gif?puid=9168d22e-ee59-4ba9-9899-5003b4d003be&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F203%2F4%2F5.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/258/203/4/5.gif?puid=99fcf3da-56b3-40eb-8a18-ee7d56b694b8&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=b9981059-739e-4e10-a96d-9edd1611ca81&ttl=%%TTL%% HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F441%2F2%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/258/441/2/7.gif?puid=u_178fc123-b232-4cfb-9be3-6d484626b828&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AABolE7Lc2cAABQDDdU_yQ&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F429%2F0%2F9.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/258/429/0/9.gif?puid=BED543C3-DDAA-4404-9C99-43762BCDF25A&gdpr=0&gdpr_consent=
Request Chain 140
  • https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=7.35.0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=7.35.0&b=1&g=yDd9S3FCkgjVyDXCkcrsr%2F6Te6BecQy6S1Dmro2flZ4%3D
Request Chain 141
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmtnc.yazdangh.site%2F&domain=mtnc.yazdangh.site&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=ET41S3xoa2MyT0FnbDRHb0xKT2VGUS9QOVJ0Vld1VHBtRFdXREdBdTliTjIyUlZqWlZLZlJOaGlhejBBWEJIQVBEakFEb2ZSNy92eUwvdnhHOWNacFNQR2RMV25RMk52ZEZPZzJQMGV1RGxzRTIwS0k2U094KzRXWCsrRDA1VTlsQXVYa05OSzlSSUJGUmxzRE56TFlUZm02U2o2YlRXNHhGTHJPVHhCc3lPMjVmMU10bDN5Y3lUcEJCNkM2YTBybTM5Nnh1dk5LRythV2tLcHE0K1FKLzMyTXVlNno5VUF4S00vRFByeUFTUmNkNGs4UXhCb1daU1RDaHgzajJ3Y3ZEalhSMEJDdXNScjBCSUdHUlJFODVoVmRqUzhsNGdrMEdjdUdQa2hIZ0M0K3NSND18&cppv=2
Request Chain 152
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 154
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=541309096 HTTP 302
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=541309096&rd=1
Request Chain 155
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=e6222f8b-9e69-48ea-9506-6b2feb1a3097&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=R1pMa1NubzliSVpPNWEwZHBtLWhfZw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEEUeDul04rKFNBjoF3iQ1gI&google_cver=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=3KEwEOmCDu6O
Request Chain 156
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=968907275132306683
Request Chain 157
  • https://t.adx.opera.com/pub/sync?pubid=pub9935550313792 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nuid=OPU4bd463b7bbca48b184a928935b34d339&nw=oa
Request Chain 158
  • https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=-tBDgfwlV_hvwp42xPpc4iaEdkY
Request Chain 159
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=d9bd276a-98a3-4198-8d32-4153ad57123c&google_hm=ZDliZDI3NmEtOThhMy00MTk4LThkMzItNDE1M2FkNTcxMjNj&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAzs0TXK2rKaDOCIp_2tRfw&google_cver=1&ssp=sonobi&bsw_param=d9bd276a-98a3-4198-8d32-4153ad57123c&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=d9bd276a-98a3-4198-8d32-4153ad57123c&gdpr=&gdpr_consent=&us_privacy=
Request Chain 160
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=2306962077708004521
Request Chain 161
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=3aEA_qeNdHMj2WIdj7sL6wdCV7jMRgBIKgraWU5SGwE&pi=sonobi&tc=1
Request Chain 162
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=116da9d98c&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=b9981059-739e-4e10-a96d-9edd1611ca81&pubid=116da9d98c HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=e6222f8b-9e69-48ea-9506-6b2feb1a3097
Request Chain 164
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZbmzSAABU_vngQBK HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZbmzSAABU_vngQBK&_test=ZbmzSAABU_vngQBK
Request Chain 167
  • https://match.adsrvr.org/track/cmf/openx?oxid=134c3c08-5545-727c-d1a6-1e8024e5d09a&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=b9981059-739e-4e10-a96d-9edd1611ca81&ttd_puid=134c3c08-5545-727c-d1a6-1e8024e5d09a&gdpr=0&gdpr_consent=
Request Chain 169
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP_9IiiQpguH6gWbGHaY-GM&google_cver=1
Request Chain 172
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmtnc.yazdangh.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmtnc.yazdangh.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 174
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2721468381940455947672
Request Chain 176
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=b9981059-739e-4e10-a96d-9edd1611ca81&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 177
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjcyMTQ2ODM4MTk0MDQ1NTk0NzY3Mg%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 178
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENnCvfxKFyQsgKYLCDuoEiY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 179
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjcyMTQ2ODM4MTk0MDQ1NTk0NzY3Mg%3D%3D
Request Chain 181
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2721468381940455947672?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-1qrXhldE2oQjARyPACVfTV1qeAWc_fzwhDzByOyZ3w--~A&dongle=0883
Request Chain 183
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=99fcf3da-56b3-40eb-8a18-ee7d56b694b8&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}
Request Chain 184
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2306962077708004521&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 189
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b9981059-739e-4e10-a96d-9edd1611ca81&expiration=1709260872&gdpr=0&gdpr_consent=
Request Chain 190
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZbmzSMAfevku92bB7ta_rwAABfQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOxiy0Hvzw5I4w3tdAf5BzQ&google_cver=1
Request Chain 191
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZbmzSMAfevku92bB7ta-rwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB4yWkCk3EIbWBOiZlhxKy0&google_cver=1
Request Chain 193
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=5467970659483353521&gdpr=0&gdpr_consent=
Request Chain 194
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=968907275132306683
Request Chain 196
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZbmzSMAfevku92bB7ta_rwAABfQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZbmzSMAfevku92bB7ta_rwAABfQAAAAB
Request Chain 202
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=b9981059-739e-4e10-a96d-9edd1611ca81
Request Chain 203
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=yazdangh.site&sn=ChromeSyncframe&so=0&topUrl=mtnc.yazdangh.site&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=qSuBdnwrZVU2ZU9NbmhDOEFRMjdxeFFCQ2FVQUhLeFBFZll6Y0tpaGN2eXNXaVNhYXhHOEUrcXJaTzhzbzB0MFZLMDN3MzVtMEljUU9xekdXSlVDVHJYRU9Qd2E2Y21aamVmOEw0YnpFQmtXaEt2UEsxSmJOKzdtbS9aU2RrYkYrT0x0OStDUVg0QWdGQVB3U0tySDVObTlwL3lGUmVQWEFGNk9ZMUQwNTcrWkdxVHJ2bS9TR09va0I0RHdDTkk2a2k5Y0pjTUNNNzlLSy9KME1yUnhaZUx4TmVmM085VSs4MHYrSzU1VUtIRVhpTnJNTEZ1TytrRnJ3Y2FDVzR2Q2I2MUhHYk9pSXZvZjdmV2hJSjZ4eVBNZzhMSWlKLzhyM3FQK3BuVjZtMlNZcS9Rcz18&cppv=2
Request Chain 205
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2306962077708004521&gdpr=0&gdpr_consent=
Request Chain 206
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=32ae9830-bfe2-11ee-8a80-b0ba7ef1e82d
Request Chain 207
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEWl9VN0xjMmNBQUJKM3BXMk9xZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABolE7Lc2cAABQDDdU_yQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5467970659483353521&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?uid=AABolE7Lc2cAABQDDdU_yQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5467970659483353521%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5467970659483353521&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AABolE7Lc2cAABQDDdU_yQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5467970659483353521%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5467970659483353521&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AABolE7Lc2cAABQDDdU_yQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABolE7Lc2cAABQDDdU_yQ&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dbf368814-a000-427c-8e0d-fef8d691693c%26bidder%3Dpubmatic%26uid%3DBED543C3-DDAA-4404-9C99-43762BCDF25A&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://sync.a-mo.net/setuid?A=bf368814-a000-427c-8e0d-fef8d691693c&bidder=pubmatic&uid=BED543C3-DDAA-4404-9C99-43762BCDF25A
Request Chain 210
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d9bd276a-98a3-4198-8d32-4153ad57123c&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_449c5e5c-ff06-41db-be24-a766b1a21d72&bsw_param=d9bd276a-98a3-4198-8d32-4153ad57123c&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d9bd276a-98a3-4198-8d32-4153ad57123c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 211
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-KDlrKyms6Djp7X0q6Sq9vymsvTjorOt-aRbXsn4
Request Chain 212
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3GHVfCkF1Rv0xi5&gdpr=0&gdpr_consent=
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vtVDw92qRAScmUN2K83yWg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 214
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=BED543C3-DDAA-4404-9C99-43762BCDF25A HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Df09cef3f-1901-42e1-9971-5f901e32b7f7%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2306962077708004521&pt=f09cef3f-1901-42e1-9971-5f901e32b7f7%2C%2C
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkVENTQzQzMtRERBQS00NDA0LTlDOTktNDM3NjJCQ0RGMjVB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 218
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECy3PLhDm3XkOPLTR4Jl9Dg&google_cver=1
Request Chain 219
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D0C3B5AA26FB41FBB857059B376B5E1C
Request Chain 220
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b9981059-739e-4e10-a96d-9edd1611ca81&gdpr=0&gdpr_consent=
Request Chain 222
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BED543C3-DDAA-4404-9C99-43762BCDF25A&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GQB7d1NE2uXx7p5IEDXhk_k7idsRp4E-~A&gdpr=0
Request Chain 223
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9168d22e-ee59-4ba9-9899-5003b4d003be&gdpr=0&gdpr_consent=
Request Chain 224
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BED543C3-DDAA-4404-9C99-43762BCDF25A&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3b0c7174419206dd&is_secure=true&networkId=17100&version=1&nuid=BED543C3-DDAA-4404-9C99-43762BCDF25A&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAB9atmfuFoPANrEHBjAAAAAAA&expiration=1706755273&nuid=BED543C3-DDAA-4404-9C99-43762BCDF25A&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 225
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2417723234098269795&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 226
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33647_110214631_A6B78A3A&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 229
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFMxNktWRE4tMVotQktYVQ== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDDsYzI1RF08QMk3FjFAK0w&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxNktWRE4tMVotQktYVQ==&google_push=
Request Chain 231
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b9981059-739e-4e10-a96d-9edd1611ca81&gdpr=0&gdpr_consent=&expires=30
Request Chain 232
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDMzOWY3ZWM5YjlmNmJmODQ3OTJjNjA0MzAxNjNmMDZlMzdmZDQ4NA
Request Chain 233
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LS16KVDN-1Z-BKXU&ex=d-rubiconproject.com&status=ok
Request Chain 234
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELfKWu0FvPmMBmCv0Tk2lJs&google_cver=1
Request Chain 235
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Z7gwsCUFtzaQfcyEFmwjLsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HYHnMbhE2oJlVVUSAzf4JUh2wCkqnFnklj4VYw--~A
Request Chain 236
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS16KVDN-1Z-BKXU
Request Chain 237
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xW4ool_DThGz2uf1kROf2g&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xW4ool_DThGz2uf1kROf2g
Request Chain 238
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABolE7Lc2cAABQDDdU_yQ&expires=30
Request Chain 239
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LS16KVDN-1Z-BKXU&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LS16KVDN-1Z-BKXU&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1xXzFuQklKRTJ1SDAzYnBDQjZleVVsSUMxWjl2QURoMH5B&ovsid=LS16KVDN-1Z-BKXU&dpid=58160
Request Chain 240
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LS16KVDN-1Z-BKXU
Request Chain 241
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LS16KVDN-1Z-BKXU
Request Chain 242
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9168d22e-ee59-4ba9-9899-5003b4d003be&expires=30
Request Chain 243
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LS16KVDN-1Z-BKXU
Request Chain 244
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LS16KVDN-1Z-BKXU
Request Chain 246
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=openx&uid=2a92b3c7-ecda-4195-ba2a-de95a5be1217
Request Chain 249
  • https://id.a-mx.com/sync?tao=1&&do=mtnc.yazdangh.site HTTP 302
  • https://c3.a-mo.net/b?uid=42801c47-af29-4b50-9b5f-0739f9fe4005&sh=id.a-mx.com& HTTP 302
  • https://id.a-mx.com/set?oid=42801c47-af29-4b50-9b5f-0739f9fe4005&uid=bf368814-a000-427c-8e0d-fef8d691693c&
Request Chain 250
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-adaptmx HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Request Chain 251
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=bf368814-a000-427c-8e0d-fef8d691693c&gdpr=0&gdpr_consent=&us_privacy=1---_e&gpp=&gpp_sid= HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=1---_e&ssp=adaptmx&bsw=d9bd276a-98a3-4198-8d32-4153ad57123c
Request Chain 252
  • https://ups.analytics.yahoo.com/ups/58570/occ?uid=bf368814-a000-427c-8e0d-fef8d691693c HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-yXJMQ1lE2uEkXTTluAPKywywOUSK_LePV4ae7bE-~A
Request Chain 253
  • https://id.a-mx.com/u?gdpr=0&gdpr_consent=&us_privacy=1---_e&gpp=&gpp_sid=&cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dbf368814-a000-427c-8e0d-fef8d691693c%26bidder%3Damx_com%26uid%3D HTTP 302
  • https://sync.a-mo.net/setuid?A=bf368814-a000-427c-8e0d-fef8d691693c&bidder=amx_com&uid=bf368814-a000-427c-8e0d-fef8d691693c
Request Chain 254
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=1---_e&r=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dbf368814-a000-427c-8e0d-fef8d691693c%26bidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://sync.a-mo.net/setuid?A=bf368814-a000-427c-8e0d-fef8d691693c&bidder=openx&uid=2a92b3c7-ecda-4195-ba2a-de95a5be1217
Request Chain 256
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&us_privacy=1---_e&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.a-mo.net%252Fsetuid%253FA%253Dbf368814-a000-427c-8e0d-fef8d691693c%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=95acaf6b-70a7-4062-be60-62219d850a80-65b9b349-5553&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=3aEA_qeNdHMj2WIdj7sL6wdCV7jMRgBIKgraWU5SGwE&pi=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6350823125048371624 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 257
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=1---_e&cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dbf368814-a000-427c-8e0d-fef8d691693c%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://sync.a-mo.net/setuid?A=bf368814-a000-427c-8e0d-fef8d691693c&bidder=index_rtb&uid=ZbmzSMAfevku92bB7ta-rwAA%261524
Request Chain 259
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dbf368814-a000-427c-8e0d-fef8d691693c%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.a-mo.net/setuid?A=bf368814-a000-427c-8e0d-fef8d691693c&bidder=appnexus&uid=2306962077708004521
Request Chain 265
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZbmzSMAfevku92bB7ta-rwAA%261524
Request Chain 268
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=f84238f2-f10a-495d-b7ee-1zz1706668849 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Drichaudience%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Drichaudience%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=-3565635125611994377 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=212d318e-df86-531f-9250-89e9f7e93aa0&ssp=richaudience&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=d9bd276a-98a3-4198-8d32-4153ad57123c&gdpr=0&gdpr_consent=&us_ps=
Request Chain 269
  • https://ad.360yield.com/server_match?partner_id=2048&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2F056f32ee5cf49404607e368bd8d3f2af%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.richaudience.com/056f32ee5cf49404607e368bd8d3f2af/?gdpr=0&euconsent=&uid=d6f1afb1-0dca-4ba7-8eb1-2598288c441a
Request Chain 270
  • https://match.prod.bidr.io/cookie-sync/richaudience?gdpr=0&gdpr_consent= HTTP 303
  • https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AABolE7Lc2cAABQDDdU_yQ&gdpr=0
Request Chain 273
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&khaos=LS16KVDN-1Z-BKXU HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LS16KVDN-1Z-BKXU
Request Chain 274
  • https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=2306962077708004521
Request Chain 277
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=5467970659483353521
Request Chain 278
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent= HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LS16KVDN-1Z-BKXU&gdpr=0
Request Chain 281
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=730ed332-f61b-4644-bc2f-ded5e70c072d&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BED543C3-DDAA-4404-9C99-43762BCDF25A
Request Chain 282
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 283
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-tBDgfwlV_hvwp42xPpc4iaEdkY&gdpr=0&gdpr_consent=
Request Chain 284
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 285
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968907275132306683
Request Chain 286
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=883402450069
Request Chain 287
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 288
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4cc465b9-b34b-4200-96b3-0741c0bdbc9f&gdpr=0&gdpr_consent=
Request Chain 289
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU4bd463b7bbca48b184a928935b34d339
Request Chain 291
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=97PKv8DRDaGhiZ4OTLO5ZQ
Request Chain 292
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1706668875837 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1454695301 HTTP 302
  • https://sync.1rx.io/usersync/turn/2417723234098269795?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-68e44af1-0fe7-4d2d-aa8a-4aef63cf4250-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-68e44af1-0fe7-4d2d-aa8a-4aef63cf4250-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-68e44af1-0fe7-4d2d-aa8a-4aef63cf4250-005
Request Chain 296
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7599552751598215526&uid=Q7599552751598215526&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7599552751598215526
Request Chain 297
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D0C3B5AA26FB41FBB857059B376B5E1C&gdpr=0&gdpr_consent=
Request Chain 298
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=BED543C3-DDAA-4404-9C99-43762BCDF25A&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=BED543C3-DDAA-4404-9C99-43762BCDF25A&vxii_pid=12&vxii_pid1=10067&vxii_rcid=86fce7ee-5832-4f78-9b12-309a5686df57
Request Chain 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ac47a1a4-1dcb-4d77-bfb1-f95fb8cf5899&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 306
  • https://idsync.rlcdn.com/712188.gif?partner_uid=BED543C3-DDAA-4404-9C99-43762BCDF25A&gdpr=0&gdpr_consent= HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=16dc3593ae4a06fe4a3e4e498dca4960378a23a70e06201ad0edc2cf5e2d011b791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=16dc3593ae4a06fe4a3e4e498dca4960378a23a70e06201ad0edc2cf5e2d011b791426b5417dce21&rand=03406679
Request Chain 307
  • https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=BED543C3-DDAA-4404-9C99-43762BCDF25A/gdpr=0/gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=BED543C3-DDAA-4404-9C99-43762BCDF25A/gdpr=0/gdpr_consent=

314 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mtnc.yazdangh.site/ 		35 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6648d7775a51d492a10e62bcb5fee038d159891e751e98796e0fffb4451d3af
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
84de97fecc408dbe-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 02:41:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INbEpnQ%2B5vi%2BR0hDlkO1nedSkwwGNsyo5lp57b%2BGxtr2Xm5ElJefKDWk7Rcs8mKlP6H0N8cER2lqE52nb3Nkg3OysyVI%2FR5ebOAvCqgH%2BaM4KwKXWlAjZ6TilZ%2Frs8al9A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		135 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-131485669-1
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
28078ee4ffaaba4de400d10a5dd1f6d2506ddde91c86e2de4e0d03161de81df5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
52412
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 Jan 2024 02:41:07 GMT
css
fonts.googleapis.com/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700,800&display=swap
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d220665dbe19df77bc04607636e16681d9c5b892f6480b84498813ba28d73982
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jan 2024 02:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 02:11:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jan 2024 02:41:07 GMT
styles
mtnc.yazdangh.site/bundles/ 		297 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mtnc.yazdangh.site/bundles/styles?v=pIkG9ugbWEMVM0lkv6hlTaOewsJDVt_Erbtx591tUsE1
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40543bb9c1be35ba405862257fe66d9a2bde6f19fc214f09ab6d60ed2598d704
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 31 Jan 2024 02:41:07 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cCUuWUGuYyt9gN2IVYxhQpwfVQx%2B6GZ0PkXlTuepmekEFoO8b2h46auxT6lsF9A9jqD9IkphXJeG6xyuFBOsKKjCHFR9fJoHEmAkwBrpz4kmrut84xbwyzT%2B7bsITGQd71t%2FahnwXHqAPg6%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public
cf-ray
84de98026b538dbe-MIA
expires
Thu, 30 Jan 2025 02:41:07 GMT
core-bundle.min.css
mtnc.yazdangh.site/styles/ 		496 KB
105 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mtnc.yazdangh.site/styles/core-bundle.min.css?v=1
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bec18eb04e6117c19c49960d9310455567e5a1bc27d082335f8783ef87093761
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Jan 2024 18:19:37 GMT
server
cloudflare
etag
W/"37e24be340da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FXH4nXr5bLMbI0hJ%2BGiDNtxtYFiZZh3S%2BqrAo9b%2BqzYfv8CbtleA99vqOgaWnymE%2BGUIEOrvTo7UqTalG2P9CaateNUr6qPn42VU1gog7QPRcC2vdSEvVwP%2BNWHwAjEx3bfGfxPUHg5IPTN7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=43200
cf-ray
84de98026b588dbe-MIA
light.css
mtnc.yazdangh.site/styles/ 		157 B
440 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mtnc.yazdangh.site/styles/light.css
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1c2b4076f9261fb16ec3fcc613fcdb3140b400fd9fde0a266df4549b0f4bd79
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 14 Aug 2022 19:37:17 GMT
server
cloudflare
etag
W/"e6e3584315b0d81:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JFstWz86WqM5amdrh181FSV7hSVQm%2BbZ3SFz%2FSlF6ENXBFPOYiL7cbqewJEoyblkJIS0R3Xi0kg7TutVjCnsPipqtA3nnAXQNrq01xgkP5sATsZtNvTUehxdzrkTXHm%2Bqg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=43200
cf-ray
84de98026b5a8dbe-MIA
ad-manager.min.js
hb.vntsm.com/v3/live/ 		1013 KB
299 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::845:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-845 /
Resource Hash
a5e8af00cad0f0834c5a6ab19d7a796a4248bd5f917856d4ba80b38fdec7bbb1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:07 GMT
content-encoding
br
cdn-edgestorageid
1070
x-amz-server-side-encryption
AES256
cdn-cachedat
01/29/2024 12:37:53
cdn-pullzone
131999
last-modified
Tue, 23 Jan 2024 13:18:58 GMT
server
BunnyCDN-IL1-845
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"3fd520ec9d5533e64da3bc5cf326e189"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
x-bl
0
cdn-requestid
990b6782d8b46231dd4bd42bb1b25cf5
cdn-requestcountrycode
US
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
logo.png
mtnc.yazdangh.site/images/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mtnc.yazdangh.site/images/logo.png
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a403ce276b85b7942a515a1af433b36013955c505e6bfddfa1dcff6a29e21188
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
22854
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 14 Aug 2022 19:34:28 GMT
server
cloudflare
etag
"282fa8de14b0d81:0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhlNMQvr9YCR1iWMszSrmCnkhOmqPSRWL9IRWwW4UiUemSrS7QCmSt%2Fk2TVcxNdqJMVtwz5B%2Fi8mIj9RKoOZfn3i7FbGxhB%2FIVUCmEfNgVozJ%2F3SxKtHmXj5k9VFlumA5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84de98026b5c8dbe-MIA
guides.jpg
mtnc.yazdangh.site/images/home/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mtnc.yazdangh.site/images/home/guides.jpg
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9847c10d8212f9ea8081496cac070912c80e13a044d6053d9c405ce18c47edfc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
71196
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
h2pri
last-modified
Sun, 14 Aug 2022 19:37:00 GMT
server
cloudflare
etag
"369b93915b0d81:0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fohew%2F1nO8DgYq2T%2BRzelDt6HNSrlz1u5KuT4cej3w0S%2FfSSXi1FSG8K%2F9FzhUGSw%2BHYC8sZnVPsVhrRxm0n5HCZBiDKtzHDZ3eH2kcPogbIdUkSco7E1c69vT8%2BUE6ZI7vH9WQueZlAheJeEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84de98026b5d8dbe-MIA
upgrade-tracker.png
mtnc.yazdangh.site/images/home/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mtnc.yazdangh.site/images/home/upgrade-tracker.png
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94f7528b0dfe326666c3f428871cedd3771cb0cc3efd4c2afa729afc018e504d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
21341
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 14 Aug 2022 19:37:01 GMT
server
cloudflare
etag
"84b7c3915b0d81:0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vC9rLPCWzLeO6qe53bairTCHSCCMGF5ffGCOLH5EZGx8y5AvJp1WIlR%2Bk6tkuh0j0T%2FLnDwVyNAPhoLgEE7pyHIpO4GuT%2F%2BXsQWwLvrCbbN4woxKaOKReXgD9IKaHks3nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84de98029ba78dbe-MIA
feedback.png
mtnc.yazdangh.site/images/home/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mtnc.yazdangh.site/images/home/feedback.png
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2218553b557772d344674954422c4e111752c907a89f5e8bc7c24a5fc5ee0b26
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
80640
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 14 Aug 2022 19:37:00 GMT
server
cloudflare
etag
"1a61ef3815b0d81:0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dEkJMcq5Q4f3sGE8rtvbNO%2Bzapu%2FfkZXZY1ppjzfD1s1fhfbj7dvQyfAwWiDBwt%2FnFeVVqCxpJFXjiQAI78eQW8C8LNDfPcoH5XoAdIeiegGkhDnepwV4Se%2FLEdxHs6ipcrs%2FBPVOLYffhyGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84de98029ba98dbe-MIA
what-is-builder-base-2.0-thumb.jpg
mtnc.yazdangh.site/images/content/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mtnc.yazdangh.site/images/content/what-is-builder-base-2.0-thumb.jpg
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6059ee2b09b16e37311edda3393c4eb91520536ec3654fede8c7060d397128c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
11808
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
h2pri
last-modified
Sun, 28 May 2023 16:35:50 GMT
server
cloudflare
etag
"9df6d7768291d91:0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWoBC%2FPzrNoxeM%2Bj9MK8TR1tsmOJbZiq3ENHBYyeEceYepLe7DyjMiNXHuji4Phd3ANtK03Xgy99s7%2F6r3%2BIWUqNuqQtYSsKEx6DuMQ5jgUh9quBM4Vd2Jhz5LM6UJDYQOrC1ylROH2B9Mcdmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84de98029bbb8dbe-MIA
which-pet-should-you-pair-with-your-heroes-thumb.jpg
mtnc.yazdangh.site/images/content/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mtnc.yazdangh.site/images/content/which-pet-should-you-pair-with-your-heroes-thumb.jpg
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61924be56ec2d4b0eb3bf862554a3723ff3b187610d1ecac73bfca112b3ac1f1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
48768
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
h2pri
last-modified
Sun, 16 Oct 2022 16:32:52 GMT
server
cloudflare
etag
"ff6aaeef7ce1d81:0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aL3fsc6DnHhf1OwQ%2F%2BC20FTke7DsII4miw9y9CJIjlLMRoQbo87KcT4rvFQSRn2P3abrq7Xa%2FOyq0ELwIbSMyJv7sLQR13HD27ZzZmUQaP92QUNum6ctE4Rw5Q6TGpLwPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84de98029bbc8dbe-MIA
how-long-to-max-th-thumb.jpg
mtnc.yazdangh.site/images/content/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mtnc.yazdangh.site/images/content/how-long-to-max-th-thumb.jpg
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3b6e724eab0f34bc2e5e67db8583d883bd9cb94a663ce62c7feca25bcc56f6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
12652
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
h2pri
last-modified
Sun, 14 Aug 2022 19:34:44 GMT
server
cloudflare
etag
"a44d3e814b0d81:0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Df55BCTP16Oyr8xIIKyCiX5Qoxh4LBck52UzU2trscx6MGws5NuUi84xFSUL9GQ4pYClDrJfPBsow8PXfG8kIZl%2BHyYuuiOVNpYPAx3oOki%2BulRq2L6iGHAId%2FNbpmWjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84de98029bbe8dbe-MIA
when-are-the-next-ingame-events-thumb.jpg
mtnc.yazdangh.site/images/content/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mtnc.yazdangh.site/images/content/when-are-the-next-ingame-events-thumb.jpg
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ada0388477feef72c88dec17af226fcee23d042798e61fc92a15f9adddbffa5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3312
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
h2pri
last-modified
Sun, 14 Aug 2022 19:35:05 GMT
server
cloudflare
etag
"6ea84ef414b0d81:0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AW%2Bxk%2FgHiHHXQYZ2J7JfX8EFoIAIj0Yg%2BTxbtybSac%2BAF79bJz%2FaFandlwHINQ74vo81YFIovx47OQqGlPkT3R%2FSd6swMgM0N3yS%2F2Uxz5RPVF3EAyQE4vyf495D7c03hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84de98029bc08dbe-MIA
jquery.min.js
mtnc.yazdangh.site/scripts/vendor/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mtnc.yazdangh.site/scripts/vendor/jquery.min.js
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5e35862041164f89908f159c040496daeb2fbc341cbca980a58a48a7deab17
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 14 Aug 2022 19:37:13 GMT
server
cloudflare
etag
W/"b59d94115b0d81:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYP3D2zgFM7vWEHI2eSf5TCYNYSOrcOfXpf2VORyz%2FK4fFq0KLch5w7Wp2D58j3%2BSlhjxdglnq0xvNuI6nn%2B9N71ajnifIYghHH2b8pvBGqcyfuaVzVLZ7uJ3wU9liuyug%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=43200
cf-ray
84de98029baa8dbe-MIA
foundation.min.js
mtnc.yazdangh.site/scripts/vendor/ 		479 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mtnc.yazdangh.site/scripts/vendor/foundation.min.js
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f29692bed02af855a1b94e4b99ac94de8b6f4a41d86ac6ac2897e47d0a0d66b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 14 Aug 2022 19:37:13 GMT
server
cloudflare
etag
W/"80f19b4015b0d81:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKxfYQUazf56U%2BB5LAwfEOrEr1ZQYKbCWBTGksgVLZRUhTZ0hycBt1Pfl159J9dqURzX40MvmbPyqEqXgd6tkx5YdPJ%2BXOS0YMC2RrRg77CADUqKm5RroYmOqScI%2BFeP8Tp0zSwQVc15W4B9vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=43200
cf-ray
84de98029bae8dbe-MIA
core-scripts
mtnc.yazdangh.site/bundles/ 		161 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mtnc.yazdangh.site/bundles/core-scripts?v=vayBssS7hEUBiiorgwAMGpRZmXry6j72CGPnOKdjTBY1
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7521206778e780201870e5f767c32bc2624676904b41c1049d3ed19793e941a9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 31 Jan 2024 02:41:07 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VkHEZmmInQfwul7MvD9pmF6SiQqtvRozfI3%2B%2BHsE42IHiUnlW%2Faj1GOdKvXJTrCkPhDsrP5EDyoGI8MVhT43ihUge%2FvLjzP3BewV5cMWC6bRLwsoNWv9Gndxozz9C4nrqjPF8FtEW%2FvrW%2FgNvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public
cf-ray
84de98029bb08dbe-MIA
expires
Thu, 30 Jan 2025 02:41:07 GMT
email-decode.min.js
mtnc.yazdangh.site/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mtnc.yazdangh.site/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Jan 2024 11:50:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b8e284-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PF9qRgl0shDK%2F7Ub0Br%2B%2FWUnXMVu0VMQUaB5pxaZQIkHDWkqZSG7uEigzKxrxgaWijxF28NeYacp3BVslSglj11gbAfE6UDH5Hz6j63RAjxM3uwtEb90oFbi99YJkf1E3xqKjbXOd6e6G8d6ojK9vVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
84de98029bb88dbe-MIA
expires
Fri, 02 Feb 2024 02:41:06 GMT
beacon.min.js
static.cloudflareinsights.com/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:07 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
84de9802ea96741c-MIA
prebid-ads.js
mtnc.yazdangh.site/scripts/ 		21 B
350 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mtnc.yazdangh.site/scripts/prebid-ads.js
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67728c2b28e95e78aad43ea7de27d0f3885b8a9e6629d356dcda7d86d5b1d451
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 11 Mar 2023 15:39:14 GMT
server
cloudflare
etag
W/"59a746a22f54d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFUdRrt%2FIkYJnoVpFoa0N24U9LcNQpzeWasJcYt6YLZoycD5rEPw14W0sNYUo7jm6LGq9yaSh8YIorUmty3uovXdx61IbS1gYKVxAiplyyaU0uxyF%2FgTdyQp0jLkaZMUlg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=43200
cf-ray
84de98029bba8dbe-MIA
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://mtnc.yazdangh.site/
Origin
https://mtnc.yazdangh.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:07 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
84de9802fbb8d9a9-MIA
js
www.googletagmanager.com/gtag/ 		264 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8C95YRZHMZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131485669-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
77894d43add0cf8258c722e5abfdb2db6b2cc1abca05c1910dc0d0419a7816aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91277
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 Jan 2024 02:41:07 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131485669-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::8b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 31 Jan 2024 02:11:05 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1802
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 31 Jan 2024 04:11:05 GMT
collect
www.google-analytics.com/g/ 		0
173 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-8C95YRZHMZ&gtm=45je41t0v878191735&_p=1706668866956&gcd=11l1l1l1l1&dma=0&cid=81821566.1706668867&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1706668867&sct=1&seg=0&dl=https%3A%2F%2Fmtnc.yazdangh.site%2F&dt=Clash%20of%20Clans%20Guides%20and%20Upgrade%20Tracker%20-%20Clash%20Ninja&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1388
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8C95YRZHMZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::8b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mtnc.yazdangh.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
builder-base-2.0-slider.jpg
mtnc.yazdangh.site/images/home/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mtnc.yazdangh.site/images/home/builder-base-2.0-slider.jpg
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7d112928229d82d1ccc8a040623dfdf51c669c9ad50dd3ac87508d893a143d9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
58256
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
h2pri
last-modified
Sun, 28 May 2023 16:36:35 GMT
server
cloudflare
etag
"163090918291d91:0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBZ8xSG3fWtuQsQjQeENLQLntt6USaXy9mGqU78JF9vljqGTzOfNG8zFRJrXo%2BLn3UVcUszgOnB7OLkGFlRdHuTW%2FHmnq7u1rvQQDTzlf6mAT591nKIfFzq5Y1DgSOd0I3xbuuEjxQPuTJN0uA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84de980538a87436-MIA
pets-slider.jpg
mtnc.yazdangh.site/images/home/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mtnc.yazdangh.site/images/home/pets-slider.jpg
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a03aa4f7447066097f6b81dc3baf12a72bfd4509e95539a2e5141931cc4e5acf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
46315
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
h2pri
last-modified
Mon, 10 Oct 2022 08:45:43 GMT
server
cloudflare
etag
"7675daf84dcd81:0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sF1WdNuLeA95sJ3Qw1l5t1hcYk8%2Be%2FPMuRqGN50F6FlhZjOW20Fx7x348W0RjnXoIprgGubc3co8zpR%2BPYLcZ1Y6gdZRPtPGMVSpDFnj4WBX2x173pL7YRp7Jka9KAqm6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84de980538aa7436-MIA
upgrade-tracker-slider.png
mtnc.yazdangh.site/images/home/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mtnc.yazdangh.site/images/home/upgrade-tracker-slider.png
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cf13a918dd33438690c38a94ecf6df3216b72a288636269cf4e7c734a85b63c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
31050
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 14 Aug 2022 19:37:01 GMT
server
cloudflare
etag
"8d20703915b0d81:0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7QrRkXKUqDSH%2BPu6aNW5nvAXTnFVf1EQ6q3fzLRYhaFM7HlOBLiNjCFTSwJfdjZVSGL%2BSt6KeSj27heyCvFeuzOseg0EomxBCzg42g%2Bfiby7F%2Fd9mjObfQoyn4JCfXPPW7LXHesTZfxAYLaPnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84de980538ab7436-MIA
new-player-guide.png
mtnc.yazdangh.site/images/home/ 		302 KB
303 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mtnc.yazdangh.site/images/home/new-player-guide.png
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e4e23799c85ab58a7f3a58b01e1db5102baed810f095b342d5a3a81555cded
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
309245
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 14 Aug 2022 19:37:00 GMT
server
cloudflare
etag
"c1fa2a3915b0d81:0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=waLhLLhiW6M9IqycIX0V7PiAYw4eSAaGm7Q8%2Bs6enGUUJlJOpLRD5Uf%2BarU22HS72RgcLta3Dz14WDtw60aWxdsdsYWcGzXM3HcIOvo2uUMQ%2BfFa0EyNRwR3cRxsd0E7ltKCRHEJr1RhKrDFXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84de980538ad7436-MIA
how-long-to-max.png
mtnc.yazdangh.site/images/home/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mtnc.yazdangh.site/images/home/how-long-to-max.png
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58886813491582a52a34cba2454d4c9b88052d692cf4452ea469ff23998e867b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
37151
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 14 Aug 2022 19:37:00 GMT
server
cloudflare
etag
"29fcb3915b0d81:0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqSEghleS9fpd72%2Bmi4nHua0XRzbHzw2bj06CD7q5eOclARLCEbisXrVIq3ACPLhBmc16ak65DFpn6bv%2B2XCk8XIN7ZyGunMKN2Df9ir1nZ5EHvrAVUIRJldCVhdp5uRMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84de980538ae7436-MIA
queen-walk.png
mtnc.yazdangh.site/images/home/ 		294 KB
294 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mtnc.yazdangh.site/images/home/queen-walk.png
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72862c917bef16944a34b58e8496be05ea9149c34e334f2582e45e3de593508d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
300594
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 14 Aug 2022 19:37:00 GMT
server
cloudflare
etag
"c3c04e3915b0d81:0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BR3IvB2IU%2BNCCYukULJA9lJbUWiYz5YuT3cqMnQ3RH%2BbiNzXnpp4knQ1sH5aETzXlB53uT8CfVdThlO%2BHSqrA%2FcqzBjZfFwE3ETPwOCfr4XeaIkTtJiiTrlNOofeQKW%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84de980538af7436-MIA
content.html
hb.vntsm.io/ 		32 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:07 GMT
cf-cache-status
MISS
x-amz-request-id
03AS01GGJVYCD5B1
content-length
32
x-amz-id-2
/Ptl8xJWnyq0/fw1WrCGRjC+6d/2dX215v6AEnR/dmqPIOKrG8IXJjFNXlstFLOjuCoYz6NRo8c=
geo
US
geo-subdivision
US-FL
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84de98064bb18dcd-MIA
608ae23cab178721a5790f50.enc
hb.vntsm.com/v2/live/ 		71 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/608ae23cab178721a5790f50.enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::845:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-845 /
Resource Hash
b881d6053d16f5e1c4a0173d5167d879f0c42f6d4528813fdaf947931efb64f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:07 GMT
content-encoding
br
cdn-edgestorageid
1070
x-amz-server-side-encryption
AES256
cdn-cachedat
01/29/2024 12:39:58
cdn-pullzone
131999
last-modified
Thu, 16 Nov 2023 12:37:40 GMT
server
BunnyCDN-IL1-845
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"67ed204fbdd4623dbe8421f4ae2a6621"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
access-control-allow-credentials
true
x-bl
0
cache-control
public, max-age=86400
cdn-requestid
5d420380a6e9d93360679d5ad6681588
cdn-requestcountrycode
US
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mtnc.yazdangh.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 13:37:49 GMT
x-content-type-options
nosniff
age
392598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 13:37:49 GMT
collect
www.google-analytics.com/j/ 		1 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=422840347&t=pageview&_s=1&dl=https%3A%2F%2Fmtnc.yazdangh.site%2F&ul=en-us&de=UTF-8&dt=Clash%20of%20Clans%20Guides%20and%20Upgrade%20Tracker%20-%20Clash%20Ninja&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=672888263&gjid=955087635&cid=81821566.1706668867&tid=UA-131485669-1&_gid=1492888243.1706668868&_r=1&gtm=457e41t0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=606192893
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::8b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mtnc.yazdangh.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
content.html
hb.vntsm.io/ 		32 B
302 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:07 GMT
cf-cache-status
HIT
x-amz-request-id
03AS01GGJVYCD5B1
age
0
content-length
32
x-amz-id-2
/Ptl8xJWnyq0/fw1WrCGRjC+6d/2dX215v6AEnR/dmqPIOKrG8IXJjFNXlstFLOjuCoYz6NRo8c=
geo
US
geo-subdivision
US-FL
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84de9806ece08dcd-MIA
fa-brands-400.woff2
mtnc.yazdangh.site/webfonts/ 		115 KB
116 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mtnc.yazdangh.site/webfonts/fa-brands-400.woff2
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/styles/core-bundle.min.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5127b133655d52e7f123265ea329f9fcb21db9d02bbfd2265cf0a8599e9ebcb2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mtnc.yazdangh.site/styles/core-bundle.min.css?v=1
Origin
https://mtnc.yazdangh.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
118148
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 06 Dec 2023 21:12:05 GMT
server
cloudflare
etag
"8a3636dd8828da1:0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1FjiTW2h4izZVcMNcqvk7WHXZ5WZEzDj%2FLwZtB%2BgBxR1ovwsok0%2Fgbz6DXyEAHT%2F4wXB3rcbhzPVj0BZOOLdjIEHX6twWyusMsEG%2Bg5gmAQcf5NiI74T1rEL6mobwBP9AGfNozuQ6rXaNn1oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
vary
Accept-Encoding
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84de9807ee037436-MIA
fa-solid-900.woff2
mtnc.yazdangh.site/webfonts/ 		340 KB
340 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mtnc.yazdangh.site/webfonts/fa-solid-900.woff2
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/styles/core-bundle.min.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25b8df945ab6bdb4ac6f55a345112dcdc89907e9b0c37bab18e6fea90ba035ca
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mtnc.yazdangh.site/styles/core-bundle.min.css?v=1
Origin
https://mtnc.yazdangh.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
348036
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 06 Dec 2023 21:12:02 GMT
server
cloudflare
etag
"261e65db8828da1:0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRtRMr5dW2x0tK%2Ff%2F5IzG76KmVzenMBwWWf%2FtG%2F7unNWnugj5tNB1K6dYrxk3dHT%2Bw5WgNpN24boz37oEnoKKLn7I72WMsEak61R6aG02bEioLFewkPL5b0HQ7Hz2wMHLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
vary
Accept-Encoding
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84de9807ee0c7436-MIA
fa-regular-400.woff2
mtnc.yazdangh.site/webfonts/ 		409 KB
410 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mtnc.yazdangh.site/webfonts/fa-regular-400.woff2
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/styles/core-bundle.min.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ac06ddbf9e71000fb8f9af22735a9d38de31bb12b15410f060c95c05ffee249
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mtnc.yazdangh.site/styles/core-bundle.min.css?v=1
Origin
https://mtnc.yazdangh.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
418952
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 06 Dec 2023 21:12:04 GMT
server
cloudflare
etag
"c8fc87dc8828da1:0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4OrzMnCXk%2BeLYi4o0YO8m14GJEgUwBXIFOVQO3vITVdYvs2ZkVH%2FvDZ3EHso4c8vgFlTvbZER4UH4khDxX7oNTS0crTKc2aMxU7U5BKMzU4gEL%2BHPlHbFwAxU5vutm6tJxOMtecmOcSuapgSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
vary
Accept-Encoding
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84de9807ee117436-MIA
fa-duotone-900.woff2
mtnc.yazdangh.site/webfonts/ 		438 KB
438 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mtnc.yazdangh.site/webfonts/fa-duotone-900.woff2
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/styles/core-bundle.min.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73a3f57745fdfa25b572b13fa1b30f686230547bdf0e36fcd4805960784f464e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mtnc.yazdangh.site/styles/core-bundle.min.css?v=1
Origin
https://mtnc.yazdangh.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
448252
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 06 Dec 2023 21:12:05 GMT
server
cloudflare
etag
"a5d514dd8828da1:0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vaxzDa7g7yWOFxChSSG%2FeD1PTgCIndNXyAjid7WBgPV2j0XQD55wbQbjdvpW6CwjYZtwPz0IYefHrSMLVYQ4spZAgUUDRjglUXDgmJHQf%2Bqdg7APpi%2FaHzXucUoPuBi6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
vary
Accept-Encoding
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84de9807ee167436-MIA
ats.js
ats.rlcdn.com/ 		110 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-76.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 12:20:00 GMT
x-amz-version-id
x5VtTe.o38AhKNl9GXJ.IeIaII4uy0GZ
content-encoding
br
last-modified
Thu, 19 Oct 2023 08:25:12 GMT
server
AmazonS3
via
1.1 7d7c52d1848969f2077d9502aa06f40e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
etag
W/"b248cc9d0fdeb36bdeb7efabad1132ee"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
51669
x-amz-cf-id
FEiDhG6awRYSyx1WlGQ2UE0194L6v4rC1N-ANVd6CyU1iTH1rhTyEw==
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=422840347&t=event&_s=2&dl=https%3A%2F%2Fmtnc.yazdangh.site%2F&ul=en-us&de=UTF-8&dt=Clash%20of%20Clans%20Guides%20and%20Upgrade%20Tracker%20-%20Clash%20Ninja&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=PWA&ea=launch&el=browser%20tab&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=81821566.1706668867&tid=UA-131485669-1&_gid=1492888243.1706668868&gtm=457e41t0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1853993769
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::8b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 16:12:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37710
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ajax-loader.gif
mtnc.yazdangh.site/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mtnc.yazdangh.site/images/ajax-loader.gif
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/bundles/styles?v=pIkG9ugbWEMVM0lkv6hlTaOewsJDVt_Erbtx591tUsE1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/bundles/styles?v=pIkG9ugbWEMVM0lkv6hlTaOewsJDVt_Erbtx591tUsE1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
4178
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 14 Aug 2022 19:34:27 GMT
server
cloudflare
etag
"1955dddd14b0d81:0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bh7mZI%2BnLT1wj7KDFEDpMUucdd8UHjO3vs1FvCM0YIN6zKLFrstqgNLPTgu%2BAlvTuU8UQrR0BBLQ1v%2FvJti3%2FYNEobTephKbvjMc%2BECLAVVVK%2Bt%2BlQRRJ%2BmQIwXC53khzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
vary
Accept-Encoding
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84de9808a8727436-MIA
px.gif
ad-delivery.net/ 		43 B
916 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ABPtcPqqVrhoHmPtr2LUWpXkkJ1-o8dQJhMSVYUXkgI-GLA90rZwENAr0sjONM1BbrWCLD0BCEP90kHXEg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UU6R7VzLrhsw%2BLphJS29aV4PGS3zz2We72a0Td%2BYuaHFTTHWAyk3RQ%2FsrIMAqy78PvPLiXViXRUdva533OoNqoL6mX%2B4D0YOYXrIPTsKgS6KDcesKYABApGm5XgdPrYw5sAWQoqeNgXbd5qpvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
84de98095b94031c-MIA
expires
Wed, 31 Jan 2024 03:26:28 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
355afc0778b7cd941fe5a3cd5329815ff2796329351fca179721a097ffee996f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29432
x-xss-protection
0
server
cafe
etag
850 / 19753 / m202401250101 / config-hash: 8161858144323825894
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 02:41:08 GMT
/
geo.privacymanager.io/ 		30 B
627 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.151.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-38.iad66.r.cloudfront.net
Software
/
Resource Hash
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 08:30:54 GMT
via
1.1 7c4bbd97f5be908e33f403c3794f629a.cloudfront.net (CloudFront), 1.1 e04ec889239bf67ef206ad086add2d7a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1, IAD66-C2
age
65414
x-amzn-requestid
6d9710b6-dcde-4db2-86a7-c180775d78d3
x-amzn-trace-id
Root=1-65b8b3be-401c3125049bab181a268c0f;Parent=3d93f4c485ee8992;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
SWEF2FzzjoEEINw=
content-length
30
x-amz-cf-id
fWHcN8iIGoADkxzJRr30RnO8FGzTFxJKY5-BrcfxNx5Yl9zcHgjerQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
script.js
cadmus.script.ac/d1oykxszdrgjgl/ 		130 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92a5cbf49c469196256b915a5c9ab52445529066ad8c736a0cfbc8ec05c4cec6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
content-encoding
gzip
last-modified
Tue, 30 Jan 2024 23:11:11 GMT
server
cloudflare
age
0
etag
W/"1292452370afd86cac079a2490ed847458a6386d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
84de980acdbb8dae-MIA
apstag.js
c.amazon-adsystem.com/aax2/ 		283 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.8.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-8-154.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:11:05 GMT
content-encoding
gzip
via
1.1 97971aa6c140e2dfc8adaee6c929eedc.cloudfront.net (CloudFront), 1.1 72620161c44640062c801bfda3ae46f2.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 20:58:08 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, YUL62-P2
age
1804
x-amz-server-side-encryption
AES256
etag
W/"40d0d68b26a97aab8ab324d2c4d4ad42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
8PvAgkw0_2dHdmPoHOameivwZswwqtX9AOO060klnGKO9BEdXj8sSg==
static.min.js
cdn.exelator.com/build/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.exelator.com/build/static.min.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.252.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-252-55.mia3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a84968788428f98d340f10ada89ecab924a68eea26aaafc0c424edc981a7697e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
13EhbDJXZCAdYoXnSII.9TQPnQd89SiV
content-encoding
gzip
via
1.1 03a7d0776c4a030d34fe2aa6819dc9c0.cloudfront.net (CloudFront)
date
Tue, 30 Jan 2024 12:40:03 GMT
last-modified
Mon, 05 Sep 2022 22:25:32 GMT
server
AmazonS3
x-amz-request-id
AT5JC0N18NTYBRY6
x-amz-cf-pop
MIA3-P6
etag
W/"a427037ef1482423da13ad8bf262d61a"
age
50481
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
hiHSlfQzuUvzvAgrI38g1TGGom22F0Bt7xl-da5hrcPDc-Py-QgBpw==
x-amz-id-2
jV/jUX7kyliZJ93jUpVrxNftNTyAt1BLkQHhIkuqA6TMkIxgx3dAVVN1husQDw0947PVs2ytRd5FzxK8wfPN4g==
px.js
p.cpx.to/p/13058/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/13058/px.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.104.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-104-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
961813c2cc407cc2f799d1d4b17e1bb11730d890608625f8b74513143614f9b2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
cache-control
public, max-age=2419200
content-length
4396
content-type
application/javascript; charset=UTF-8
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.69.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 07 Feb 2024 02:41:08 GMT
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mtnc.yazdangh.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 31 Jan 2024 02:41:08 GMT
server
nginx/1.21.6
via
1.1 google
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/ 		436 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 07:53:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
67653
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139565
x-xss-protection
0
server
cafe
etag
12534472742743793976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 29 Jan 2025 07:53:35 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		63 B
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mtnc.yazdangh.site
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6cc5b0b62d31a6ca58d73cca12a23603fac1902cfe4f533abfd03e25b81a5224
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51
x-xss-protection
0
expires
Wed, 31 Jan 2024 02:41:08 GMT
edgekit.min.js
cdn.edkt.io/rNn9xk/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.edkt.io/rNn9xk/edgekit.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3e61fa9bac2b16a8521c9be78f4e2ab6a14d6c67f569b3aeb111386484b2394f

Request headers

Referer
https://mtnc.yazdangh.site/
Origin
https://mtnc.yazdangh.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:38:22 GMT
content-encoding
gzip
age
18166
x-guploader-uploadid
ABPtcPrQfunDwofof_M3GLks0--cnE5Idh-iBex-2ntUGALsDjLaQGLiYiFw2XubpzkD9r4bGUtHHKS-WQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7881
last-modified
Tue, 23 Jan 2024 19:48:33 GMT
server
UploadServer
etag
"88af0a0f2dabf83af31702f71d4f1c19"
x-goog-generation
1706039313039744
x-goog-hash
crc32c=gm5n8Q==, md5=iK8KDy2r+DrzFwL3HU8cGQ==
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
7881
accept-ranges
bytes
expires
Wed, 31 Jan 2024 21:38:22 GMT
localstore.js
script.4dex.io/ 		483 B
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 02:41:08 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
242777
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KqVF%2BoKvRjsxTWr2y36ut9cOBws2WuXlMBRh%2F1OrBqdUoYGpdZm5W9ty55jbIJzhvebdsrB9aWS73Ed3M7azz30BgXvxuJJly8H7mX1wcS1bS7WT2hn1ONIu00sNKQIi%2B9LshbuCMHOpkTEP"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
84de980c780a6dad-MIA
track_enc
track.venatusmedia.com/dual/ 		16 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.207.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-207-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://mtnc.yazdangh.site
date
Wed, 31 Jan 2024 02:41:08 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
70247b00-ff8f-4016-b3ab-8344daf96e09
config.aps.amazon-adsystem.com/configs/ 		564 B
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-26.yul62.r.cloudfront.net
Software
CloudFront /
Resource Hash
2b7d4d9cd90cd11016b78a52abbb0f226be4bda5590babd3dfa1d3d0be4702ae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:05:43 GMT
via
1.1 ae7bbb23871eba9dda7f1abdc6bacfa0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
age
2125
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
ODZGZL9qV5PYz8TjWAW7LsDr442M63kgK7FqZkM5jf_XgxB_4ZXx0g==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fmtnc.yazdangh.site&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.8.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-8-154.yul62.r.cloudfront.net
Software
Server /
Resource Hash
4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
via
1.1 72620161c44640062c801bfda3ae46f2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P2
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://mtnc.yazdangh.site
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2353
x-amz-cf-id
dFqmXpJS5AdTAKGPqtrSg_jtG-ZPqHzM_NrESM-cE900P8oPwnH4-w==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.8.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-8-154.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:09 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 24c2a7b3c7e677d544aa5e2a7eb85b4e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
pyeeCSFQehXXjbu_C4FhFfDjrrSWhVGYU7KiKMIVXWrDaovc7cva4w==
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 02:41:08 GMT
Content-Encoding
br
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRXSQDPxpWle3RBmqiatCzggZAYo2j%2FSVUa8nstOaFqH7Y4ggsZMZG%2BIIIbkXUWXZxHF%2F9zPFvxxpA%2B8ho%2B6kZEGC8SnwhVg3lkKj1GGnKv%2FvZEtIJMmyYQ8YKjbdLhb7R2a015GcLVP6Rfz"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
84de980d3b647496-MIA
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmtnc.yazdangh.site%2F&pid=Pi7nWreufRB5u&cb=0&ws=1600x1200&v=24.117.1925&t=3500&slots=%5B%7B%22sd%22%3A%2260927cc59ddea76a9b42d96e-1001%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F21726375739%2C22454078300%2FVM_608ae23cab178721a5790f50%2FVM_60927cc59ddea76a9b42d96e%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!venatus.com%2C608ad263a3019a7fc65f7b57%2C1%2C%2C%2C&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A5100%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.251.251.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-205-251-251-220.yul62.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
via
1.1 7b1e72110677f4b48715a174a0db9206.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://mtnc.yazdangh.site
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
eHmo55Sj3W2xdtxi7b-4vz1UOozbWpfM8ozjyrgx-3aVf-i6fVjuWQ==
4802.ad-manager.min.js
hb.vntsm.com/v3/live/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v3/live/4802.ad-manager.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::845:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-845 /
Resource Hash
d8fcd8dcd62124ec597d57c34fc482ac3ae7b3deb1a15a71798e5389da4d1a15

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
content-encoding
br
cdn-edgestorageid
941
x-amz-server-side-encryption
AES256
cdn-cachedat
01/29/2024 12:37:53
cdn-pullzone
131999
last-modified
Tue, 23 Jan 2024 13:18:57 GMT
server
BunnyCDN-IL1-845
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"8095c703e4108a44c08b02ea8cf94226"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
x-bl
0
cdn-requestid
30ae546deda227e180966cab1d46a08e
cdn-requestcountrycode
US
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.158.76 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-158-76.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Wed, 31 Jan 2024 02:56:08 GMT
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fmtnc.yazdangh.site%2F&ref=&_it=amazon&partner_id=288
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01CADRK6PEVBEZB5
age
2473
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
84de980dbc217436-MIA
x-amz-id-2
flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		87 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63e543d612152f5b04c6e77f5f8797cb13416c9c2e4440705565bb60d9d8373
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 30 Jan 2024 10:08:32 GMT
server
cloudflare
x-amz-request-id
QES1AZRK3539AP9Z
age
347
etag
W/"e88c8a94cbeb20543c62bf06c653a335"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
84de980dbf2e6dd7-MIA
x-amz-id-2
kwcGcsxJdQ8BBukp27Ku5lZzQ5q8Qk+IeNeo1Ggpsb8DBJc8PNR0+eyTL34BNb6S+JVTfEMshpY9Xd8TeyUYXQ==
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.158.76 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-158-76.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Wed, 31 Jan 2024 02:56:08 GMT
getuidj
ib.adnxs.com/ 		11 B
702 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:08 GMT
an-x-request-uuid
1e4c78bd-ff3b-4940-9541-976b4652cc3c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mtnc.yazdangh.site
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.70; 38.132.118.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rid
match.adsrvr.org/track/ 		109 B
568 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=0fkciot&fmt=json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
7dc6491cd658b489247545e22cb81cf11d2eb9b3388a250d58da6f502c764ea1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mtnc.yazdangh.site
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 01 Mar 2024 02:41:08 GMT
track_enc
track.venatusmedia.com/dual/ 		16 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.207.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-207-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://mtnc.yazdangh.site
date
Wed, 31 Jan 2024 02:41:08 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
v1
prg.smartadserver.com/prebid/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.119.114 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip114.ip-147-135-119.us
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:09 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://mtnc.yazdangh.site
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bid
ap.lijit.com/rtb/ 		24 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.35.0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.156.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-156-11.compute-1.amazonaws.com
Software
/
Resource Hash
56b3f3c17fce24d1b88a3de624883c31a597699f1d03049c85b5e94463169b05

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://mtnc.yazdangh.site
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
trinity.json
apex.go.sonobi.com/ 		1022 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2267c6af269883bb%22%3A%228e95c2151bcd41d7c724%7C728x90%2C970x90%2C468x60%7Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fmtnc.yazdangh.site%2F&s=73905fab-6ff4-4754-8ed7-8f245e43f3be&pv=cccab7e8-61a7-417d-9557-d32e43094342&vp=desktop&lib_name=prebid&lib_v=7.35.0&us=8&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fmtnc.yazdangh.site%2F%22%2C%22domain%22%3A%22mtnc.yazdangh.site%22%2C%22publisher%22%3A%7B%22domain%22%3A%22yazdangh.site%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%22608ad263a3019a7fc65f7b57%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%2220a12167-4a78-416f-b741-9dd37fa33e6d%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220a12167-4a78-416f-b741-9dd37fa33e6d%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
74caf538a13c95aefefa22401f38a52b252634be0204da422c5d83d4d8636461
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:09 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-145
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://mtnc.yazdangh.site
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
535
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mtnc.yazdangh.site
date
Wed, 31 Jan 2024 02:41:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		179 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fmtnc.yazdangh.site%2F&PageUrl=https%3A%2F%2Fmtnc.yazdangh.site%2F&PageReferrer=https%3A%2F%2Fmtnc.yazdangh.site%2F&CanonicalUrl=https%3A%2F%2Fwww.clash.ninja%2F
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.245.116.245 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-245-116-245.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
b5761dd6523004c06a60aa9f4f64f95d6be46f6599a301b75ea7b1df8f9d9e83
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 02:41:09 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
50
content-length
179
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mtnc.yazdangh.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:08 GMT
an-x-request-uuid
b5fffc74-8819-48f9-ac3d-68a6a8bbe63d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mtnc.yazdangh.site
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.70; 38.132.118.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
mp.4dex.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:08 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://mtnc.yazdangh.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84de980e7ea867e0-MIA
expires
0
c
prebid.a-mo.net/a/ 		980 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
2e9cea3b8453d7a34904d722de3f4fd8e4da05c0f0fc2382d1fa7a51d472f367

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mtnc.yazdangh.site
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
69
content-length
507
auction
elb.the-ozone-project.com/openrtb2/ 		2 B
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://mtnc.yazdangh.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84de980e8c3f7446-MIA
content-length
2
expires
0
/
shb.richaudience.com/hb/ 		0
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 02:41:09 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://mtnc.yazdangh.site
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		371 B
896 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=2&alt_size_ids=1%2C55&rp_schain=1.0,1!venatus.com,608ad263a3019a7fc65f7b57,1,,,&eid_pubcid.org=20a12167-4a78-416f-b741-9dd37fa33e6d%5E1&rf=https%3A%2F%2Fmtnc.yazdangh.site%2F&tg_i.page=https%3A%2F%2Fmtnc.yazdangh.site%2F&tg_i.domain=mtnc.yazdangh.site&tk_flint=pbjs_lite_v7.35.0&x_source.tid=c559af5d-1b1a-4a78-8c6b-b6944fa66c9b&l_pb_bid_id=236128c5fedba48&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2FVM_60927cc59ddea76a9b42d96e%2F1001&slots=1&rand=0.7325892524569697
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bb1c86172576cab594a1c4454371d15bb430161419c43daf4a44c296e1975c59

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mtnc.yazdangh.site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
371
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
krk.kargo.com/api/v2/ 		2 B
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%229731f3a3-5970-43c1-af00-15102ec7d078%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A3500%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1706668868805%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2225951a185ab8eeb%22%3A%22_wyfGhj3R6V%22%7D%2C%22bidSizes%22%3A%7B%2225951a185ab8eeb%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%2C%5B468%2C60%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22sua%22%3A%7B%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%7D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wyfGhj3R6V%22%7D%2C%22_sizeTargetingKey%22%3A%22728x90%22%2C%22userId%22%3A%7B%22pubcid%22%3A%2220a12167-4a78-416f-b741-9dd37fa33e6d%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220a12167-4a78-416f-b741-9dd37fa33e6d%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22crumbs%22%3A%7B%22pubcid%22%3A%22c0e00351-fcc2-4d8b-8b70-d66840c2e367%22%7D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22gpid%22%3A%22%2FVM_60927cc59ddea76a9b42d96e%2F1001%22%2C%22tid%22%3A%22c559af5d-1b1a-4a78-8c6b-b6944fa66c9b%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%2C%5B468%2C60%5D%5D%7D%7D%2C%22adUnitCode%22%3A%221001-60927cc59ddea76a9b42d96e%22%2C%22transactionId%22%3A%22c559af5d-1b1a-4a78-8c6b-b6944fa66c9b%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%2C%5B468%2C60%5D%5D%2C%22bidId%22%3A%2225951a185ab8eeb%22%2C%22bidderRequestId%22%3A%2224d96ef6ee2ff54%22%2C%22auctionId%22%3A%22edc283b6-453e-4a25-9d93-2f8ada56463e%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0.10000038146972656%5D%2C%22userId.mod.init%22%3A%5B0.5%2C0.8999996185302734%2C0%2C0.10000038146972656%2C1.7999992370605469%2C0.10000038146972656%2C0.10000038146972656%5D%2C%22userId.mods.33acrossId.init%22%3A%5B0.5%5D%2C%22userId.mods.criteo.init%22%3A%5B0.8999996185302734%5D%2C%22userId.mods.id5Id.init%22%3A%5B0%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.10000038146972656%5D%2C%22userId.mods.sharedId.init%22%3A%5B1.7999992370605469%5D%2C%22userId.mods.identityLink.init%22%3A%5B0.10000038146972656%5D%2C%22userId.mods.hadronId.init%22%3A%5B0.10000038146972656%5D%2C%22userId.init.modules%22%3A%5B5.799999237060547%5D%2C%22requestBids.userId%22%3A0.6999988555908203%2C%22requestBids.pubCommonId%22%3A0.3000011444091797%2C%22requestBids.rtd%22%3A4.19999885559082%2C%22requestBids.validate%22%3A0.39999961853027344%2C%22requestBids.makeRequests%22%3A4.299999237060547%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fmtnc.yazdangh.site%2F%22%2C%22domain%22%3A%22mtnc.yazdangh.site%22%2C%22publisher%22%3A%7B%22domain%22%3A%22yazdangh.site%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%22608ad263a3019a7fc65f7b57%22%2C%22hp%22%3A1%7D%5D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fmtnc.yazdangh.site%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.244.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-244-219.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 02:41:09 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Nbr
510
Vary
Origin, Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://mtnc.yazdangh.site
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 GMT
arj
venatusmedia-d.openx.net/w/1.0/ 		173 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://venatusmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fmtnc.yazdangh.site%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=600&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c559af5d-1b1a-4a78-8c6b-b6944fa66c9b%2Cc559af5d-1b1a-4a78-8c6b-b6944fa66c9b&nocache=1706668868807&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&pubcid=c0e00351-fcc2-4d8b-8b70-d66840c2e367&schain=1.0%2C1!venatus.com%2C608ad263a3019a7fc65f7b57%2C1%2C%2C%2C&aus=728x90%2C970x90%2C468x60%7C728x90%2C970x90%2C468x60&divids=1001-60927cc59ddea76a9b42d96e%2C1001-60927cc59ddea76a9b42d96e&aucs=%2C&auid=539871861%2C539871863
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
615c1b091c22ea7fd8aa1415023974431e7fb993bc25f66091770d7e68b7cc3c

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:08 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mtnc.yazdangh.site
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.35.0&cb=17655094315&lsavail=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mtnc.yazdangh.site
date
Wed, 31 Jan 2024 02:41:08 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=171882
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97bd8ea8c5b12567d373018f45894f1af838d8570a0153cdc0306dbfa120913b

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVxMikDlsmxAe3Tv5a8UgpUE2SO8HTBz9tStntSd47doC5xQSqymXqW%2BWLgVrwqOaJPBcqPhstN75YXZgumQjXAn8LSjQURwRLH7r%2BekDHDW0XtWz2iaP%2Frmg9RtGir9WaRRYWgZ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://mtnc.yazdangh.site
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84de980e8eea746d-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
auction
tlx.3lift.com/header/ 		19 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.35.0&referrer=https%3A%2F%2Fmtnc.yazdangh.site%2F&tmax=3500
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.174.193.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-193-222.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:08 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory
x-auction-status
3
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mtnc.yazdangh.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hadron.json
id.hadron.ad.gt/v1/ 		98 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=mtnc.yazdangh.site&url=https://mtnc.yazdangh.site/
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81e64eb54991af3af2161d11db3842e61616a72be13841613f4a7b8e7760efae

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Jan 2024 02:41:09 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
84de980f1f8fdb1d-MIA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=mtnc.yazdangh.site&url=https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://mtnc.yazdangh.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
84de980e9ed6db1d-MIA
content-length
0
content-type
application/json
date
Wed, 31 Jan 2024 02:41:08 GMT
debug
OPTIONS block
expires
Thu, 30 Jan 2025 02:41:08 GMT
server
cloudflare
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.158.76 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-158-76.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:08 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Wed, 31 Jan 2024 02:56:08 GMT
rules-p-Hwnr8j7tWA3Nu.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Hwnr8j7tWA3Nu.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a0:1400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:26:45 GMT
content-encoding
gzip
via
1.1 97a1bb4fb9aff82a97dbf758ce602258.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
age
885
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 23:45:13 GMT
server
AmazonS3
etag
W/"25e2d4f54b5bb37c6c82b554454ef41a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
IKDgyQs1c9tYPatsDdLWZlBdWsAlK4dIND7k2m1M0LVEIVnCCERlTw==
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		190 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:ae80:1471:13::820 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:09 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://mtnc.yazdangh.site
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Wed, 31 Jan 2024 03:11:09 GMT
fire.js
s.cpx.to/ 		45 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=13058&url=https%3A%2F%2Fmtnc.yazdangh.site%2F&hn_ver=72&fid=41128eb7-99aa-47e8-9c3a-70ae6e860691&dsp=pub_common&dsp_uid=c0e00351-fcc2-4d8b-8b70-d66840c2e367&dsp=TTD&dsp_uid=b9981059-739e-4e10-a96d-9edd1611ca81
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.207.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-207-164.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ddce7e25f2a9edf200e6fed5e587dc34d5fb77af40bbf72c1b3977f0f99b6fe4

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://mtnc.yazdangh.site
date
Wed, 31 Jan 2024 02:41:09 GMT
access-control-allow-credentials
true
expires
Wed, 31 Jan 2024 02:41:09 GMT
content-length
45
vary
Origin
p3p
CP="NOI DEV ADM"
288
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/288?_it=amazon
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ae369048a3fe9c82cf19b7c9868f2d305558d3e376cf5ffb5e507c8cc7ba7d7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 31 Jan 2024 02:38:29 GMT
server
cloudflare
age
160
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
84de98100ee28dcd-MIA
pixel;r=739164860;labels=All.Title.Clash%20of%20Clans%20Guides%20and%20Upgrade%20Tracker%2CAll.Description.Discover%20our%20guides%20to%20improve%20your%20Clash%20of%20Clans%20attacks%20and%20track...
pixel.quantserve.com/ 		35 B
795 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=739164860;labels=All.Title.Clash%20of%20Clans%20Guides%20and%20Upgrade%20Tracker%2CAll.Description.Discover%20our%20guides%20to%20improve%20your%20Clash%20of%20Clans%20attacks%20and%20track%20your%20village%20progress%20with%20our%20Upgrade%20Tracker%2CAll.Description.Discover%20our%20guides%20to%20improve%20your%20Clash%20of%20Clans%20attacks%20and%20track%20your%20village%20progress%20with%20our%20Upgrade%20Tracker%2CAll.Site.Clash%20Ninja%2CAll.Url.https%3A%2F%2Fwww%20clash%20ninja%2F;rf=0;a=p-Hwnr8j7tWA3Nu;url=https%3A%2F%2Fmtnc.yazdangh.site%2F;uht=2;fpan=1;fpa=P0-764791354-1706668868853;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=yazdangh.site;dst=0;et=1706668869082;tzo=600;ogl=site_name.Clash%20Ninja%2Curl.https%3A%2F%2Fwww%252Eclash%252Eninja%2F%2Ctitle.Clash%20of%20Clans%20Guides%20and%20Upgrade%20Tracker%2Cimage%3Awidth.1280%2Cimage%3Aheight.640%2Cimage.https%3A%2F%2Fwww%252Eclash%252Eninja%2Fimages%2Fclash-ninja-main%252Ejpg%2Cdescription.Discover%20our%20guides%20to%20improve%20your%20Clash%20of%20Clans%20attacks%20and%20track%20your%20villag;ses=601c617a-64bc-459d-8a6e-ec91bf432fbd;mdl=
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.69.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:09 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["All.Site.Clash Ninja"],"pcode":["p-Hwnr8j7tWA3Nu"]},{"label":["All.Url.https://www clash ninja/"],"pcode":["p-Hwnr8j7tWA3Nu"]},{"label":["All.Title.Clash of Clans Guides and Upgrade Tracker"],"pcode":["p-Hwnr8j7tWA3Nu"]},{"label":["All.Description.Discover our guides to improve your Clash of Clans attacks and track your village progress with our Upgrade Tracker"],"pcode":["p-Hwnr8j7tWA3Nu"]}],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
288
p.ad.gt/api/v1/p/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/288
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88bda303970cebf8571ca7a159910483fc43bdeaffad29fc3d69aece59307b93

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 31 Jan 2024 02:37:23 GMT
server
cloudflare
age
226
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84de9810cc348dfa-MIA
halo_match
ids.ad.gt/api/v1/ 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001706668869-NC0ND848-F2P9&halo_id=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:09 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84de9810c8b309b6-MIA
content-length
43
content-type
image/gif
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001706668869-NC0ND848-F2P9&adnxs_id=$UID&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001706668869-NC0ND848-F2P9%26adnxs_id%3D%24UID%26gdpr%3D0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001706668869-NC0ND848-F2P9&adnxs_id=2306962077708004521&gdpr=0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001706668869-NC0ND848-F2P9&adnxs_id=2306962077708004521&gdpr=0
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:09 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84de9811c9da09b6-MIA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:09 GMT
an-x-request-uuid
f8a10892-b5e3-4567-b635-5934daad201a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001706668869-NC0ND848-F2P9&adnxs_id=2306962077708004521&gdpr=0
x-proxy-origin
38.132.118.70; 38.132.118.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001706668869-NC0ND848-F2P9&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=b9981059-739e-4e10-a96d-9edd1611ca81&id=AU1D-0100-001706668869-NC0ND848-F2P9
43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=b9981059-739e-4e10-a96d-9edd1611ca81&id=AU1D-0100-001706668869-NC0ND848-F2P9
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:09 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84de9810c8b409b6-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/t_match?tdid=b9981059-739e-4e10-a96d-9edd1611ca81&id=AU1D-0100-001706668869-NC0ND848-F2P9
date
Wed, 31 Jan 2024 02:41:09 GMT
server
Kestrel
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001706668869-NC0ND848-F2P9
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001706668869-NC0ND848-F2P9
  • https://ids.ad.gt/api/v1/pbm_match?pbm=6E3D3200-BEF6-4CEF-A409-7CA74C1323A4&id=AU1D-0100-001706668869-NC0ND848-F2P9
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=6E3D3200-BEF6-4CEF-A409-7CA74C1323A4&id=AU1D-0100-001706668869-NC0ND848-F2P9
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:09 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84de9811fa1a09b6-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=6E3D3200-BEF6-4CEF-A409-7CA74C1323A4&id=AU1D-0100-001706668869-NC0ND848-F2P9
date
Wed, 31 Jan 2024 02:41:08 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rub_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001706668869-NC0ND848-F2P9&gdpr=0
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001706668869-NC0ND848-F2P9&rub=LS16KVDN-1Z-BKXU&gdpr=0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001706668869-NC0ND848-F2P9&rub=LS16KVDN-1Z-BKXU&gdpr=0
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:09 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84de9811999709b6-MIA
content-length
43
content-type
image/gif

Redirect headers

Location
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001706668869-NC0ND848-F2P9&rub=LS16KVDN-1Z-BKXU&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tapad_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001706668869-NC0ND848-F2P9&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001706668869...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001706668869-NC0ND848-F2P9&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001706...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f09cef3f-1901-42e1-9971-5f901e32b7f7%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b9981059-739e-4e10-a96d-9edd1611ca81&ttd_puid=f09cef3f-1901-42e1-9971-5f901e32b7f7%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001706668869-NC0ND848-F2P9&tapad_id=f09cef3f-1901-42e1-9971-5f901e32b7f7
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001706668869-NC0ND848-F2P9&tapad_id=f09cef3f-1901-42e1-9971-5f901e32b7f7
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:09 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84de98124a8009b6-MIA
content-length
43
content-type
image/gif

Redirect headers

date
Wed, 31 Jan 2024 02:41:09 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001706668869-NC0ND848-F2P9&tapad_id=f09cef3f-1901-42e1-9971-5f901e32b7f7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001706668869-NC0ND848-F2P9
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001706668869-NC0ND848-F2P9&google_tc=
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001706668869-NC0ND848-F2P9&google_gid=CAESEHMCMFxRtjzaw_h_dN0IYzA&google_cver=1&google_ula=450542624,0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001706668869-NC0ND848-F2P9&google_gid=CAESEHMCMFxRtjzaw_h_dN0IYzA&google_cver=1&google_ula=450542624,0
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:09 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84de9811fa2309b6-MIA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001706668869-NC0ND848-F2P9&google_gid=CAESEHMCMFxRtjzaw_h_dN0IYzA&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001706668869-NC0ND848-F2P9
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNjY2ODg2OS1OQzBORDg0OC1GMlA5
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNjY2ODg2OS1OQzBORDg0OC1GMlA5
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNjY2ODg2OS1OQzBORDg0OC1GMlA5
date
Wed, 31 Jan 2024 02:41:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84de9810c8b209b6-MIA
content-type
text/html; charset=utf-8
ip_match
ids.ad.gt/api/v1/ 		0
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001706668869-NC0ND848-F2P9
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:09 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84de9810c8b009b6-MIA
content-type
text/html; charset=utf-8
colossus
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.colossusssp.com/ebfa23da174faa55634171c5e49d0152.gif?puid=AU1D-0100-001706668869-NC0ND848-F2P9&redir=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fcolossus%3Fcls_id%3D%5BUID%5D%26id%3DAU1D-0100-...
  • https://ids.ad.gt/api/v1/colossus?cls_id=07f06953-ba87-4281-9bb4-f437731cc030&id=AU1D-0100-001706668869-NC0ND848-F2P9
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/colossus?cls_id=07f06953-ba87-4281-9bb4-f437731cc030&id=AU1D-0100-001706668869-NC0ND848-F2P9
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:09 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84de9811c9d609b6-MIA
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 02:41:09 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
http://ids.ad.gt/api/v1/colossus?cls_id=07f06953-ba87-4281-9bb4-f437731cc030&id=AU1D-0100-001706668869-NC0ND848-F2P9
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
ppnt_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001706668869-NC0ND848-F2P9
  • https://ids.ad.gt/api/v1/ppnt_match?uid=3KEwEOmCDu6O&ev=1&pid=562316&id=AU1D-0100-001706668869-NC0ND848-F2P9
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/ppnt_match?uid=3KEwEOmCDu6O&ev=1&pid=562316&id=AU1D-0100-001706668869-NC0ND848-F2P9
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:09 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84de98126ab009b6-MIA
content-length
43
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://ids.ad.gt/api/v1/ppnt_match?uid=3KEwEOmCDu6O&ev=1&pid=562316&id=AU1D-0100-001706668869-NC0ND848-F2P9
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-2s74m
expires
-1
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 		229 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.158.76 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-158-76.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:09 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
server
Apache
etag
"394d0-60864a57eaadc-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
67550
expires
Wed, 31 Jan 2024 02:56:09 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		860 B
436 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2263663526407397&correlator=2225235212365233&eid=31079959%2C31080684&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22454078300%2CVM_608ae23cab178721a5790f50%2CVM_60927cc59ddea76a9b42d96e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C468x60&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1706668869298&lmt=1706668869&adxs=436&adys=1156&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmtnc.yazdangh.site%2F&vis=1&psz=1600x-1&msz=728x-1&fws=512&ohw=0&ga_vid=81821566.1706668867&ga_sid=1706668869&ga_hid=422840347&ga_fc=true&dlt=1706668866931&idt=1722&ppid=20a121674a78416fb7419dd37fa33e6d&prev_scp=hb_pb%3D0.01%26hb_adid%3D60927cc59ddea76a9b42d96e-1001%26hb_iv%3D1%26sv%3D1%26re_ve%3D110175da-v7.35.0%26pg_ld_id%3Da24a7ac0-6b27-4688-aee0-6dba4b15d392%26mo%3Dscan%26ac_id%3D608ad263a3019a7fc65f7b57%26si_id%3D608ae23cab178721a5790f50%26pl_id%3D60927cc59ddea76a9b42d96e%26co%3DUS%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2023-11-16%252012%253A37%253A38%26ta_si%3D468x60%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3D1718b6d8-b2fa-4155-8bcc-c285503e925d%26tpcs%3Dunknown%26cdl%3D%26st_ty%3Dhorb%26bf_br%3D26000000%26af_im%3D26000000%26amznbid%3D2%26amzniid%3D%26amznsz%3D0x0%26amznp%3D2&cust_params=testgroup%3D30&adks=1624885203&frm=20
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8dac0262ab4d0df9630994eef09447fb846bf1d5503b33888db25782435b7ea5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
406
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mtnc.yazdangh.site
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8492babfad9c3c8e261c0201eda94599.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 444B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8492babfad9c3c8e261c0201eda94599.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mtnc.yazdangh.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 02:41:09 GMT
expires
Thu, 30 Jan 2025 02:41:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::8b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:19:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
1327
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 31 Jan 2024 03:19:02 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::8b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 01:42:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
3547
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 31 Jan 2024 02:42:02 GMT
collect
a.ad.gt/api/v1/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 02:41:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://mtnc.yazdangh.site
access-control-allow-credentials
true
cf-ray
84de98122f9e2887-MIA
getpixels
pixels.ad.gt/api/v1/ 		0
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=ae8256d4614cb8e1dd69de847082e3ba&url=https%3A%2F%2Fmtnc.yazdangh.site%2F&code=%27none%27
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84de98123a030345-MIA
content-type
text/html; charset=utf-8
sync
s.cpx.to/
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=34010&customParamenters
  • https://s.cpx.to/sync?dsp=rubicon&dsp_uid=LS16KVDN-1Z-BKXU&customParamenters=
0
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=rubicon&dsp_uid=LS16KVDN-1Z-BKXU&customParamenters=
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Server
52.31.207.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-207-164.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 31 Jan 2024 02:41:09 GMT
date
Wed, 31 Jan 2024 02:41:09 GMT
p3p
CP="NOI DEV ADM"

Redirect headers

Location
https://s.cpx.to/sync?dsp=rubicon&dsp_uid=LS16KVDN-1Z-BKXU&customParamenters=
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9ec8d9f39d449b1296af0ad28765469
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm
  • https://s.cpx.to/sync?dsp_uid=CAESEKt9UENBRn9xGozoHMANpqA&dsp=dbm&google_cver=1
0
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=CAESEKt9UENBRn9xGozoHMANpqA&dsp=dbm&google_cver=1
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Server
52.31.207.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-207-164.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 31 Jan 2024 02:41:09 GMT
date
Wed, 31 Jan 2024 02:41:09 GMT
p3p
CP="NOI DEV ADM"

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s.cpx.to/sync?dsp_uid=CAESEKt9UENBRn9xGozoHMANpqA&dsp=dbm&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
284
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D
  • https://s.cpx.to/sync?dsp=OPENX&dsp_uid=5371101b-69ed-4e73-b330-e62c2572cf18
0
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=OPENX&dsp_uid=5371101b-69ed-4e73-b330-e62c2572cf18
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Server
52.31.207.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-207-164.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 31 Jan 2024 02:41:09 GMT
date
Wed, 31 Jan 2024 02:41:09 GMT
p3p
CP="NOI DEV ADM"

Redirect headers

date
Wed, 31 Jan 2024 02:41:09 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://s.cpx.to/sync?dsp=OPENX&dsp_uid=5371101b-69ed-4e73-b330-e62c2572cf18
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
fire.js
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D13058%26url%3Dhttps%253A%252F%252Fmtnc.yazdangh.site%252F%26hn_ver%3D72%26fid%3D41128eb...
  • https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=2306962077708004521&pid=13058&url=https%3A%2F%2Fmtnc.yazdangh.site%2F&hn_ver=72&fid=41128eb7-99aa-47e8-9c3a-70ae6e860691&dsp=pub_common&dsp_uid=c0e003...
35 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=2306962077708004521&pid=13058&url=https%3A%2F%2Fmtnc.yazdangh.site%2F&hn_ver=72&fid=41128eb7-99aa-47e8-9c3a-70ae6e860691&dsp=pub_common&dsp_uid=c0e00351-fcc2-4d8b-8b70-d66840c2e367&dsp=TTD&dsp_uid=b9981059-739e-4e10-a96d-9edd1611ca81
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Server
52.31.207.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-207-164.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DEV ADM"
date
Wed, 31 Jan 2024 02:41:09 GMT
content-length
35
expires
Wed, 31 Jan 2024 02:41:09 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:09 GMT
an-x-request-uuid
98dbfc20-d5d0-49f4-8bc8-e280e90d947f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=2306962077708004521&pid=13058&url=https%3A%2F%2Fmtnc.yazdangh.site%2F&hn_ver=72&fid=41128eb7-99aa-47e8-9c3a-70ae6e860691&dsp=pub_common&dsp_uid=c0e00351-fcc2-4d8b-8b70-d66840c2e367&dsp=TTD&dsp_uid=b9981059-739e-4e10-a96d-9edd1611ca81
x-proxy-origin
38.132.118.70; 38.132.118.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=BED543C3-DDAA-4404-9C99-43762BCDF25A
0
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=BED543C3-DDAA-4404-9C99-43762BCDF25A
Requested by
Host: mtnc.yazdangh.site
URL: https://mtnc.yazdangh.site/
Protocol
H2
Server
52.31.207.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-207-164.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 31 Jan 2024 02:41:09 GMT
date
Wed, 31 Jan 2024 02:41:09 GMT
p3p
CP="NOI DEV ADM"

Redirect headers

location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=BED543C3-DDAA-4404-9C99-43762BCDF25A
date
Wed, 31 Jan 2024 02:07:23 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
track_enc
track.venatusmedia.com/dual/ 		16 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.207.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-207-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://mtnc.yazdangh.site
date
Wed, 31 Jan 2024 02:41:09 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
cookieTest.html
hb.vntsm.com/ab/live/3pcookie/ Frame CADA 		967 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::845:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-845 /
Resource Hash
5963155991ef6cccaa5ccde93b269c06161b4e36b2784be6028b78c954a3c569

Request headers

Referer
https://mtnc.yazdangh.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
access-control-allow-methods
GET, OPTIONS
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
cdn-cache
HIT
cdn-cachedat
01/29/2024 12:37:53
cdn-edgestorageid
1067
cdn-proxyver
1.04
cdn-pullzone
131999
cdn-requestcountrycode
US
cdn-requestid
c2b21056d6840ba50186588d8acbc5b8
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-status
200
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
content-encoding
br
content-type
text/html
date
Wed, 31 Jan 2024 02:41:09 GMT
etag
W/"d80b9831e6e7896aa97e84d70f49e545"
last-modified
Sun, 10 Sep 2023 14:04:21 GMT
server
BunnyCDN-IL1-845
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-bl
0
/
mydmp.exelator.com/on-site-tag-load/
Redirect Chain
  • https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d
  • https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1
1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1
Protocol
H2
Server
52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-156-250.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
f4e0a880994cde7ba71d7ddc06ee74e9ae3a47dbfca4c699fdf8cea5a53cdad2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:09 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-origin
https://mtnc.yazdangh.site
content-type
application/x-javascript;charset=UTF-8
cache-control
no-cache
access-control-allow-credentials
true

Redirect headers

date
Wed, 31 Jan 2024 02:41:09 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1
access-control-allow-origin
https://mtnc.yazdangh.site
content-type
image/gif;charset=UTF-8
cache-control
no-cache
access-control-allow-credentials
true
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401250101&st=env
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73a33d16e57666d3aa4c6319270812fff99bcadfcc269ed93771a2731c26aa6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12091
x-xss-protection
0
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mtnc.yazdangh.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mtnc.yazdangh.site
access-control-max-age
86400
cf-ray
84de9813dbc8d9a9-MIA
content-encoding
gzip
content-type
text/plain
date
Wed, 31 Jan 2024 02:41:09 GMT
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
rum
cloudflareinsights.com/cdn-cgi/ 		0
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
278 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
54292da4d2fbadc171be699a82322c6d9f068c6a5f9e68b100d2d3b42ee0ac64
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
https://mtnc.yazdangh.site
date
Wed, 31 Jan 2024 02:41:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 31 Jan 2024 02:41:10 GMT
log
onsite-tag-logs.apps.nielsen.com/ 		0
264 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://onsite-tag-logs.apps.nielsen.com/log
Requested by
Host: cdn.exelator.com
URL: https://cdn.exelator.com/build/static.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.187.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-187-101.compute-1.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 31 Jan 2024 02:41:10 GMT
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain
  • https://idsync.rlcdn.com/397416.gif?partner_uid=5b6a1c586bb28b42691cc7d42ab498eb
  • https://idsync.rlcdn.com/1000.gif?memo=COigGBIrCicIARDaFRogNWI2YTFjNTg2YmIyOGI0MjY5MWNjN2Q0MmFiNDk4ZWIQABoNCMbm5q0GEgUI6AcQAEIASgA
  • https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008BwbEnqmTIfglLJhKfnwqDIQPSqjp6yLKDtQGgxR4AXI
44 B
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008BwbEnqmTIfglLJhKfnwqDIQPSqjp6yLKDtQGgxR4AXI
Protocol
H2
Server
2600:9000:269f:1000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:10 GMT
via
1.1 e4319b693fea530a4675a1f616581394.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P1
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
1DNnQEKjgkXQ7MPwTNelSVOVKmYO3OxV-h4LBKUjvzaP8y5qZTiMZw==
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

date
Wed, 31 Jan 2024 02:41:10 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008BwbEnqmTIfglLJhKfnwqDIQPSqjp6yLKDtQGgxR4AXI
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dcm
s.amazon-adsystem.com/
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=7be11c9c-3fd1-4409-a016-f23294a75c34&id=5b6a1c586bb28b42691cc7d42ab498eb
  • https://s.amazon-adsystem.com/dcm?pid=7be11c9c-3fd1-4409-a016-f23294a75c34&id=5b6a1c586bb28b42691cc7d42ab498eb&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=7be11c9c-3fd1-4409-a016-f23294a75c34&id=5b6a1c586bb28b42691cc7d42ab498eb&dcc=t
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 02:41:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
32JPKY9SQWKERXF48XB6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 02:41:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
F9FA2TY1EZ9KXSPACFRZ
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=7be11c9c-3fd1-4409-a016-f23294a75c34&id=5b6a1c586bb28b42691cc7d42ab498eb&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
nmcsync.imrworldwide.com/ 		35 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmcsync.imrworldwide.com/?xuid=5b6a1c586bb28b42691cc7d42ab498eb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.231.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-231-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:10 GMT
strict-transport-security
max-age=31536000
max-age
0
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
content-type
image/gif
p3p
P3P policyref="http://nmcsync.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-resource-policy
cross-origin
content-length
35
expires
0
adsct
analytics.twitter.com/i/ 		43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=5b6a1c586bb28b42691cc7d42ab498eb&p_id=28539
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
88
date
Wed, 31 Jan 2024 02:41:09 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
98c46dd291228629
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
b5559769429178e619c873998170ad448fa15469e8ff3e6714a33444064f3486
content-length
43
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4980 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mtnc.yazdangh.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
157802
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 06:51:08 GMT
expires
Tue, 28 Jan 2025 06:51:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5FB2 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::6a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
883c6e7dfc6e0a952de508b0dc2077269884ded29e4c6f99593a1b467466c6a7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-59JUAm6oBvaNl40kilHNag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mtnc.yazdangh.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-59JUAm6oBvaNl40kilHNag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 02:41:10 GMT
expires
Wed, 31 Jan 2024 02:41:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 4980 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 01:54:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
2805
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Jan 2025 01:54:25 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5FB2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401250101&jk=2263663526407397&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
v3
id5-sync.com/gm/ 		667 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
1dce6d81144d464eba9beaa4c6c488714237e0ba771aecebd0048bdd4dd21838
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mtnc.yazdangh.site
date
Wed, 31 Jan 2024 02:41:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
generate_204
tpc.googlesyndication.com/ Frame 4980 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?uUKDrg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
9.gif
id5-sync.com/c/258/429/0/
Redirect Chain
  • https://id5-sync.com/i/258/8.gif?id5id=ID5*kjVlCgbW1D0aQ-Iu8MM2wtDtmSEIsi4eujBPJPboT1eArdh6sSt5h77TPzMfpXjigK4ZbMN_eTE8KbPGAgN6_A&o=api&gdpr_consent=undefined&gdpr=false
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-977brdSGVbFBsEZbwWSqe-_LSaOwfHYRMh1MXeodPw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F258%2F124%2F7%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-977brdSGVbFBsEZbwWSqe-_LSaOwfHYRMh1MXeodPw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F258%2F124%2F7%2F2.gif%3Fp...
  • https://id5-sync.com/cq/258/124/7/2.gif?puid=d6f1afb1-0dca-4ba7-8eb1-2598288c441a&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/258/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/258/2/6/3.gif?puid=2306962077708004521&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F796%2F5%2F4.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/258/796/5/4.gif?puid=9168d22e-ee59-4ba9-9899-5003b4d003be&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F203%2F4%2F5.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/258/203/4/5.gif?puid=99fcf3da-56b3-40eb-8a18-ee7d56b694b8&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=b9981059-739e-4e10-a96d-9edd1611ca81&ttl=%%TTL%%
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F441%2F2%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/258/441/2/7.gif?puid=u_178fc123-b232-4cfb-9be3-6d484626b828&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AABolE7Lc2cAABQDDdU_yQ&id5AccountNum=155&numCascadesAllowed=9
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F429%2F0%2F9.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/258/429/0/9.gif?puid=BED543C3-DDAA-4404-9C99-43762BCDF25A&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/258/429/0/9.gif?puid=BED543C3-DDAA-4404-9C99-43762BCDF25A&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 31 Jan 2024 02:41:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/c/258/429/0/9.gif?puid=BED543C3-DDAA-4404-9C99-43762BCDF25A&gdpr=0&gdpr_consent=
date
Wed, 31 Jan 2024 02:41:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401250101&jk=2263663526407397&bg=!rq2lreLNAAa8BdJLnAU7ADQBe5WfOA2YnEjkfw2D-9IlruLDQtQVEWfnNJkOfceVNlCbiTmVMc556U8wY6Dsf7wHy6CPAgAAAFBSAAAABGgBBwoAxN3UmhJTSB4DSwRG2DFhHn0ZQb7gdl8EGJs2Kay9oYlQlwXRS3LXRDep0vi3-E4TR_zzvykmHuF5h_AJWK57P8KRE07SammXLsTU7ZTRJNqDwlAkWawEWkaLi42go5ihELkIbtc5KHrdU8nAq2T8zwFGV7kD2DjPGcetJZhfuVooS2TQlnntm9fa6EQXXLpmdthKISQzedAfkEUOXdO3H7id6EwvQ-C--wRjweL2Lmtyg19ilOAlIY_JWGKOQwMje3a2a4eZAsIEw3Z08qgWzO98ZRMgPamlrlvRDglNEa4TxmqrOqjQgXV1iycbJ-3ZQcnGDA2RQWVrzoN7B9Pu71hc-9J4xfKT0-TEfESTzckvFco4vJ1jYdKH-KItqUabPeYtm4p31MBAjvfrabkGJ7K8znmVBZTUYVDXyBVqe1gfAF0zPFdP7WrFLEErslMUKlwwGyEe5I03vS6QQhSfJe8-b7xF_w_mLZwafA_MN8cHo_1b5ByH1CijZ7OMQtL7tBsAGeKLxIjftd0C2SnJMq-l_EyloZRq9VjpgZ3h10ULEQvjSihod8I8LkqvXEptHl7oQlx-sdS92AL7noYOkEFIOykKLVauNAhS_evHCOGWt09rzUGHqTnsSkoDCdzel_6_PXILhGDxcM8zsDcptwOCCbg09l5z3pcYlPmdgqiRsjKTieb1AExxwtfeJAqWNyGYaLYGMB9yriE81ZGsTGlitTFAveToDuXCT-lqIg4nmrt5F8yJO99nhauh6IQge7RyH1zwyxHs8dd2czk_oyTYejo4OjlSfiznutjJTQZVF_7olyVxx97tcgC-pSXqLQkEmuhnS_5f8sxRoAEHobr_g3TM56j4TOSTG-WV31dn-0V_Xop0e6xi9WhNmzzaYKQh4kli2XZqTLwZbMvgY7m7kj-nBqKkrjg6urMocELBUwuY2d2yPdaaRs504hNY6zZaMRXUDxN2LV0UzP7WBNhapiQcrougf-BH5mZkPaYV139pfZhyRgKzOEQOn4vARnOw3BJowM3Yco3eHbRR8YncY50bQ2PoRQ_g0zlfx7su75fz5TpAJ6BxecRtUXAAIUsuXc1huJt2YjN5JpXyBlBH5U8YsZrj7jMndv-lFs9wtH0wBP1szWpetqK7mZp-Ib532PtuxHlUAiU3_lMSDfdbfNi5WnPcqFExGmjLY-UNAqJz9IRv9uqX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmtnc.yazdangh.site%2F&domain=mtnc.yazdangh.site&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://mtnc.yazdangh.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://mtnc.yazdangh.site
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 31 Jan 2024 02:41:11 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
401652
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=7.35.0
  • https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=7.35.0&b=1&g=yDd9S3FCkgjVyDXCkcrsr%2F6Te6BecQy6S1Dmro2flZ4%3D
42 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=7.35.0&b=1&g=yDd9S3FCkgjVyDXCkcrsr%2F6Te6BecQy6S1Dmro2flZ4%3D
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:11 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://mtnc.yazdangh.site
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 31 Jan 2024 02:41:12 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://mtnc.yazdangh.site
location
https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=7.35.0&b=1&g=yDd9S3FCkgjVyDXCkcrsr%2F6Te6BecQy6S1Dmro2flZ4%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmtnc.yazdangh.site%2F&domain=mtnc.yazdangh.site&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=ET41S3xoa2MyT0FnbDRHb0xKT2VGUS9QOVJ0Vld1VHBtRFdXREdBdTliTjIyUlZqWlZLZlJOaGlhejBBWEJIQVBEakFEb2ZSNy92eUwvdnhHOWNacFNQR2RMV25RMk52ZEZPZzJQMGV1RGxzRTIwS0k2U094KzRXWCsrRD...
428 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ET41S3xoa2MyT0FnbDRHb0xKT2VGUS9QOVJ0Vld1VHBtRFdXREdBdTliTjIyUlZqWlZLZlJOaGlhejBBWEJIQVBEakFEb2ZSNy92eUwvdnhHOWNacFNQR2RMV25RMk52ZEZPZzJQMGV1RGxzRTIwS0k2U094KzRXWCsrRDA1VTlsQXVYa05OSzlSSUJGUmxzRE56TFlUZm02U2o2YlRXNHhGTHJPVHhCc3lPMjVmMU10bDN5Y3lUcEJCNkM2YTBybTM5Nnh1dk5LRythV2tLcHE0K1FKLzMyTXVlNno5VUF4S00vRFByeUFTUmNkNGs4UXhCb1daU1RDaHgzajJ3Y3ZEalhSMEJDdXNScjBCSUdHUlJFODVoVmRqUzhsNGdrMEdjdUdQa2hIZ0M0K3NSND18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e07235257fa09e3693b037803ea6340edc76b2c667ec3f3683f1bc44767b9e3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1747109
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://mtnc.yazdangh.site
location
https://mug.criteo.com/sid?cpp=ET41S3xoa2MyT0FnbDRHb0xKT2VGUS9QOVJ0Vld1VHBtRFdXREdBdTliTjIyUlZqWlZLZlJOaGlhejBBWEJIQVBEakFEb2ZSNy92eUwvdnhHOWNacFNQR2RMV25RMk52ZEZPZzJQMGV1RGxzRTIwS0k2U094KzRXWCsrRDA1VTlsQXVYa05OSzlSSUJGUmxzRE56TFlUZm02U2o2YlRXNHhGTHJPVHhCc3lPMjVmMU10bDN5Y3lUcEJCNkM2YTBybTM5Nnh1dk5LRythV2tLcHE0K1FKLzMyTXVlNno5VUF4S00vRFByeUFTUmNkNGs4UXhCb1daU1RDaHgzajJ3Y3ZEalhSMEJDdXNScjBCSUdHUlJFODVoVmRqUzhsNGdrMEdjdUdQa2hIZ0M0K3NSND18&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
714830
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mtnc.yazdangh.site
date
Wed, 31 Jan 2024 02:41:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		108 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
6478c995ccdb84ddcf04c7fe507bd4e0e8167ee923732dfaa8859cf1e4f3c56e

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mtnc.yazdangh.site
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 01 Mar 2024 02:41:12 GMT
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=288&_it=prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c415e0eb17ead2fb65fed0185e557cc902c67b7b8430678b8a78d86ee9e0b54

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
84de9823a98bdb1d-MIA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
envelope
api.rlcdn.com/api/identity/ 		0
0
pd
us-u.openx.net/w/1.0/ Frame 0A07 		880 B
851 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5fac76e3fa98868f0ebc57913da81fcfe7c0b2653a172c28bdb2fe0ea98e41b1

Request headers

Referer
https://mtnc.yazdangh.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
548
content-type
text/html
date
Wed, 31 Jan 2024 02:41:12 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
load-cookie.html
elb.the-ozone-project.com/static/ Frame DDF6 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=20a12167-4a78-416f-b741-9dd37fa33e6d&publisherId=OZONEVEN0005&siteId=3500000609&cb=1706668868958&bidder=ozone
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2709f3ec243c8195b6f121f89d5b52acc4044043531193f6cd89eb4321100c91

Request headers

Referer
https://mtnc.yazdangh.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84de9823b85b7446-MIA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 02:41:12 GMT
expires
0
last-modified
Tue, 30 Jan 2024 14:05:29 GMT
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5692 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.215.40.187 McAllen, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-40-187.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mtnc.yazdangh.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 31 Jan 2024 02:41:12 GMT
ETag
"623de86a-cf34"
Expires
Thu, 01 Feb 2024 02:41:14 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
isyn
sync.a-mo.net/ Frame 9DC0 		2 KB
833 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=CsQBShJtdG5jLnlhemRhbmdoLnNpdGVSC2Fhcy00ZWZjODdkWghwYmExLjMuMmoSbXRuYy55YXpkYW5naC5zaXRl-gEGNy4zNS4w6AIBiAPE5uatBqgDOuoDJGVkYzI4M2I2LTQ1M2UtNGEyNS05ZDkzLTJmOGFkYTU2NDYzZaoEA0RDSLIFA1VTRNIFCTEwNTE5OTM1ONgFAOAFAOoFB2Rlc2t0b3D6BQRkYzEzqgcDd2ViygcNeWF6ZGFuZ2guc2l0ZeAHAQ
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
64db048b205c91b4c4e9708929d6216c99617f8c582c020f27ac975b901cbd4d

Request headers

Referer
https://mtnc.yazdangh.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
684
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 02:41:12 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
ixmatch.html
js-sec.indexww.com/um/ Frame 64CE 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://mtnc.yazdangh.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
76
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
84de98242c50743e-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Jan 2024 02:41:12 GMT
expires
Wed, 31 Jan 2024 06:41:12 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F3D8 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.215.40.199 McAllen, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-40-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://mtnc.yazdangh.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=24983
content-encoding
gzip
content-length
5622
content-type
text/html
date
Wed, 31 Jan 2024 02:41:12 GMT
expires
Wed, 31 Jan 2024 09:37:35 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 7DA2
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
8a018ad86f6f966a21ca8a22cbacf44a04636f5ba44b13c78c3f005d401b8541

Request headers

Referer
https://mtnc.yazdangh.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1343
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 02:41:12 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 31 Jan 2024 02:41:12 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.html
eus.rubiconproject.com/ Frame 8FBA 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mtnc.yazdangh.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Jan 2024 02:41:12 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 1987
Redirect Chain
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=541309096
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=541309096&rd=1
2 KB
1020 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=541309096&rd=1
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
c760b6ff83e5b0bbbfc8b7b23e4a17d6431b3b4b41c98766a2a80f44aaa0a261

Request headers

Referer
https://mtnc.yazdangh.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Jan 2024 02:40:49 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 31 Jan 2024 02:40:49 GMT
location
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=541309096&rd=1
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=e6222f8b-9e69-48ea-9506-6b2feb1a3097&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=R1pMa1NubzliSVpPNWEwZHBtLWhfZw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEEUeDul04rKFNBjoF3iQ1gI&google_cver=1
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=3KEwEOmCDu6O
49 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=3KEwEOmCDu6O
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-145
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=3KEwEOmCDu6O
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-2s74m
expires
-1
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=968907275132306683
49 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=968907275132306683
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-145
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=968907275132306683
Date
Wed, 31 Jan 2024 02:41:12 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub9935550313792
  • https://sync.go.sonobi.com/us.gif?nuid=OPU4bd463b7bbca48b184a928935b34d339&nw=oa
49 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nuid=OPU4bd463b7bbca48b184a928935b34d339&nw=oa
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-145
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://sync.go.sonobi.com/us.gif?nuid=OPU4bd463b7bbca48b184a928935b34d339&nw=oa
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
107
expires
Mon, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=286
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=-tBDgfwlV_hvwp42xPpc4iaEdkY
49 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=st&nuid=-tBDgfwlV_hvwp42xPpc4iaEdkY
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-145
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=st&nuid=-tBDgfwlV_hvwp42xPpc4iaEdkY
Date
Wed, 31 Jan 2024 02:41:12 GMT
Connection
keep-alive
Content-Length
99
Content-Type
text/html; charset=utf-8
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=d9bd276a-98a3-4198-8d32-4153ad57123c&google_hm=ZDliZDI3NmEtOThhMy00MTk4LThkMzItNDE1M2FkNTcxMjNj&...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAzs0TXK2rKaDOCIp_2tRfw&google_cver=1&ssp=sonobi&bsw_param=d9bd276a-98a3-4198-8d32-4153ad57123c&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=d9bd276a-98a3-4198-8d32-4153ad57123c&gdpr=&gdpr_consent=&us_privacy=
49 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=d9bd276a-98a3-4198-8d32-4153ad57123c&gdpr=&gdpr_consent=&us_privacy=
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-145
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=d9bd276a-98a3-4198-8d32-4153ad57123c&gdpr=&gdpr_consent=&us_privacy=
Date
Wed, 31 Jan 2024 02:41:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=2306962077708004521
49 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=2306962077708004521
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-145
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
an-x-request-uuid
4485a020-f019-47bd-ac1e-40cb2aa14afd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=2306962077708004521
x-proxy-origin
38.132.118.70; 38.132.118.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=3aEA_qeNdHMj2WIdj7sL6wdCV7jMRgBIKgraWU5SGwE&pi=sonobi&tc=1
49 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=3aEA_qeNdHMj2WIdj7sL6wdCV7jMRgBIKgraWU5SGwE&pi=sonobi&tc=1
Protocol
H2
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:13 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-145
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=3aEA_qeNdHMj2WIdj7sL6wdCV7jMRgBIKgraWU5SGwE&pi=sonobi&tc=1
pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT, Wed, 31 Jan 2024 02:41:12 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
api.intentiq.com/profiles_engine/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=116da9d98c&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=b9981059-739e-4e10-a96d-9edd1611ca81&pubid=116da9d98c
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=e6222f8b-9e69-48ea-9506-6b2feb1a3097
0
683 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=e6222f8b-9e69-48ea-9506-6b2feb1a3097
Protocol
H2
Server
3.161.213.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-118.yul62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P1
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST, GET
access-control-allow-origin
https://mtnc.yazdangh.site/
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
content-length
0
x-amz-cf-id
hyQ4d-ytZaiMDQKn-rWO6m61hIliapIfBcqi6MSYdTiXq0n-5We2bg==
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-145
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=e6222f8b-9e69-48ea-9506-6b2feb1a3097
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
publishertag.prebid.134.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 01 Feb 2024 02:41:12 GMT
sd
us-u.openx.net/w/1.0/ Frame 0A07
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZbmzSAABU_vngQBK
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZbmzSAABU_vngQBK&_test=ZbmzSAABU_vngQBK
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZbmzSAABU_vngQBK&_test=ZbmzSAABU_vngQBK
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-mia-kmia1760052-MIA
pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
via
1.1 varnish
server
Varnish
x-timer
S1706668872.475267,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZbmzSAABU_vngQBK&_test=ZbmzSAABU_vngQBK
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
878b5a4c-c5e9-e035-e071-0875dbb21dd3
pr-bh.ybp.yahoo.com/sync/openx/ Frame 0A07 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/878b5a4c-c5e9-e035-e071-0875dbb21dd3?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:7a40:2956:c998:e321 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 0A07 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=4b9a4075-49ef-c986-11a8-9c174cd61b7a
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 02:41:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XKGD90WVRHZ53A26A4B7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0A07
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=134c3c08-5545-727c-d1a6-1e8024e5d09a&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=b9981059-739e-4e10-a96d-9edd1611ca81&ttd_puid=134c3c08-5545-727c-d1a6-1e8024e5d09a&gdpr=0&gdpr_consent=
43 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=b9981059-739e-4e10-a96d-9edd1611ca81&ttd_puid=134c3c08-5545-727c-d1a6-1e8024e5d09a&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=b9981059-739e-4e10-a96d-9edd1611ca81&ttd_puid=134c3c08-5545-727c-d1a6-1e8024e5d09a&gdpr=0&gdpr_consent=
date
Wed, 31 Jan 2024 02:41:12 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 0A07 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2YyM2VmYzItOWMzMi0yY2Q4LWM0NDYtNDQzOWVlMDcxZWZh
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0A07
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP_9IiiQpguH6gWbGHaY-GM&google_cver=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP_9IiiQpguH6gWbGHaY-GM&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP_9IiiQpguH6gWbGHaY-GM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ Frame DDF6 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=20a12167-4a78-416f-b741-9dd37fa33e6d&publisherId=OZONEVEN0005&siteId=3500000609&cb=1706668868958&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://elb.the-ozone-project.com/
Origin
https://elb.the-ozone-project.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
84de98244e31d9a9-MIA
cookie_sync
elb.the-ozone-project.com/ Frame DDF6 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/cookie_sync
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=20a12167-4a78-416f-b741-9dd37fa33e6d&publisherId=OZONEVEN0005&siteId=3500000609&cb=1706668868958&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8286362df68dac29251bd07fffaf93a2d3ab0582c2130b6b4de9415b758f91cc

Request headers

Referer
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=20a12167-4a78-416f-b741-9dd37fa33e6d&publisherId=OZONEVEN0005&siteId=3500000609&cb=1706668868958&bidder=ozone
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://elb.the-ozone-project.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84de982449977446-MIA
expires
0
usermatch
ssum-sec.casalemedia.com/ Frame 0960
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmtnc.yazdangh.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmtnc.yazdangh.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
887 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmtnc.yazdangh.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
476afad407717dbeffaa6aed1dc07e6a20ad161f7868c225641c3defe9091e69

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84de9824f8e1746d-MIA
content-encoding
br
content-type
text/html
date
Wed, 31 Jan 2024 02:41:12 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYNl3OGqbgPEPqnUobpQhUeBf%2BaYX5hjRgad0OAJC7CVUzCKLyYQZCHSyhFf2vlqOq2hd3b6Q7tMb5RyDOm5bI6ImV1wmRkMkMsOw10Bhj4tbO97Zu8AEZ3Iowm%2FoScvWRqBFwAKDrCbqA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84de98247813746d-MIA
content-length
0
date
Wed, 31 Jan 2024 02:41:12 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fmtnc.yazdangh.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7eHJoK9YKWGuX2HF4QuHmuAfz1ulgMb6Gj02YduTuY1X2Kzg%2Fzp3NYg3w4IpupEpUwmKVl0MhLs3tSi%2FiUmi%2FsvP%2BnklmtUHo8V2lh%2BeaW14V496%2FcWzOZvmcAToL887HuflH2RNgu8smw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rum
elb.the-ozone-project.com/cdn-cgi/ Frame DDF6 		0
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=20a12167-4a78-416f-b741-9dd37fa33e6d&publisherId=OZONEVEN0005&siteId=3500000609&cb=1706668868958&bidder=ozone
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://elb.the-ozone-project.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
84de9824ca677446-MIA
setuid
elb.the-ozone-project.com/ Frame DDF6
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2721468381940455947672
0
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2721468381940455947672
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84de98252b557446-MIA
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2721468381940455947672
date
Wed, 31 Jan 2024 02:41:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.js
eus.rubiconproject.com/ Frame 8FBA 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
508ec1418d9498ff28d313b9972402037e837ceca5c372c672099a23dbdb764d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 02:41:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jan 2024 17:22:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52926
Connection
keep-alive
Content-Length
10919
Expires
Wed, 31 Jan 2024 17:23:18 GMT
xuid
eb2.3lift.com/ Frame 7DA2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=b9981059-739e-4e10-a96d-9edd1611ca81&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=b9981059-739e-4e10-a96d-9edd1611ca81&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 31 Jan 2024 02:41:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=b9981059-739e-4e10-a96d-9edd1611ca81&dongle=0cfd&gdpr=0&gdpr_consent=
date
Wed, 31 Jan 2024 02:41:12 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame 7DA2
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjcyMTQ2ODM4MTk0MDQ1NTk0NzY3Mg%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 7DA2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENnCvfxKFyQsgKYLCDuoEiY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENnCvfxKFyQsgKYLCDuoEiY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 31 Jan 2024 02:41:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENnCvfxKFyQsgKYLCDuoEiY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7DA2
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjcyMTQ2ODM4MTk0MDQ1NTk0NzY3Mg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjcyMTQ2ODM4MTk0MDQ1NTk0NzY3Mg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjcyMTQ2ODM4MTk0MDQ1NTk0NzY3Mg%3D%3D
date
Wed, 31 Jan 2024 02:41:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 7DA2 		0
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2721468381940455947672&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:11 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 96C347895D904D48897B26BB580A3D3C Ref B: MIAEDGE2512 Ref C: 2024-01-31T02:41:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYQNM/mZX6peRJxkYfYPQ==
xuid
eb2.3lift.com/ Frame 7DA2
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2721468381940455947672?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-1qrXhldE2oQjARyPACVfTV1qeAWc_fzwhDzByOyZ3w--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-1qrXhldE2oQjARyPACVfTV1qeAWc_fzwhDzByOyZ3w--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 31 Jan 2024 02:41:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 31 Jan 2024 02:41:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-1qrXhldE2oQjARyPACVfTV1qeAWc_fzwhDzByOyZ3w--~A&dongle=0883
content-length
0
sync
x.bidswitch.net/ Frame 7DA2 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=2721468381940455947672&gdpr=0&gdpr_consent=${GDPR_CONSENT}
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 02:41:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame 7DA2
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=99fcf3da-56b3-40eb-8a18-ee7d56b694b8&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}
0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=99fcf3da-56b3-40eb-8a18-ee7d56b694b8&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=99fcf3da-56b3-40eb-8a18-ee7d56b694b8&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
7445824
content-length
0
expires
Wed, 31 Jan 2024 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 7DA2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2306962077708004521&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=2306962077708004521&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 31 Jan 2024 02:41:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
an-x-request-uuid
903b5fe8-e38b-4ceb-ad87-927f2842a835
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=2306962077708004521&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.70; 38.132.118.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 7DA2 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=2721468381940455947672
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
an-x-request-uuid
68451571-7773-4755-8112-6c3adf370f7f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cframe.js
assets.a-mo.net/js/ Frame 9DC0 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: sync.a-mo.net
URL: https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=CsQBShJtdG5jLnlhemRhbmdoLnNpdGVSC2Fhcy00ZWZjODdkWghwYmExLjMuMmoSbXRuYy55YXpkYW5naC5zaXRl-gEGNy4zNS4w6AIBiAPE5uatBqgDOuoDJGVkYzI4M2I2LTQ1M2UtNGEyNS05ZDkzLTJmOGFkYTU2NDYzZaoEA0RDSLIFA1VTRNIFCTEwNTE5OTM1ONgFAOAFAOoFB2Rlc2t0b3D6BQRkYzEzqgcDd2ViygcNeWF6ZGFuZ2guc2l0ZeAHAQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a79e82fb537b0621dd3cad7ccff489e28d71450ae91ee4e27b85c5e0f0fd26d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
via
1.1 dce51d45ef5ad8611b405be0de5fb2da.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-C3
age
562
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 25 Jan 2024 17:28:00 GMT
server
cloudflare
etag
W/"d458c9c4d04e49d089648ee8a1473ba4"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
84de98259b4c7435-MIA
x-amz-cf-id
C00JtBN8uLVAZN3gl1-9j5bcE1AJ6JtzW_ghD0KSkWmvkpJ9forDKg==
expires
Wed, 31 Jan 2024 03:41:12 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame F3D8 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=2213280&p=159234&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
bc3d2a38d422c836858e61e56406d51609c770a52ff97e697f1afc1b6f68340a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 31 Jan 2024 02:41:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
khaos.json
token.rubiconproject.com/ Frame 8FBA 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 0960
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b9981059-739e-4e10-a96d-9edd1611ca81&expiration=1709260872&gdpr=0&gdpr_consent=
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b9981059-739e-4e10-a96d-9edd1611ca81&expiration=1709260872&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmtnc.yazdangh.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eVXDVJx6xGXdUGbNHPhBRvusIdal31xXuPsQTwVWM0CINai8GM%2B5alJgcdTxKUC0xOZXW%2FRXEgZVLrqmzdHwIZ6kunAJ3nfPeaD0BXqEy5C7Vu4byLS6t1eoqTladH7Ug%2FiPyaeY4Tkt6w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84de9825eab0746d-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b9981059-739e-4e10-a96d-9edd1611ca81&expiration=1709260872&gdpr=0&gdpr_consent=
date
Wed, 31 Jan 2024 02:41:12 GMT
server
Kestrel
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 0960
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZbmzSMAfevku92bB7ta_rwAABfQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOxiy0Hvzw5I4w3tdAf5BzQ&google_cver=1
43 B
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOxiy0Hvzw5I4w3tdAf5BzQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmtnc.yazdangh.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXpP%2FmCUU%2FFTurq73L9davYWW4qBwdrBX0cOd0ouHjHP%2BK1IihjX3S4l%2BPVxlsx%2FJBnGBQBIsSf8s564pI2fynCvlnmkG8WYdsPnSyWtTpMMgZHSSPYgBbICIu3gI0atQT2VsqxnBqef3g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84de9825fb5574b6-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOxiy0Hvzw5I4w3tdAf5BzQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0960
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZbmzSMAfevku92bB7ta-rwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB4yWkCk3EIbWBOiZlhxKy0&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB4yWkCk3EIbWBOiZlhxKy0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmtnc.yazdangh.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsOcA%2F5MhFjjrX8CgH%2FiEuIRStm5xG6P6cVFtOJnb0WBW5RxvNqvoXbufzdh5ZPTpVvKQdC%2Bz9PsNtesAFJ7sVxNJ81Q7zBcbR1lS%2BSE1jIDAsFifN%2Bq9g8Yeb08a0NyvXAsZrcKN7337Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84de98266c1f74b6-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB4yWkCk3EIbWBOiZlhxKy0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 0960 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZbmzSMAfevku92bB7ta_rwAABfQAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmtnc.yazdangh.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 02:41:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AZZ6R92PYNPBBV4P620C
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0960
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=5467970659483353521&gdpr=0&gdpr_consent=
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=5467970659483353521&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmtnc.yazdangh.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PaAecNYLkthA5SY6QZ3rn3kGNLRe9AyQ3TlYtv1kZN%2FVP18TryDdmlp%2Bz3Hp9oAcqJ32uD59avdJWG5Qb9sZRDxChUrm0N5IonPywtl2gNKZaliXZCODzToS9KZsI5bnxccTon0T%2FBROOA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84de98272d8d74b6-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=5467970659483353521&gdpr=0&gdpr_consent=
date
Wed, 31 Jan 2024 02:41:12 GMT
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 0960
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=968907275132306683
43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=968907275132306683
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmtnc.yazdangh.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8vsMeBPhWBeiwzfaOZNNaYbA3wxYx6wnkgrh1z5CUCH3VOZA0OzaVhqRVRGSfBYjHazPiz3OFka4tMRFRVhQc5afZae7G9XuXRMPLumCAe9WPB8s23lCBlgMPGPyisa%2BV55M65vnusVJEg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84de9825fad9746d-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=968907275132306683
Date
Wed, 31 Jan 2024 02:41:12 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tp_out
d.adroll.com/cm/index/ Frame 0960 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmtnc.yazdangh.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2205:c006:9cb1:4bb0:4b28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
ZbmzSMAfevku92bB7ta_rwAABfQAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0960
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZbmzSMAfevku92bB7ta_rwAABfQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZbmzSMAfevku92bB7ta_rwAABfQAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZbmzSMAfevku92bB7ta_rwAABfQAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmtnc.yazdangh.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
2600:1f18:4e9:5a02:7a40:2956:c998:e321 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZbmzSMAfevku92bB7ta_rwAABfQAAAAB
date
Wed, 31 Jan 2024 02:41:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
htw-pixel.gif
cdn.indexww.com/ht/ Frame 0960 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZbmzSMAfevku92bB7ta-rwAA%261524
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmtnc.yazdangh.site%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
10156
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
84de98259eb6743e-MIA
content-length
43
expires
Thu, 01 Feb 2024 02:41:12 GMT
syncframe
gum.criteo.com/ Frame B36D 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=mtnc.yazdangh.site
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mtnc.yazdangh.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 02:41:12 GMT
server
Kestrel
server-processing-duration-in-ticks
2013855
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.134.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 01 Feb 2024 02:41:12 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ET41S3xoa2MyT0FnbDRHb0xKT2VGUS9QOVJ0Vld1VHBtRFdXREdBdTliTjIyUlZqWlZLZlJOaGlhejBBWEJIQVBEakFEb2ZSNy92eUwvdnhHOWNacFNQR2RMV25RMk52ZEZPZzJQMGV1RGxzRTIwS0k2U094KzRXWCsrRDA1VTlsQXVYa05OSzlSSUJGUmxzRE56TFlUZm02U2o2YlRXNHhGTHJPVHhCc3lPMjVmMU10bDN5Y3lUcEJCNkM2YTBybTM5Nnh1dk5LRythV2tLcHE0K1FKLzMyTXVlNno5VUF4S00vRFByeUFTUmNkNGs4UXhCb1daU1RDaHgzajJ3Y3ZEalhSMEJDdXNScjBCSUdHUlJFODVoVmRqUzhsNGdrMEdjdUdQa2hIZ0M0K3NSND18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 31 Jan 2024 02:41:11 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
463930
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 5692 		0
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
an-x-request-uuid
5180f499-447d-4166-abe9-1ad0157ee8d4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
elb.the-ozone-project.com/ Frame DDF6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=b9981059-739e-4e10-a96d-9edd1611ca81
0
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=b9981059-739e-4e10-a96d-9edd1611ca81
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84de98262d617446-MIA
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=b9981059-739e-4e10-a96d-9edd1611ca81
date
Wed, 31 Jan 2024 02:41:12 GMT
server
Kestrel
content-length
215
sid
mug.criteo.com/ Frame B36D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=yazdangh.site&sn=ChromeSyncframe&so=0&topUrl=mtnc.yazdangh.site&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=qSuBdnwrZVU2ZU9NbmhDOEFRMjdxeFFCQ2FVQUhLeFBFZll6Y0tpaGN2eXNXaVNhYXhHOEUrcXJaTzhzbzB0MFZLMDN3MzVtMEljUU9xekdXSlVDVHJYRU9Qd2E2Y21aamVmOEw0YnpFQmtXaEt2UEsxSmJOKzdtbS9aU2...
420 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=qSuBdnwrZVU2ZU9NbmhDOEFRMjdxeFFCQ2FVQUhLeFBFZll6Y0tpaGN2eXNXaVNhYXhHOEUrcXJaTzhzbzB0MFZLMDN3MzVtMEljUU9xekdXSlVDVHJYRU9Qd2E2Y21aamVmOEw0YnpFQmtXaEt2UEsxSmJOKzdtbS9aU2RrYkYrT0x0OStDUVg0QWdGQVB3U0tySDVObTlwL3lGUmVQWEFGNk9ZMUQwNTcrWkdxVHJ2bS9TR09va0I0RHdDTkk2a2k5Y0pjTUNNNzlLSy9KME1yUnhaZUx4TmVmM085VSs4MHYrSzU1VUtIRVhpTnJNTEZ1TytrRnJ3Y2FDVzR2Q2I2MUhHYk9pSXZvZjdmV2hJSjZ4eVBNZzhMSWlKLzhyM3FQK3BuVjZtMlNZcS9Rcz18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
df6e4cca62bdf0ceb7e3e429d69356f417b255a4e69c1c36331d3d9febfb9660
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1967414
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=qSuBdnwrZVU2ZU9NbmhDOEFRMjdxeFFCQ2FVQUhLeFBFZll6Y0tpaGN2eXNXaVNhYXhHOEUrcXJaTzhzbzB0MFZLMDN3MzVtMEljUU9xekdXSlVDVHJYRU9Qd2E2Y21aamVmOEw0YnpFQmtXaEt2UEsxSmJOKzdtbS9aU2RrYkYrT0x0OStDUVg0QWdGQVB3U0tySDVObTlwL3lGUmVQWEFGNk9ZMUQwNTcrWkdxVHJ2bS9TR09va0I0RHdDTkk2a2k5Y0pjTUNNNzlLSy9KME1yUnhaZUx4TmVmM085VSs4MHYrSzU1VUtIRVhpTnJNTEZ1TytrRnJ3Y2FDVzR2Q2I2MUhHYk9pSXZvZjdmV2hJSjZ4eVBNZzhMSWlKLzhyM3FQK3BuVjZtMlNZcS9Rcz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
366925
content-length
0
expires
0
dcm
s.amazon-adsystem.com/ Frame 4F52 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=BED543C3-DDAA-4404-9C99-43762BCDF25A&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 31 Jan 2024 02:41:12 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
N4D9WFMH6V8H200Y8ZQB
Pug
simage2.pubmatic.com/AdServer/ Frame E57B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2306962077708004521&gdpr=0&gdpr_consent=
42 B
314 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2306962077708004521&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 02:07:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
b46f3463-a8d0-4355-8909-b6d8a832050c
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 02:41:12 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2306962077708004521&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
38.132.118.70; 38.132.118.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame A96E
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=32ae9830-bfe2-11ee-8a80-b0ba7ef1e82d
42 B
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=32ae9830-bfe2-11ee-8a80-b0ba7ef1e82d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 02:07:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Wed, 31 Jan 2024 02:41:12 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=32ae9830-bfe2-11ee-8a80-b0ba7ef1e82d
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
setuid
sync.a-mo.net/ Frame 74DB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEWl9VN0xjMmNBQUJKM3BXMk9xZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABolE7Lc2cAABQDDdU_yQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252C...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5467970659483353521&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?uid=AABolE7Lc2cAABQDDdU_yQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5467970659483353521%26gdpr%3D0%26gdpr_cons...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5467970659483353521&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://bh.contextweb.com/bh/rtset?ev=AABolE7Lc2cAABQDDdU_yQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5467970659483353521%26gdpr%3D0%26bee_sync_pa...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5467970659483353521&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AABolE7Lc2cAABQDDdU_y...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABolE7Lc2cAABQDDdU_yQ&gdpr=0
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dbf368814-a000-427c-8e0d-fef8d691693c%26bidder%3Dpubmatic%26uid%3DBED543C3-DDAA-4404-9C9...
  • https://sync.a-mo.net/setuid?A=bf368814-a000-427c-8e0d-fef8d691693c&bidder=pubmatic&uid=BED543C3-DDAA-4404-9C99-43762BCDF25A
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.a-mo.net/setuid?A=bf368814-a000-427c-8e0d-fef8d691693c&bidder=pubmatic&uid=BED543C3-DDAA-4404-9C99-43762BCDF25A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Wed, 31 Jan 2024 02:41:13 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
3

Redirect headers

cache-control
no-store, no-cache, private
date
Wed, 31 Jan 2024 02:41:13 GMT
location
https://sync.a-mo.net/setuid?A=bf368814-a000-427c-8e0d-fef8d691693c&bidder=pubmatic&uid=BED543C3-DDAA-4404-9C99-43762BCDF25A
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame CB7F 		85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 31 Jan 2024 02:41:12 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760052-MIA
x-timer
S1706668873.722385,VS0,VE55
141
match.deepintent.com/usersync/ Frame A023 		0
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Wed, 31 Jan 2024 02:41:12 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
Pug
simage2.pubmatic.com/AdServer/ Frame 2565
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d9bd276a-98a3-4198-8d32-4153ad57123c&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_449c5e5c-ff06-41db-be24-a766b1a21d72&bsw_param=d9bd276a-98a3-4198-8d32-4153ad57123c&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d9bd276a-98a3-4198-8d32-4153ad57123c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d9bd276a-98a3-4198-8d32-4153ad57123c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 02:41:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 31 Jan 2024 02:41:12 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d9bd276a-98a3-4198-8d32-4153ad57123c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame C5B3
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-KDlrKyms6Djp7X0q6Sq9vymsvTjorOt-aRbXsn4
42 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-KDlrKyms6Djp7X0q6Sq9vymsvTjorOt-aRbXsn4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 02:41:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 31 Jan 2024 02:41:12 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-KDlrKyms6Djp7X0q6Sq9vymsvTjorOt-aRbXsn4
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 8865
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3GHVfCkF1Rv0xi5&gdpr=0&gdpr_consent=
42 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3GHVfCkF1Rv0xi5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 30 Jan 2024 14:56:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 31 Jan 2024 02:41:12 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3GHVfCkF1Rv0xi5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-0eaf4272262e6923a@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F3D8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vtVDw92qRAScmUN2K83yWg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
23.215.40.199 McAllen, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-40-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=24983
accept-ranges
bytes
content-length
5622
expires
Wed, 31 Jan 2024 09:37:35 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame F3D8
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=BED543C3-DDAA-4404-9C99-43762BCDF25A
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Df09cef3f-1901-42e1-9971-5f901e32b7f7%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2306962077708004521&pt=f09cef3f-1901-42e1-9971-5f901e32b7f7%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2306962077708004521&pt=f09cef3f-1901-42e1-9971-5f901e32b7f7%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
an-x-request-uuid
8f507879-0a59-4f2e-a5f2-c4d2d8d969fb
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2306962077708004521&pt=f09cef3f-1901-42e1-9971-5f901e32b7f7%2C%2C
x-proxy-origin
38.132.118.70; 38.132.118.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame F3D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20BED543C3-DDAA-4404-9C99-43762BCDF25A&rnd=RND
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame F3D8 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=BED543C3-DDAA-4404-9C99-43762BCDF25A&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 31 Jan 2024 02:41:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame F3D8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkVENTQzQzMtRERBQS00NDA0LTlDOTktNDM3NjJCQ0RGMjVB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 02:41:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F3D8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECy3PLhDm3XkOPLTR4Jl9Dg&google_cver=1
42 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECy3PLhDm3XkOPLTR4Jl9Dg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 02:41:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECy3PLhDm3XkOPLTR4Jl9Dg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F3D8
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D0C3B5AA26FB41FBB857059B376B5E1C
42 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D0C3B5AA26FB41FBB857059B376B5E1C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 30 Jan 2024 14:56:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Wed, 31 Jan 2024 02:41:12 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D0C3B5AA26FB41FBB857059B376B5E1C
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 30 Jan 2024 02:41:12 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F3D8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b9981059-739e-4e10-a96d-9edd1611ca81&gdpr=0&gdpr_consent=
42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b9981059-739e-4e10-a96d-9edd1611ca81&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 30 Jan 2024 14:56:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b9981059-739e-4e10-a96d-9edd1611ca81&gdpr=0&gdpr_consent=
date
Wed, 31 Jan 2024 02:41:12 GMT
server
Kestrel
content-length
355
BED543C3-DDAA-4404-9C99-43762BCDF25A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F3D8 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/BED543C3-DDAA-4404-9C99-43762BCDF25A?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:7a40:2956:c998:e321 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame F3D8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BED543C3-DDAA-4404-9C99-43762BCDF25A&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GQB7d1NE2uXx7p5IEDXhk_k7idsRp4E-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GQB7d1NE2uXx7p5IEDXhk_k7idsRp4E-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GQB7d1NE2uXx7p5IEDXhk_k7idsRp4E-~A&gdpr=0
date
Wed, 31 Jan 2024 02:41:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame F3D8
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9168d22e-ee59-4ba9-9899-5003b4d003be&gdpr=0&gdpr_consent=
1 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9168d22e-ee59-4ba9-9899-5003b4d003be&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 30 Jan 2024 14:21:51 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9168d22e-ee59-4ba9-9899-5003b4d003be&gdpr=0&gdpr_consent=
Date
Wed, 31 Jan 2024 02:41:12 GMT
Connection
keep-alive
X-CI-RTID
ca924bee-e86d-4b7e-936e-4283c2272d90
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame F3D8
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BED543C3-DDAA-4404-9C99-43762BCDF25A&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3b0c7174419206dd&is_secure=true&networkId=17100&version=1&nuid=BED543C3-DDAA-4404-9C99-43762BCDF25A&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAB9atmfuFoPANrEHBjAAAAAAA&expiration=1706755273&nuid=BED543C3-DDAA-4404-9C99-43762BCDF25A&...
42 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAB9atmfuFoPANrEHBjAAAAAAA&expiration=1706755273&nuid=BED543C3-DDAA-4404-9C99-43762BCDF25A&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 30 Jan 2024 14:56:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:13 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAB9atmfuFoPANrEHBjAAAAAAA&expiration=1706755273&nuid=BED543C3-DDAA-4404-9C99-43762BCDF25A&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame F3D8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2417723234098269795&gdpr=0&gdpr_consent=&us_privacy=
1 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2417723234098269795&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 02:41:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2417723234098269795&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sn.ashx
pmp.mxptint.net/ Frame F3D8
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33647_110214631_A6B78A3A&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
HTTP/1.1
Server
38.98.69.175 North Bergen, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-389673672; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Wed, 31 Jan 2024 02:41:12 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-389673672; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Wed, 31 Jan 2024 02:41:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame F3D8 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.33.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-33-43.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
2874c84bfd818cf5244e09f4fbf690c1ed292f8d71464ffc38f2bc277a661127
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mtnc.yazdangh.site
date
Wed, 31 Jan 2024 02:41:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 8FBA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFMxNktWRE4tMVotQktYVQ==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDDsYzI1RF08QMk3FjFAK0w&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxNktWRE4tMVotQktYVQ==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxNktWRE4tMVotQktYVQ==&google_push=
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxNktWRE4tMVotQktYVQ==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9ec8d9f39d449b1296af0ad28765469
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8FBA 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 02:41:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZAVX6AYQ7D7JNNDRHK38
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8FBA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b9981059-739e-4e10-a96d-9edd1611ca81&gdpr=0&gdpr_consent=&expires=30
42 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b9981059-739e-4e10-a96d-9edd1611ca81&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b9ec8d9f39d449b1296af0ad28765469
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b9981059-739e-4e10-a96d-9edd1611ca81&gdpr=0&gdpr_consent=&expires=30
date
Wed, 31 Jan 2024 02:41:12 GMT
server
Kestrel
content-length
289
pixel
cm.g.doubleclick.net/ Frame 8FBA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDMzOWY3ZWM5YjlmNmJmODQ3OTJjNjA0MzAxNjNmMDZlMzdmZDQ4NA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDMzOWY3ZWM5YjlmNmJmODQ3OTJjNjA0MzAxNjNmMDZlMzdmZDQ4NA
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDMzOWY3ZWM5YjlmNmJmODQ3OTJjNjA0MzAxNjNmMDZlMzdmZDQ4NA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 8FBA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LS16KVDN-1Z-BKXU&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LS16KVDN-1Z-BKXU&ex=d-rubiconproject.com&status=ok
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 02:41:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V49HWHQYA6R20NKXA4KC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LS16KVDN-1Z-BKXU&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9ec8d9f39d449b1296af0ad28765469
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 8FBA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELfKWu0FvPmMBmCv0Tk2lJs&google_cver=1
42 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELfKWu0FvPmMBmCv0Tk2lJs&google_cver=1
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b9ec8d9f39d449b1296af0ad28765469
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELfKWu0FvPmMBmCv0Tk2lJs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8FBA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Z7gwsCUFtzaQfcyEFmwjLsn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HYHnMbhE2oJlVVUSAzf4JUh2wCkqnFnklj4VYw--~A
42 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HYHnMbhE2oJlVVUSAzf4JUh2wCkqnFnklj4VYw--~A
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b9ec8d9f39d449b1296af0ad28765469
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 31 Jan 2024 02:41:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HYHnMbhE2oJlVVUSAzf4JUh2wCkqnFnklj4VYw--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame 8FBA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS16KVDN-1Z-BKXU
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS16KVDN-1Z-BKXU
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 8387B7FD72E64081AF006A537D8739BE Ref B: MIAEDGE2512 Ref C: 2024-01-31T02:41:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYQNM/rMJl50on9bWycWA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS16KVDN-1Z-BKXU
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 8FBA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xW4ool_DThGz2uf1kROf2g&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xW4ool_DThGz2uf1kROf2g
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xW4ool_DThGz2uf1kROf2g
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 02:41:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EP1CXX7HEF2GZ6KXBHK6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xW4ool_DThGz2uf1kROf2g
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9ec8d9f39d449b1296af0ad28765469
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8FBA
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABolE7Lc2cAABQDDdU_yQ&expires=30
42 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABolE7Lc2cAABQDDdU_yQ&expires=30
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b9ec8d9f39d449b1296af0ad28765469
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABolE7Lc2cAABQDDdU_yQ&expires=30
Date
Wed, 31 Jan 2024 02:41:12 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cksync
hb.yahoo.net/ Frame 8FBA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LS16KVDN-1Z-BKXU&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LS16KVDN-1Z-BKXU&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1xXzFuQklKRTJ1SDAzYnBDQjZleVVsSUMxWjl2QURoMH5B&ovsid=LS16KVDN-1Z-BKXU&dpid=58160
57 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1xXzFuQklKRTJ1SDAzYnBDQjZleVVsSUMxWjl2QURoMH5B&ovsid=LS16KVDN-1Z-BKXU&dpid=58160
Protocol
H2
Server
23.58.127.99 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Wed, 31 Jan 2024 02:41:13 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Wed, 31 Jan 2024 02:41:13 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1xXzFuQklKRTJ1SDAzYnBDQjZleVVsSUMxWjl2QURoMH5B&ovsid=LS16KVDN-1Z-BKXU&dpid=58160
date
Wed, 31 Jan 2024 02:41:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/sync/ Frame 8FBA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LS16KVDN-1Z-BKXU
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LS16KVDN-1Z-BKXU
Protocol
H2
Server
34.200.143.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-143-154.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LS16KVDN-1Z-BKXU
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9ec8d9f39d449b1296af0ad28765469
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame 8FBA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LS16KVDN-1Z-BKXU
0
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LS16KVDN-1Z-BKXU
Protocol
H2
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LS16KVDN-1Z-BKXU
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9ec8d9f39d449b1296af0ad28765469
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 8FBA
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9168d22e-ee59-4ba9-9899-5003b4d003be&expires=30
42 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9168d22e-ee59-4ba9-9899-5003b4d003be&expires=30
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b9ec8d9f39d449b1296af0ad28765469
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9168d22e-ee59-4ba9-9899-5003b4d003be&expires=30
Date
Wed, 31 Jan 2024 02:41:12 GMT
Connection
keep-alive
X-CI-RTID
a9476fe2-1cae-4f24-ac24-dd68b16c6579
Content-Length
144
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame 8FBA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LS16KVDN-1Z-BKXU
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LS16KVDN-1Z-BKXU
Protocol
H2
Server
68.67.160.24 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:13 GMT
an-x-request-uuid
477a2b8a-a529-44ee-be4d-61d1107043b5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LS16KVDN-1Z-BKXU
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9ec8d9f39d449b1296af0ad28765469
Expires
0
merge
ce.lijit.com/ Frame 8FBA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LS16KVDN-1Z-BKXU
43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LS16KVDN-1Z-BKXU
Protocol
H2
Server
44.194.20.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-20-78.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Wed, 31 Jan 2024 02:41:13 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LS16KVDN-1Z-BKXU
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9ec8d9f39d449b1296af0ad28765469
Expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3DB1 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=20a12167-4a78-416f-b741-9dd37fa33e6d&publisherId=OZONEVEN0005&siteId=3500000609&cb=1706668868958&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.215.40.199 McAllen, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-40-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=24983
content-encoding
gzip
content-length
5622
content-type
text/html
date
Wed, 31 Jan 2024 02:41:12 GMT
expires
Wed, 31 Jan 2024 09:37:35 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
elb.the-ozone-project.com/ Frame DDF6
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://elb.the-ozone-project.com/setuid?bidder=openx&uid=2a92b3c7-ecda-4195-ba2a-de95a5be1217
0
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=2a92b3c7-ecda-4195-ba2a-de95a5be1217
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84de9827d8d57446-MIA
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=2a92b3c7-ecda-4195-ba2a-de95a5be1217
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121
258.json
id5-sync.com/g/v2/ 		625 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/258.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
ff25a5b0faf999014ddf23de01ab703459bb2821ebcbe7cd6bca6a382d702b8b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mtnc.yazdangh.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mtnc.yazdangh.site
date
Wed, 31 Jan 2024 02:41:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
idl.js
assets.a-mo.net/js/ Frame 9DC0 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=mtnc.yazdangh.site&e=27&uid=bf368814-a000-427c-8e0d-fef8d691693c
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
via
1.1 b26547db1e1891a614cdee548c1b3f08.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-C3
age
173
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 02 Nov 2023 21:08:31 GMT
server
cloudflare
etag
W/"771a6a92588a8fb45e42a04fa3fe9ddd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
84de9827bf377435-MIA
x-amz-cf-id
E-4XP_p_3Q-gnedjFUG7c488ueSGMgtPpyXRaKqomZV75VnTsru5uw==
expires
Wed, 31 Jan 2024 03:41:12 GMT
set
id.a-mx.com/ Frame 9DC0
Redirect Chain
  • https://id.a-mx.com/sync?tao=1&&do=mtnc.yazdangh.site
  • https://c3.a-mo.net/b?uid=42801c47-af29-4b50-9b5f-0739f9fe4005&sh=id.a-mx.com&
  • https://id.a-mx.com/set?oid=42801c47-af29-4b50-9b5f-0739f9fe4005&uid=bf368814-a000-427c-8e0d-fef8d691693c&
99 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/set?oid=42801c47-af29-4b50-9b5f-0739f9fe4005&uid=bf368814-a000-427c-8e0d-fef8d691693c&
Protocol
HTTP/1.1
Server
131.153.242.59 , United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
/
Resource Hash
2644ea1a0fb53b7b0e69ed533e6bf377bdf89f0262d20cfae8da240a62fd7e32

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
null
date
Wed, 31 Jan 2024 02:41:13 GMT
access-control-allow-credentials
true
content-length
99
content-type
application/json

Redirect headers

access-control-allow-origin
null
location
https://id.a-mx.com/set?oid=42801c47-af29-4b50-9b5f-0739f9fe4005&uid=bf368814-a000-427c-8e0d-fef8d691693c&
date
Wed, 31 Jan 2024 02:41:13 GMT
access-control-allow-credentials
true
content-length
0
usync.html
eus.rubiconproject.com/ Frame 0F2A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-adaptmx
  • https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.a-mo.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Jan 2024 02:41:13 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 31 Jan 2024 02:41:12 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
server
AkamaiGHost
bidswitch
sync-dmp.mobtrakk.com/match/ Frame 9DC0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=bf368814-a000-427c-8e0d-fef8d691693c&gdpr=0&gdpr_consent=&us_privacy=1---_e&gpp=&gpp_sid=
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=1---_e&ssp=adaptmx&bsw=d9bd276a-98a3-4198-8d32-4153ad57123c
0
0
yahoo
prebid.a-mo.net/setuid/ Frame 9DC0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?uid=bf368814-a000-427c-8e0d-fef8d691693c
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-yXJMQ1lE2uEkXTTluAPKywywOUSK_LePV4ae7bE-~A
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-yXJMQ1lE2uEkXTTluAPKywywOUSK_LePV4ae7bE-~A
Protocol
H2
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-yXJMQ1lE2uEkXTTluAPKywywOUSK_LePV4ae7bE-~A
date
Wed, 31 Jan 2024 02:41:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.a-mo.net/ Frame 9DC0
Redirect Chain
  • https://id.a-mx.com/u?gdpr=0&gdpr_consent=&us_privacy=1---_e&gpp=&gpp_sid=&cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dbf368814-a000-427c-8e0d-fef8d691693c%26bidder%3Damx_com%26uid%3D
  • https://sync.a-mo.net/setuid?A=bf368814-a000-427c-8e0d-fef8d691693c&bidder=amx_com&uid=bf368814-a000-427c-8e0d-fef8d691693c
0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.a-mo.net/setuid?A=bf368814-a000-427c-8e0d-fef8d691693c&bidder=amx_com&uid=bf368814-a000-427c-8e0d-fef8d691693c
Protocol
H2
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://sync.a-mo.net/setuid?A=bf368814-a000-427c-8e0d-fef8d691693c&bidder=amx_com&uid=bf368814-a000-427c-8e0d-fef8d691693c
date
Wed, 31 Jan 2024 02:41:12 GMT
content-length
0
setuid
sync.a-mo.net/ Frame 9DC0
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=1---_e&r=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dbf368814-a000-427c-8e0d-fef8d691693c%26bidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://sync.a-mo.net/setuid?A=bf368814-a000-427c-8e0d-fef8d691693c&bidder=openx&uid=2a92b3c7-ecda-4195-ba2a-de95a5be1217
0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.a-mo.net/setuid?A=bf368814-a000-427c-8e0d-fef8d691693c&bidder=openx&uid=2a92b3c7-ecda-4195-ba2a-de95a5be1217
Protocol
H2
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://sync.a-mo.net/setuid?A=bf368814-a000-427c-8e0d-fef8d691693c&bidder=openx&uid=2a92b3c7-ecda-4195-ba2a-de95a5be1217
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
152
cookie
cm.adform.net/ Frame 9DC0 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&us_privacy=1---_e&gpp=&gpp_sid=&redirect_url=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dbf368814-a000-427c-8e0d-fef8d691693c%26bidder%3Dadform%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:13 GMT
server
nginx
content-length
43
content-type
image/gif
ImgSync
image8.pubmatic.com/AdServer/ Frame 9DC0
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&us_privacy=1---_e&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=95acaf6b-70a7-4062-be60-62219d850a80-65b9b349-5553&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=3aEA_qeNdHMj2WIdj7sL6wdCV7jMRgBIKgraWU5SGwE&pi=pubmatic&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6350823125048371624
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Protocol
H2
Server
104.36.113.110 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:13 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Wed, 31 Jan 2024 02:41:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
sync.a-mo.net/ Frame 9DC0
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=1---_e&cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dbf368814-a000-427c-8e0d-fef8d691693c%26bidder%3Dindex_rtb%2...
  • https://sync.a-mo.net/setuid?A=bf368814-a000-427c-8e0d-fef8d691693c&bidder=index_rtb&uid=ZbmzSMAfevku92bB7ta-rwAA%261524
0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.a-mo.net/setuid?A=bf368814-a000-427c-8e0d-fef8d691693c&bidder=index_rtb&uid=ZbmzSMAfevku92bB7ta-rwAA%261524
Protocol
H2
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9qyEAG2BKJttd0Md5R8TU6SRqAJpiDvHQykiyUCBONQdUVBO3V%2B%2Bmtwdhr0KJhPJ6LuduxwYrg9CLfx2P763fZWy8pxv3%2BE1GJz8jTr2JQ%2FK8J8edaJNS1OdG2rRUnzFCEXG8Xe"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://sync.a-mo.net/setuid?A=bf368814-a000-427c-8e0d-fef8d691693c&bidder=index_rtb&uid=ZbmzSMAfevku92bB7ta-rwAA%261524
cache-control
no-cache
cf-ray
84de9827cf04746d-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
ap.lijit.com/ Frame 9DC0 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=1---_e&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dbf368814-a000-427c-8e0d-fef8d691693c%26bidder%3Dsovrn%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.156.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-156-11.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 31 Jan 2024 02:41:12 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
setuid
sync.a-mo.net/ Frame 9DC0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dbf368814-a000-427c-8e0d-fef8d691693c%26bidder%3Dappnexus%26uid%3D%24UID
  • https://sync.a-mo.net/setuid?A=bf368814-a000-427c-8e0d-fef8d691693c&bidder=appnexus&uid=2306962077708004521
0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.a-mo.net/setuid?A=bf368814-a000-427c-8e0d-fef8d691693c&bidder=appnexus&uid=2306962077708004521
Protocol
H2
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
an-x-request-uuid
b1371d4e-5dfc-4caa-839a-b96d24facdae
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.a-mo.net/setuid?A=bf368814-a000-427c-8e0d-fef8d691693c&bidder=appnexus&uid=2306962077708004521
x-proxy-origin
38.132.118.70; 38.132.118.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame 9DC0 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=bf368814-a000-427c-8e0d-fef8d691693c&do=mtnc.yazdangh.site
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.237.133.243 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:13 GMT
content-length
0
content-type
text/html
setuid
ib.adnxs.com/prebid/ Frame 9DC0 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=bf368814-a000-427c-8e0d-fef8d691693c&do=mtnc.yazdangh.site
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
an-x-request-uuid
a5c101cc-86c6-40d5-aafb-251b28ef06bd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-8C95YRZHMZ&gtm=45je41t0v878191735&_p=1706668866956&gcd=11l1l1l1l1&dma=0&cid=81821566.1706668867&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=2&sid=1706668867&sct=1&seg=0&dl=https%3A%2F%2Fmtnc.yazdangh.site%2F&dt=Clash%20of%20Clans%20Guides%20and%20Upgrade%20Tracker%20-%20Clash%20Ninja&en=launch&_ee=1&ep.event_category=PWA&ep.event_label=browser%20tab&_et=538&tfd=6930
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8C95YRZHMZ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::8b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mtnc.yazdangh.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mtnc.yazdangh.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6cabe61c-7ef5-418c-abc0-8536e840ef7a
https://sync.a-mo.net/ Frame 9DC0 		179 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://sync.a-mo.net/6cabe61c-7ef5-418c-abc0-8536e840ef7a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14c6abb30c6e9e78535602294b18ed6df19f83d2e704acd8fef305e9e5e38b42

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
179
Content-Type
fed
ups.analytics.yahoo.com/ups/58771/ Frame 9DC0 		316 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58771/fed?1p=0&gdpr=0&gdpr_consent=&us_privacy=&pixelId=58771&puid=bf368814-a000-427c-8e0d-fef8d691693c
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=mtnc.yazdangh.site&e=27&uid=bf368814-a000-427c-8e0d-fef8d691693c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
0f940ce11b34c69244819691130d4fdb4974cac9b3eea798579dcf8fdc835a66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://sync.a-mo.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 02:41:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://sync.a-mo.net
content-type
application/json
access-control-allow-credentials
true
setuid
elb.the-ozone-project.com/ Frame DDF6
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_pr...
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZbmzSMAfevku92bB7ta-rwAA%261524
0
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZbmzSMAfevku92bB7ta-rwAA%261524
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84de98296c207446-MIA
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I46lDR5LG3D1jyvhzMwDYUgnSD%2BqMjsP%2F397Pj9Bzn3N9gtbA32cTUVpLj3aY3wT2lia00T1JlnLYqXvo7og%2B0XP3XRzNMCnhJQxGVLPTVBsND5tvjA%2FKTz8S9ohorX5nu%2F%2Bpru2"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZbmzSMAfevku92bB7ta-rwAA%261524
cache-control
no-cache
cf-ray
84de9828b8b674b6-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
usync.js
eus.rubiconproject.com/ Frame 0F2A 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
508ec1418d9498ff28d313b9972402037e837ceca5c372c672099a23dbdb764d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 02:41:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jan 2024 17:22:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52925
Connection
keep-alive
Content-Length
10919
Expires
Wed, 31 Jan 2024 17:23:18 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0F28 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=541309096&rd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.215.40.199 McAllen, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-40-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=24982
content-encoding
gzip
content-length
5622
content-type
text/html
date
Wed, 31 Jan 2024 02:41:13 GMT
expires
Wed, 31 Jan 2024 09:37:35 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/ Frame 1987
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=f84238f2-f10a-495d-b7ee-1zz1706668849
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Drichaudience%26expires%3D3...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Drichaudience%26expires%3D3...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=212d318e-df86-531f-9250-89e9f7e93aa0&ssp=richaudience&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=d9bd276a-98a3-4198-8d32-4153ad57123c&gdpr=0&gdpr_consent=&us_ps=
95 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=d9bd276a-98a3-4198-8d32-4153ad57123c&gdpr=0&gdpr_consent=&us_ps=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=541309096&rd=1
Protocol
H2
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/png
date
Wed, 31 Jan 2024 02:40:49 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Location
//sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=d9bd276a-98a3-4198-8d32-4153ad57123c&gdpr=0&gdpr_consent=&us_ps=
Date
Wed, 31 Jan 2024 02:41:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
sync.richaudience.com/056f32ee5cf49404607e368bd8d3f2af/ Frame 1987
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=2048&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2F056f32ee5cf49404607e368bd8d3f2af%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D%7BPUB_USER_I...
  • https://sync.richaudience.com/056f32ee5cf49404607e368bd8d3f2af/?gdpr=0&euconsent=&uid=d6f1afb1-0dca-4ba7-8eb1-2598288c441a
95 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/056f32ee5cf49404607e368bd8d3f2af/?gdpr=0&euconsent=&uid=d6f1afb1-0dca-4ba7-8eb1-2598288c441a
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=541309096&rd=1
Protocol
H2
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/png
date
Wed, 31 Jan 2024 02:40:49 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/056f32ee5cf49404607e368bd8d3f2af/?gdpr=0&euconsent=&uid=d6f1afb1-0dca-4ba7-8eb1-2598288c441a
access-control-allow-origin
*
date
Wed, 31 Jan 2024 02:41:13 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/ Frame 1987
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/richaudience?gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AABolE7Lc2cAABQDDdU_yQ&gdpr=0
95 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AABolE7Lc2cAABQDDdU_yQ&gdpr=0
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=541309096&rd=1
Protocol
H2
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/png
date
Wed, 31 Jan 2024 02:40:49 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AABolE7Lc2cAABQDDdU_yQ&gdpr=0
Date
Wed, 31 Jan 2024 02:41:13 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
khaos.json
token.rubiconproject.com/ Frame 0F2A 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LS16KVDN-1Z-BKXU
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Expires
0
rum
id.rtb.mx/ Frame 9DC0 		0
476 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://id.rtb.mx/rum?
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
131.153.242.59 , United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.a-mo.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://sync.a-mo.net
date
Wed, 31 Jan 2024 02:41:13 GMT
access-control-allow-credentials
true
magnite
prebid.a-mo.net/setuid/ Frame 0F2A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&khaos=LS16KVDN-1Z-BKXU
  • https://prebid.a-mo.net/setuid/magnite?uid=LS16KVDN-1Z-BKXU
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LS16KVDN-1Z-BKXU
Protocol
H2
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:12 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LS16KVDN-1Z-BKXU
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9ec8d9f39d449b1296af0ad28765469
Expires
0
setuid
elb.the-ozone-project.com/ Frame DDF6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=2306962077708004521
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=2306962077708004521
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84de982abee97446-MIA
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:13 GMT
an-x-request-uuid
d14a54f0-b94c-443d-a554-213d304e9035
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=2306962077708004521
x-proxy-origin
38.132.118.70; 38.132.118.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie
cm.adform.net/ Frame DDF6 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:13 GMT
server
nginx
content-length
43
content-type
image/gif
async_usersync
ib.adnxs.com/ Frame 5692 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:13 GMT
an-x-request-uuid
fe28087c-d00f-4196-b186-5fcfaa8fea6d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
elb.the-ozone-project.com/ Frame DDF6
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdp...
  • https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=5467970659483353521
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=5467970659483353521
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84de982cdbac7446-MIA
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=5467970659483353521
date
Wed, 31 Jan 2024 02:41:13 GMT
content-length
0
setuid
elb.the-ozone-project.com/ Frame DDF6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
  • https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LS16KVDN-1Z-BKXU&gdpr=0
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LS16KVDN-1Z-BKXU&gdpr=0
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
84de982dce007446-MIA
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LS16KVDN-1Z-BKXU&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9ec8d9f39d449b1296af0ad28765469
Expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame F3D8 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159234&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame F3D8 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=74904018&p=159234&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c18f9b1652605be556adc4e15f34f4123314aae74746e7882f5356da748aad68

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 31 Jan 2024 02:41:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame BE32
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=730ed332-f61b-4644-bc2f-ded5e70c072d&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BED543C3-DDAA-4404-9C99-43762BCDF25A
42 B
489 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BED543C3-DDAA-4404-9C99-43762BCDF25A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.27.57 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Wed, 31 Jan 2024 02:41:15 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 30 Jan 2024 14:42:22 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BED543C3-DDAA-4404-9C99-43762BCDF25A
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 64B7
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 02:41:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 02:41:15 GMT
expires
Wed, 31 Jan 2024 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1039163
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9A36
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-tBDgfwlV_hvwp42xPpc4iaEdkY&gdpr=0&gdpr_consent=
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-tBDgfwlV_hvwp42xPpc4iaEdkY&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 02:41:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Wed, 31 Jan 2024 02:41:15 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-tBDgfwlV_hvwp42xPpc4iaEdkY&gdpr=0&gdpr_consent=
i.match
s.tribalfusion.com/z/ Frame E99A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
428 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
84de983a39c367ec-MIA
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 02:41:15 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
84de9839887f67ec-MIA
content-type
text/html
date
Wed, 31 Jan 2024 02:41:15 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
944
Pug
image2.pubmatic.com/AdServer/ Frame B7D5
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968907275132306683
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968907275132306683
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 02:41:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Wed, 31 Jan 2024 02:41:15 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968907275132306683
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame F48B
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=883402450069
42 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=883402450069
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 02:41:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=883402450069
Pug
simage2.pubmatic.com/AdServer/ Frame 6781
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 02:41:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 31 Jan 2024 02:41:16 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 7254
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4cc465b9-b34b-4200-96b3-0741c0bdbc9f&gdpr=0&gdpr_consent=
42 B
290 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4cc465b9-b34b-4200-96b3-0741c0bdbc9f&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 30 Jan 2024 14:55:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 31 Jan 2024 02:41:15 GMT
Expires
Wed, 31 Jan 2024 02:41:14 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1451 1934b03 master ord ord-pixel-x48 config_version:"1906"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4cc465b9-b34b-4200-96b3-0741c0bdbc9f&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame F56E
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU4bd463b7bbca48b184a928935b34d339
42 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU4bd463b7bbca48b184a928935b34d339
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 02:41:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 02:41:15 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU4bd463b7bbca48b184a928935b34d339
pragma
no-cache
server
nginx
pubmatic
ad.mrtnsvr.com/sync/ Frame BB42 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame DA7B
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=97PKv8DRDaGhiZ4OTLO5ZQ
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2997
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1706668875837
  • https://ad.turn.com/r/cs?pid=45&rndcb=1454695301
  • https://sync.1rx.io/usersync/turn/2417723234098269795?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-68e44af1-0fe7-4d2d-aa8a-4aef63cf4250-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-68e44af1-0fe7-4d2d-aa8a-4aef63cf4250-005
42 B
457 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-68e44af1-0fe7-4d2d-aa8a-4aef63cf4250-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 02:07:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Wed, 31 Jan 2024 02:41:16 GMT
etag
RX68e44af10fe74d2daa8a4aef63cf4250005
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-68e44af1-0fe7-4d2d-aa8a-4aef63cf4250-005
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
cm
ipac.ctnsnet.com/int/ Frame 0E54 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 31 Jan 2024 02:41:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame 27ED 		0
0
pub
matching.truffle.bid/sync/ Frame EAF7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 -, , ASN (),
Reverse DNS
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 31 Jan 2024 02:41:16 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 9BC9
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7599552751598215526&uid=Q759955275159821...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7599552751598215526
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7599552751598215526
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 30 Jan 2024 14:42:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=29583
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Wed, 31 Jan 2024 02:41:15 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7599552751598215526
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame 6331
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D0C3B5AA26FB41FBB857059B376B5E1C&gdpr=0&gdpr_consent=
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D0C3B5AA26FB41FBB857059B376B5E1C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 02:41:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Wed, 31 Jan 2024 02:41:15 GMT
expires
Tue, 30 Jan 2024 02:41:15 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D0C3B5AA26FB41FBB857059B376B5E1C&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
insync
thrtle.com/ Frame F3D8
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=BED543C3-DDAA-4404-9C99-43762BCDF25A&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=BED543C3-DDAA-4404-9C99-43762BCDF25A&vxii_pid=12&vxii_pid1=10067&vxii_rcid=86fce7ee-5832-4f78-9b12-309a5686df57
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=BED543C3-DDAA-4404-9C99-43762BCDF25A&vxii_pid=12&vxii_pid1=10067&vxii_rcid=86fce7ee-5832-4f78-9b12-309a5686df57
Protocol
H2
Server
23.23.156.183 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Wed, 31 Jan 2024 02:41:15 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=BED543C3-DDAA-4404-9C99-43762BCDF25A&vxii_pid=12&vxii_pid1=10067&vxii_rcid=86fce7ee-5832-4f78-9b12-309a5686df57
date
Wed, 31 Jan 2024 02:41:15 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame F3D8 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=BED543C3-DDAA-4404-9C99-43762BCDF25A&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:15 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame F3D8 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=BED543C3-DDAA-4404-9C99-43762BCDF25A&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.218.250.129 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:15 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame F3D8 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=BED543C3-DDAA-4404-9C99-43762BCDF25A&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.97.47 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 31 Jan 2024 02:41:15 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F3D8
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ac47a1a4-1dcb-4d77-bfb1-f95fb8cf5899&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ac47a1a4-1dcb-4d77-bfb1-f95fb8cf5899&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 02:41:15 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ac47a1a4-1dcb-4d77-bfb1-f95fb8cf5899&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 31 Jan 2024 02:41:16 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame 3DB1 		692 B
1003 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=17800283&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
fc8784955b40693866aa35b4e2367c0d5920458628704529b500a241eb3fa1d3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 31 Jan 2024 02:41:15 GMT
content-length
692
content-type
text/html; charset=UTF-8
setuid
elb.the-ozone-project.com/ Frame 91A4 		0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=BED543C3-DDAA-4404-9C99-43762BCDF25A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84de983a5ad97446-MIA
content-length
0
date
Wed, 31 Jan 2024 02:41:15 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 3DB1 		0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=BED543C3-DDAA-4404-9C99-43762BCDF25A&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.58 -, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:16 GMT
via
1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK52-P4
content-length
0
x-amz-cf-id
Xd8tgiKea4btr0n3F3lpc3KGinHCayVZF_KCmtDlVL1KErxZgnNCYg==
x-cache
Error from cloudfront
db_sync
px.ads.linkedin.com/ Frame 3DB1
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=BED543C3-DDAA-4404-9C99-43762BCDF25A&gdpr=0&gdpr_consent=
  • https://pippio.com/api/sync?pid=5324&it=1&iv=16dc3593ae4a06fe4a3e4e498dca4960378a23a70e06201ad0edc2cf5e2d011b791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=16dc3593ae4a06fe4a3e4e498dca4960378a23a70e06201ad0edc2cf5e2d011b791426b5417dce21&rand=03406679
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=16dc3593ae4a06fe4a3e4e498dca4960378a23a70e06201ad0edc2cf5e2d011b791426b5417dce21&rand=03406679
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:15 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 6BB6A21B6A5E411B9EC0A0708E07F9EB Ref B: MIAEDGE2512 Ref C: 2024-01-31T02:41:16Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYQNNAcaiJGnYbVu+zG2A==

Redirect headers

date
Wed, 31 Jan 2024 02:41:16 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=16dc3593ae4a06fe4a3e4e498dca4960378a23a70e06201ad0edc2cf5e2d011b791426b5417dce21&rand=03406679
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=BED543C3-DDAA-4404-9C99-43762BCDF25A/gdpr=0/ Frame 3DB1
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=BED543C3-DDAA-4404-9C99-43762BCDF25A/gdpr=0/gdpr_consent=
  • https://bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=BED543C3-DDAA-4404-9C99-43762BCDF25A/gdpr=0/gdpr_consent=
49 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=BED543C3-DDAA-4404-9C99-43762BCDF25A/gdpr=0/gdpr_consent=
Protocol
H2
Server
52.71.57.44 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:16 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.15.91
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 02:41:16 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=BED543C3-DDAA-4404-9C99-43762BCDF25A/gdpr=0/gdpr_consent=
cache-control
no-cache
x-server
10.40.5.239
content-length
0
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 3DB1 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=BED543C3-DDAA-4404-9C99-43762BCDF25A&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 02:41:15 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
setuid
elb.the-ozone-project.com/ Frame 0BA7 		0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=BED543C3-DDAA-4404-9C99-43762BCDF25A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84de983a9b607446-MIA
content-length
0
date
Wed, 31 Jan 2024 02:41:15 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
/
sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/ Frame 74B3 		0
0
/
sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/ Frame 765B 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cloudflareinsights.com
URL
https://cloudflareinsights.com/cdn-cgi/rum
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=2173
Domain
sync-dmp.mobtrakk.com
URL
https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=1---_e&ssp=adaptmx&bsw=d9bd276a-98a3-4198-8d32-4153ad57123c
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=97PKv8DRDaGhiZ4OTLO5ZQ
Domain
core.iprom.net
URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Domain
sync.richaudience.com
URL
https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?gdpr=0&euconsent=&uid=BED543C3-DDAA-4404-9C99-43762BCDF25A
Domain
sync.richaudience.com
URL
https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?gdpr=0&euconsent=&uid=BED543C3-DDAA-4404-9C99-43762BCDF25A

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunkad_manager object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| ADAGIO string| nobidVersion object| nobid object| mnet object| gaplugins object| gaData object| __VM object| au function| $ function| jQuery object| Foundation function| brokenImg function| overviewDropdown function| setTabsDDLFromHash function| showAlertBar function| clearAlertBar function| showFooterStatusBar function| clearFooterStatusBar function| switchTheme function| setBanners function| updateOverviewProgressBar function| generateProgressHolder function| loadOverview function| updateOverview function| structureSliders function| setGroupValues function| setAllGroupValuesToMax function| setAllGroupValuesToPrevMax function| resetAllGroupValues function| checkOTTOStatus function| wallSliders function| wallTotal function| copyShareLink function| openVillageShareModal function| setVillageShareMode function| showFAQModal function| openVerifyModal function| verifyPlayer function| formatTime function| formatDuration function| getResourceIcon function| formatNumber function| timeToGems function| gemsToTime function| addDays function| scrollToElement function| ValidatorUpdateDisplay function| getCookie function| is_touch_device function| isNumeric function| isBrowserLocale24h function| tryParseJSONObject function| lockOrientation function| unlockOrientation function| statusprocessor function| fetchDetails function| iOSversion function| IGELoad function| IGEUpdate object| DateFormat object| igeRemain number| start object| luxon object| $header boolean| headerShrunk boolean| processing object| oLoads object| oTimer object| whatInput function| jQueryCollapse function| jQueryCollapseSection function| jQueryCollapseStorage function| Cookies boolean| abchek object| __cfBeacon function| clearImmediate function| setImmediate object| ats object| apstag object| xl8_config object| _qevents function| nmc function| sendToNielsen object| ggeac object| google_js_reporting_queue object| edktInitializor object| _aps boolean| apstagLOADED object| apscustom undefined| google_measure_js_timing function| ha object| cnvr_launcher_options object| Criteo object| hadron boolean| __halo_loaded__ object| conversant object| ID5 object| PublisherCommonId object| __id5_instances function| quantserve function| __qc object| ezt object| _qoptions object| sas object| apntag object| _ADAGIO object| auvars object| publink_options number| google_unique_id object| coreid function| docReady object| autag object| GoogleGcLKhOms object| xl8img object| google_image_requests object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_134 object| Criteo_prebid_134

224 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQgqaR69UxCgoIkQIQgqaR69UxCgoItAIQgqaR69UxCgoI5gEQgqaR69UxCgoIhwIQgqaR69UxCgoItwIQgqaR69UxCgkIOhCCppHr1TEKCgiMAhCCppHr1TEKCQhfEIKmkevVMQoJCB8QgqaR69Ux
mtnc.yazdangh.site/ Name: ASP.NET_SessionId
Value: k3irvmravp4tfpk3otnruwqj
.yazdangh.site/ Name: _ga
Value: GA1.2.81821566.1706668867
.yazdangh.site/ Name: _gid
Value: GA1.2.1492888243.1706668868
.yazdangh.site/ Name: _gat_gtag_UA_131485669_1
Value: 1
.yazdangh.site/ Name: _ga_8C95YRZHMZ
Value: GS1.1.1706668867.1.0.1706668867.0.0.0
mtnc.yazdangh.site/ Name: _lr_geo_location
Value: US
mtnc.yazdangh.site/ Name: _lr_geo_location_state
Value: FL
mtnc.yazdangh.site/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.onesignal.com/ Name: __cf_bm
Value: w.WKGuFJ_BECWlT.4Apee3XYVLK5EqBbkiOyCQQR494-1706668868-1-AfVjlgYr9Pu6QHcZ8b8Kkiqa45yMA4eV4BxunoIms+JJuqalPnzKDSADR8DRgmHw759FlFiIQaslJnXPUzrb2Wo=
.adsrvr.org/ Name: TDID
Value: b9981059-739e-4e10-a96d-9edd1611ca81
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.lijit.com/ Name: ljt_reader
Value: IFMBABZHXrdpTF1UQV-NLIT9
.the-ozone-project.com/ Name: __cf_bm
Value: Nse.M51e3POZeSlOg.dVar1tm0ELTRk774jLcdAWY5o-1706668868-1-AT49iL+lDxujw3GKk4Ba/p9VJyI+WLSrU0ty6K4uJE+0CU+L2fJSlVMALFrybTMV/wbL981Wr4adz48P9pCBqsc=
.openx.net/ Name: i
Value: c0e00351-fcc2-4d8b-8b70-d66840c2e367|1706668868
.prebid.a-mo.net/ Name: __amc
Value: 1_1706668868_1706668868
.a-mo.net/ Name: amuid2
Value: bf368814-a000-427c-8e0d-fef8d691693c
.prebid.a-mo.net/ Name: sd_amuid2
Value: bf368814-a000-427c-8e0d-fef8d691693c
.go.sonobi.com/ Name: __uis
Value: e6222f8b-9e69-48ea-9506-6b2feb1a3097
.go.sonobi.com/ Name: _usd_mtnc.yazdangh.site
Value: cccab7e8-61a7-417d-9557-d32e43094342
.go.sonobi.com/ Name: __uih
Value: 1
.kargo.com/ Name: ktcid
Value: b14a2571-d905-03a0-15ed-1c68ffbbba84
.rubiconproject.com/ Name: khaos
Value: LS16KVDN-1Z-BKXU
.yazdangh.site/ Name: _au_1d
Value: AU1D-0100-001706668869-NC0ND848-F2P9
.yazdangh.site/ Name: _au_last_seen_pixels
Value: eyJhcG4iOjE3MDY2Njg4NjksInR0ZCI6MTcwNjY2ODg2OSwicHViIjoxNzA2NjY4ODY5LCJydWIiOjE3MDY2Njg4NjksInRhcGFkIjoxNzA2NjY4ODY5LCJhZHgiOjE3MDY2Njg4NjksImdvbyI6MTcwNjY2ODg2OSwiY29sb3NzdXMiOjE3MDY2Njg4NjksInBwbnQiOjE3MDY2Njg4Njl9
.quantserve.com/ Name: mc
Value: 65b9b345-22ae1-c235a-74871
.yazdangh.site/ Name: __qca
Value: P0-764791354-1706668868853
.omnitagjs.com/ Name: ayl_visitor
Value: 0c9f90e843da61e3f1aed780a36e11a6
.adnxs.com/ Name: XANDR_PANID
Value: n4Jdmtk92WW0QW0VWIbhs-3hD9DYNn5UGQfSeoYAY8V09HrN10ysBv9NQgYPM60-9zAdXnHRBZ1ouaBw7rWQ7kcXsxfjPsuBdOyPnXoF6a0.
.adnxs.com/ Name: uuid2
Value: 2306962077708004521
.tapad.com/ Name: TapAd_TS
Value: 1706668869253
.tapad.com/ Name: TapAd_DID
Value: f09cef3f-1901-42e1-9971-5f901e32b7f7
.cpx.to/ Name: cpSess
Value: a69a007bc4f7472
.ad.gt/ Name: au_id
Value: AU1D-0100-001706668869-NC0ND848-F2P9
.colossusssp.com/ Name: gtm_usr
Value: 07f06953-ba87-4281-9bb4-f437731cc030
.colossusssp.com/ Name: lmg_r
Value: 66
.yazdangh.site/ Name: __gads
Value: ID=80b4a9f6cd7a034f:T=1706668869:RT=1706668869:S=ALNI_MZVVjVk0EiermY7j1Xp7qTOuOvAvg
.yazdangh.site/ Name: __gpi
Value: UID=00000dbc4506b5ee:T=1706668869:RT=1706668869:S=ALNI_MZlnFT2cctR8ktvFa0GHYkVAM049w
.yazdangh.site/ Name: __eoi
Value: ID=0071f067ee5f604a:T=1706668869:RT=1706668869:S=AA-AfjZCZ2prReZGEMjPUDBEMZUf
.pubmatic.com/ Name: KADUSERCOOKIE
Value: BED543C3-DDAA-4404-9C99-43762BCDF25A
.doubleclick.net/ Name: IDE
Value: AHWqTUke5VwUmq7O3KxWHbApDnu4C6UNkZbdDW4HEaAxzMArZSCOoICw9dMHnVd28LE
.contextweb.com/ Name: V
Value: 3KEwEOmCDu6O
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: ce385e4ebacda2a2
.cpx.to/ Name: dsp_pubmatic
Value: BED543C3-DDAA-4404-9C99-43762BCDF25A#1706668869521
.cpx.to/ Name: dsp_dbm
Value: CAESEKt9UENBRn9xGozoHMANpqA#1706668869528
.cpx.to/ Name: dsp_OPENX
Value: 5371101b-69ed-4e73-b330-e62c2572cf18#1706668869560
.cpx.to/ Name: dsp_app_nexus
Value: 2306962077708004521#1706668869614
.cpx.to/ Name: dsp_pub_common
Value: c0e00351-fcc2-4d8b-8b70-d66840c2e367#1706668869614
.cpx.to/ Name: dsp_TTD
Value: b9981059-739e-4e10-a96d-9edd1611ca81#1706668869614
.cpx.to/ Name: dsp_rubicon
Value: LS16KVDN-1Z-BKXU#1706668869624
.exelator.com/ Name: EE
Value: "5b6a1c586bb28b42691cc7d42ab498eb"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcE0ySzRMNnUwiwpycgiycTIzNIwOdk8xcQoMcnE0iI1aXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6otDgxUUpaQyLSopPBR9btwkAseUrBg%253D%253D"
.rlcdn.com/ Name: rlas3
Value: xX2FaDb7pNTb2C1VRia+/UXBP3dMEJ6XWIDC50losrg=
.rlcdn.com/ Name: pxrc
Value: CMbm5q0GEgUI6AcQABIGCJasKxAA
.twitter.com/ Name: personalization_id
Value: "v1_P2IuRbV9j00iXkzAFPf2VA=="
.amazon-adsystem.com/ Name: ad-id
Value: Awj5eVvVFEXVgPYdRKa-HX8
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.imrworldwide.com/ Name: IMRID
Value: 31389550-bfe2-11ee-89ec-ab3a41fdbb58
.360yield.com/ Name: tuuid
Value: d6f1afb1-0dca-4ba7-8eb1-2598288c441a
.360yield.com/ Name: tuuid_lu
Value: 1706668870
.360yield.com/ Name: um
Value: !79,Bk3txnKAQL-18L5rTrHCpRDd3QRsCueA4uanNodE5uLl5td4bU472YzXS.1P7Huu7YtQ0wp-dcrIjr2c,1714444871
.360yield.com/ Name: umeh
Value: !79,0,1768876871,-1
.ipredictive.com/ Name: cu
Value: 9168d22e-ee59-4ba9-9899-5003b4d003be|1706668871652
mtnc.yazdangh.site/ Name: _lr_retry_request
Value: true
mtnc.yazdangh.site/ Name: _lr_env_src_ats
Value: false
.openx.net/ Name: pd
Value: v2|1706668872|vMgavPkWgyiK
.criteo.com/ Name: uid
Value: 99fcf3da-56b3-40eb-8a18-ee7d56b694b8
.3lift.com/ Name: tluid
Value: 2721468381940455947672
.33across.com/ Name: check
Value: true
.the-ozone-project.com/ Name: ozone_uid
Value: 2bhYeTHeqNzk6uJ18kM3fYUKV0M
.openx.net/ Name: univ_id
Value: 537072971|b9981059-739e-4e10-a96d-9edd1611ca81|1706668872417598
.casalemedia.com/ Name: CMID
Value: ZbmzSMAfevku92bB7ta-rwAA
.casalemedia.com/ Name: CMPS
Value: 1524
.casalemedia.com/ Name: CMPRO
Value: 1524
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZbmzSAABU_vngQBK
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzsDQwNzI3NTQ2MjYwM7MwFuIz1I1w9sjLCHA0NfOOjAQAdTyp2iQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzsDQwNzI3NTQ2MjYwM7MwFuIz1I1w9sjLCHA0NfOOjAQAdTyp2iQAAAA
.bidswitch.net/ Name: tuuid
Value: d9bd276a-98a3-4198-8d32-4153ad57123c
.bidswitch.net/ Name: c
Value: 1706668872
.bidswitch.net/ Name: tuuid_lu
Value: 1706668872
.ads.pubmatic.com/ Name: KCCH
Value: YES
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2.SaVB4ZPWZoJCJYf6BobQFVtoTzLFHBGyhJD4Dai6Uus
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2.SaVB4ZPWZoJCJYf6BobQFVtoTzLFHBGyhJD4Dai6Uus
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A-tBDgfwlV_hvwp42xPpc4iaEdkY.EF3y0bHJDef4jgl6wcictFqTQBPGeu2zaguJ3BakQTI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A-tBDgfwlV_hvwp42xPpc4iaEdkY.EF3y0bHJDef4jgl6wcictFqTQBPGeu2zaguJ3BakQTI
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAPUedzHQELGu9dQtoE8inZnRYgwfzgcKmWRYGWBTArwEHwYBCDI5uatBjABOgQ7vvenQgRN9CH0.Dwe%2F6txfZNzDNKn%2FlfAZT%2BvrrmKdbFezV%2Fns9zCCMJk
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAPUedzHQELGu9dQtoE8inZnRYgwfzgcKmWRYGWBTArwEHwYBCDI5uatBjABOgQ7vvenQgRN9CH0.Dwe%2F6txfZNzDNKn%2FlfAZT%2BvrrmKdbFezV%2Fns9zCCMJk
.go.sonobi.com/ Name: __uir_an
Value: 146604722953443384
.go.sonobi.com/ Name: __uin_an
Value: 2306962077708004521
.go.sonobi.com/ Name: __uir_td
Value: 146604722953443384
.go.sonobi.com/ Name: __uin_td
Value: b9981059-739e-4e10-a96d-9edd1611ca81
.go.sonobi.com/ Name: __uir_pp
Value: 146604722953443384
.go.sonobi.com/ Name: __uin_pp
Value: 3KEwEOmCDu6O
.go.sonobi.com/ Name: __uir_zt
Value: 146604722953443384
.go.sonobi.com/ Name: __uin_zt
Value: 968907275132306683
.yahoo.com/ Name: A3
Value: d=AQABBEizuWUCEMBBYqg_zllr7qzzZZzVvCkFEgEBAQEEu2XDZQAAAAAA_eMAAA&S=AQAAAkakcBYcOeJwPx0APeReuTs
.go.sonobi.com/ Name: __uir_st
Value: 146604722953443384
.go.sonobi.com/ Name: __uin_st
Value: -tBDgfwlV_hvwp42xPpc4iaEdkY
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtobmBmZmZhYW5kamG6ShSJb2JiBgCKRViWIAAAAA
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.linkedin.com/ Name: li_sugr
Value: eddbd301-017a-42d7-aef1-02eec8d3f6c3
.linkedin.com/ Name: bcookie
Value: "v=2&885d9a0d-80cd-41e3-8d58-493feb7252a2"
.linkedin.com/ Name: lidc
Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2692:u=1:x=1:i=1706668872:t=1706755272:v=2:sig=AQGTeGNZEtYKY6oXXrg7DeGRH2gruQyZ"
.pubmatic.com/ Name: DPSync3
Value: 1707868800%3A263_201%7C1706745600%3A248%7C1707264000%3A265
.adx.opera.com/ Name: UID
Value: OPU4bd463b7bbca48b184a928935b34d339
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwiisL7Rg4TRPBAFEhYKB3J1Ymljb24SCwiQkr_xg4TRPBAFGAEgAigCMgsI9OOlnZqE0TwQBTgBWgd1NDBjcHV3YAI.
.go.sonobi.com/ Name: __uir_oa
Value: 146604722953443384
.go.sonobi.com/ Name: __uin_oa
Value: OPU4bd463b7bbca48b184a928935b34d339
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQCDate
Value: 1706668872746
.creativecdn.com/ Name: g
Value: i0nXKEGJuifkMIUqLCOF_1706668872689
.go.sonobi.com/ Name: __uir_bw
Value: 146604722953443384
.go.sonobi.com/ Name: __uin_bw
Value: d9bd276a-98a3-4198-8d32-4153ad57123c
.smartadserver.com/ Name: pid
Value: 5467970659483353521
.quantserve.com/ Name: d
Value: EO8BCwGEK_ijAA
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2306962077708004521&KRTB&23339-2306962077708004521
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-9168d22e-ee59-4ba9-9899-5003b4d003be&KRTB&23011-9168d22e-ee59-4ba9-9899-5003b4d003be&KRTB&23355-9168d22e-ee59-4ba9-9899-5003b4d003be
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-b9981059-739e-4e10-a96d-9edd1611ca81&KRTB&22918-b9981059-739e-4e10-a96d-9edd1611ca81&KRTB&22926-b9981059-739e-4e10-a96d-9edd1611ca81&KRTB&23031-b9981059-739e-4e10-a96d-9edd1611ca81
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESECy3PLhDm3XkOPLTR4Jl9Dg&KRTB&23025-CAESECy3PLhDm3XkOPLTR4Jl9Dg&KRTB&23386-CAESECy3PLhDm3XkOPLTR4Jl9Dg
.turn.com/ Name: uid
Value: 2417723234098269795
.deepintent.com/ Name: CDIUSER
Value: di_6950bcb84ecf484c8c497
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220240131%22%7D
.simpli.fi/ Name: suid
Value: D0C3B5AA26FB41FBB857059B376B5E1C
.gumgum.com/ Name: vst
Value: u_178fc123-b232-4cfb-9be3-6d484626b828
.criteo.com/ Name: partitioned_bundle
Value: dkwBoF9meHNRZWFpUTA1UkhEaGtqdmNyUktFeTNKJTJGSkY4d2RqbzEyQTExOHhzMHpyMkN2ZlVRelBpOWpqMUI3bG1aN1VpUjRUZTRvQ29WaFFQSGV2c3pkNEpubmdyUU1hWUJxTFJEYXhyeDUlMkZuVmVGJTJCSkVDbEpLdnNrMGF5Tk9QOFkwR3BlRWs2dVF3cEVCTEVLbFJoS3Byb25wUmprJTJGWWUlMkJRbzBuQnNTSHYlMkIxUVpka0k1RzFDRDAxTnpyaVFncyUyQnRiMQ
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923--KDlrKyms6Djp7X0q6Sq9vymsvTjorOt-aRbXsn4&KRTB&19420--KDlrKyms6Djp7X0q6Sq9vymsvTjorOt-aRbXsn4&KRTB&22979--KDlrKyms6Djp7X0q6Sq9vymsvTjorOt-aRbXsn4&KRTB&23462--KDlrKyms6Djp7X0q6Sq9vymsvTjorOt-aRbXsn4
.yazdangh.site/ Name: cto_bidid
Value: I28IiV9HSkdSRzRmdiUyQnN5aXNSb0olMkZnT1ZqZk5ybU54ZyUyQkF2SXBKTUlSTElXQjRna0dOMEdRU2xwUDR4TXVnaENJNFpYSUNOeHliQ1Y2Q1NKT1g5JTJGdzJtMHQ5VjVTRmtoeTNLSVZxVkpWejNzdmU4JTNE
.yazdangh.site/ Name: cto_bundle
Value: p2JBq19EZHdSZFU2T3AyNFZEdnFMVGZHbXVKcGtGNXRVS0J1NThBMXB0bkxwdzVvcWdOWFJRNmhJenRGT0t0SDVYR3BLemtyZTcwazh4UGFYenlLb1dVc2Y2amdhVTJlQXNKTVlzbkNxVXRtUVclMkZBV2pYRWNOJTJCSENvNktoQk5xV05WZkNkSmVBZURMa200djdta0VCa3hoNiUyRmclM0QlM0Q
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_32aa74d0-bfe2-11ee-ad91-121a6d1d7927
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2417723234098269795&KRTB&23150-2417723234098269795&KRTB&23527-2417723234098269795
.richaudience.com/ Name: pdid
Value: f84238f2-f10a-495d-b7ee-1zz1706668849
.mxptint.net/ Name: mxpim
Value: R33647_110214631_A6B78A3A.1.000000000000000065B9B348
sync.a-mo.net/ Name: amdgt_lk%40cfs
Value: 1
.adgrx.com/ Name: ADGRX_UID
Value: 32ae9830-bfe2-11ee-8a80-b0ba7ef1e82d
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:D0C3B5AA26FB41FBB857059B376B5E1C&KRTB&23486-uid:D0C3B5AA26FB41FBB857059B376B5E1C&KRTB&23489-uid:D0C3B5AA26FB41FBB857059B376B5E1C&KRTB&23539-uid:D0C3B5AA26FB41FBB857059B376B5E1C
.w55c.net/ Name: wfivefivec
Value: 3GHVfCkF1Rv0xi5
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_449c5e5c-ff06-41db-be24-a766b1a21d72
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!746-2!746
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33647_110214631_A6B78A3A&KRTB&23092-R33647_110214631_A6B78A3A
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.bidr.io/ Name: bitoIsSecure
Value: ok
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~2ghe:18vk~2ghe:19e0~2ghe"
.bidr.io/ Name: bito
Value: AABolE7Lc2cAABQDDdU_yQ
.w55c.net/ Name: matchpubmatic
Value: 5
.dotomi.com/ Name: DotomiTest
Value: 3b0c7174419206dd
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.id5-sync.com/ Name: id5
Value: 6a33e1a9-b2b7-7814-8527-1cb4829ba98b#1706668870643#3
.sharethrough.com/ Name: stx_user_id
Value: 489bcaaf-107f-4af8-9692-d5908a703c6b
.sync.a-mo.net/ Name: _sv3_13
Value: 1
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.sync.a-mo.net/ Name: _sv3_0
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-32ae9830-bfe2-11ee-8a80-b0ba7ef1e82d&KRTB&23275-32ae9830-bfe2-11ee-8a80-b0ba7ef1e82d
.go.sonobi.com/ Name: __uir_rh
Value: 146604722953443384
.go.sonobi.com/ Name: __uin_rh
Value: 3aEA_qeNdHMj2WIdj7sL6wdCV7jMRgBIKgraWU5SGwE
.go.sonobi.com/ Name: HAPLB8G
Value: s86145|ZbmzT
.sync.a-mo.net/ Name: _sv3_2
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:3GHVfCkF1Rv0xi5&KRTB&23421-uid:3GHVfCkF1Rv0xi5
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-d9bd276a-98a3-4198-8d32-4153ad57123c
.richaudience.com/ Name: raibs
Value: 1
.a-mx.com/ Name: amdt_t
Value: p::1706668873046
.a-mx.com/ Name: amuid2
Value: bf368814-a000-427c-8e0d-fef8d691693c
.adnxs.com/ Name: anj
Value: dTM7k!M40*h.v04ghqdmU(3#kkxE28#?nG5Ner+l$doXBRgkoF2msWq/A@/$%^)U6=.vGD?hCA(J$1pcNN9E%]d!b*<5F@jf]Iy-Z6:)XGmD-fFZPz3Cxt]GDYz*6GU[DsY::M?Ex%T:FpZ-rW1.!uf1^.5eCoJYGmZwSp5R>W*tCU_-B)hC(lGb%>w-/6ISrY[
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIyNzIxNDY4MzgxOTQwNDU1OTQ3NjcyIiwiZXhwaXJlcyI6IjIwMjQtMDQtMzBUMDI6NDE6MTJaIn0sImFteCI6eyJ1aWQiOiJiZjM2ODgxNC1hMDAwLTQyN2MtOGUwZC1mZWY4ZDY5MTY5M2MiLCJleHBpcmVzIjoiMjAyNC0wNC0zMFQwMjo0MToxMloifSwicnViaWNvbiI6eyJ1aWQiOiJMUzE2S1ZETi0xWi1CS1hVIiwiZXhwaXJlcyI6IjIwMjQtMDQtMzBUMDI6NDE6MTNaIn19LCJiaXJ0aGRheSI6IjIwMjQtMDEtMzFUMDI6NDE6MTJaIn0=
.sync.a-mo.net/ Name: _sv3_14
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAB9atmfuFoPANrEHBjAAAAAAA&KRTB&22713-AAAB9atmfuFoPANrEHBjAAAAAAA&KRTB&22715-AAAB9atmfuFoPANrEHBjAAAAAAA&KRTB&23519-AAAB9atmfuFoPANrEHBjAAAAAAA
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiYmYzNjg4MTQtYTAwMC00MjdjLThlMGQtZmVmOGQ2OTE2OTNjIiwiZXhwaXJlcyI6IjIwMjQtMDItMTRUMDI6NDE6MTMuMTcxODI5Nzg1WiJ9fX0=
.smartadserver.com/ Name: csync
Value: 127:AABolE7Lc2cAABQDDdU_yQ
.lijit.com/ Name: _ljtrtb_80
Value: LS16KVDN-1Z-BKXU
.a-mo.net/ Name: amdt_t
Value: h::1706668873252
.richaudience.com/ Name: avcid-imd-uid
Value: d6f1afb1-0dca-4ba7-8eb1-2598288c441a
.richaudience.com/ Name: avcid-bsx-uid
Value: AABolE7Lc2cAABQDDdU_yQ
.rtb.mx/ Name: amdt_t
Value: g::1706668873328
.rtb.mx/ Name: amuid2
Value: 5714f2f9-8dbb-480e-aa06-b40b37a2b308
.sitescout.com/ Name: ssi
Value: 95acaf6b-70a7-4062-be60-62219d850a80#1706668873415
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 212d318e-df86-531f-9250-89e9f7e93aa0
.betweendigital.com/ Name: ss
Value: 1
.id5-sync.com/ Name: 3pi
Value: 2#1706668871398#1800891645#2306962077708004521|264#1706668872629#-1729412445#b9981059-739e-4e10-a96d-9edd1611ca81|441#1706668872956#-890677850#u_178fc123-b232-4cfb-9be3-6d484626b828|203#1706668872424#427488785#99fcf3da-56b3-40eb-8a18-ee7d56b694b8|155#1706668873180#1773632510#AABolE7Lc2cAABQDDdU_yQ|124#1706668871152#1508281930|796#1706668871749#-1181673504|429#1706668873383#385507396#BED543C3-DDAA-4404-9C99-43762BCDF25A
.technoratimedia.com/ Name: tads_uidp_16
Value: 1547975003335
.technoratimedia.com/ Name: tads_uidp_37
Value: edea35de-2f3f-3416-87f9-bdfd6256822d
.technoratimedia.com/ Name: tads_uidp_44
Value: LHMXABVU-27-B1KE
.technoratimedia.com/ Name: tads_uidp_45
Value: A6016292-7C09-4AAF-B0D3-62E359EF2284
.technoratimedia.com/ Name: tads_uidp_46
Value: 690551261137525212
.technoratimedia.com/ Name: tads_uidp_48
Value: d25fe073-ef08-44b5-936e-519782a87488
.technoratimedia.com/ Name: tads_uidp_49
Value: AQEIwPEjJJevjQEsSaBjAQEBAQE
.technoratimedia.com/ Name: tads_uidp_50
Value: 2365189a-dedb-0647-1d5d-4b865ee9aed3
.technoratimedia.com/ Name: tads_uidp_61
Value: 212440372118725
.technoratimedia.com/ Name: tads_uidp_62
Value: 3270405506947845000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: y3qJsmQIlyNMAsMut_vnDKOF_j7XTwcu
.technoratimedia.com/ Name: tads_uidp_7
Value: 891f1648-d8eb-4d1b-b604-e1d21b23e3ac
.technoratimedia.com/ Name: tads_uidp_70
Value: 1674043991941-957306093047-001464-009-005972
.technoratimedia.com/ Name: tads_uidp_73
Value: AABolE7Lc2cAABQDDdU_yQ
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-b516db89-6ad9-45e8-9f31-952c95adb50c-005
.technoratimedia.com/ Name: tads_uidp_77
Value: GOHcGFmYUJlzwkkbM2nMaiGQHrac6wLBuhdCr6-iJr4
.technoratimedia.com/ Name: tads_uidp_79
Value: 9720387d-e078-4c36-a2b9-57a5b02ac3c6
.technoratimedia.com/ Name: tads_uidp_80
Value: y-AS85HYlE2uEEc1E2nS_7odyTC9tKa.om~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZbjKgxbAuXjJc0W-2JSlLQAA&1493
.technoratimedia.com/ Name: tads_uidp_83
Value: ELWDeiSWkKiw
.technoratimedia.com/ Name: tads_uidp_88
Value: 1846396382610829953045
.technoratimedia.com/ Name: tads_uidp_90
Value: 62420b2c-93b6-4958-86ee-d0a539a95879
.technoratimedia.com/ Name: tads_uidp_91
Value: 6493335838109300398brt76151639261561881074b6
.technoratimedia.com/ Name: tads_uid
Value: 0ACA07A79B244833993E8B9798357D18
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230514043511+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1706659281636
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwNjY2ODg3MzQ2M30
.betweendigital.com/ Name: ut
Value: ZbmzSQAHP3iH-QxRmxNTcSh5DLNLwe6iHFZHXA==
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-95acaf6b-70a7-4062-be60-62219d850a80-65b9b349-5553&KRTB&23418-95acaf6b-70a7-4062-be60-62219d850a80-65b9b349-5553
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1pf9|4is.0.CAESEEUeDul04rKFNBjoF3iQ1gI|7LJ.0.e6222f8b-9e69-48ea-9506-6b2feb1a3097|7dN.0.AABolE7Lc2cAABQDDdU_yQ
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABolE7Lc2cAABQDDdU_yQ
.pubmatic.com/ Name: PugT
Value: 1706626544
.richaudience.com/ Name: avcid-bsw-uid
Value: d9bd276a-98a3-4198-8d32-4153ad57123c
.creativecdn.com/ Name: ts
Value: 1706668873
.rubiconproject.com/ Name: audit
Value: 1|tcR/wBEzWcKMxJtTrWQBJKS5Bv7H1ouoxdnNVF8ci151n8s9Vhf95oQ7IKxztwtDHemoUt9bS2UPioHpVsartSyQGE9NjIxihmX95CMuKaJed0KbPRfgvA==
.pubmatic.com/ Name: KRTBCOOKIE_632
Value: 23041-3aEA_qeNdHMj2WIdj7sL6wdCV7jMRgBIKgraWU5SGwE&KRTB&23047-3aEA_qeNdHMj2WIdj7sL6wdCV7jMRgBIKgraWU5SGwE&KRTB&23234-3aEA_qeNdHMj2WIdj7sL6wdCV7jMRgBIKgraWU5SGwE&KRTB&23361-3aEA_qeNdHMj2WIdj7sL6wdCV7jMRgBIKgraWU5SGwE
.pubmatic.com/ Name: SPugT
Value: 1706668873
.the-ozone-project.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiIyMzA2OTYyMDc3NzA4MDA0NTIxIiwiZXhwaXJlcyI6IjIwMjQtMDItMTRUMDI6NDE6MTMuNDI3MTgwMTU3WiJ9LCJpeCI6eyJ1aWQiOiJaYm16U01BZmV2a3U5MmJCN3RhLXJ3QUFcdTAwMjYxNTI0IiwiZXhwaXJlcyI6IjIwMjQtMDItMTRUMDI6NDE6MTMuMjE5MjgzNTQ2WiJ9LCJvcGVueCI6eyJ1aWQiOiIyYTkyYjNjNy1lY2RhLTQxOTUtYmEyYS1kZTk1YTViZTEyMTciLCJleHBpcmVzIjoiMjAyNC0wMi0xNFQwMjo0MToxMi45NjY5MzY0NjVaIn0sInJ1Ymljb24iOnsidWlkIjoiTFMxNktWRE4tMVotQktYVSIsImV4cGlyZXMiOiIyMDI0LTAyLTE0VDAyOjQxOjEzLjkxMDM5OTIxNVoifSwic21hcnQiOnsidWlkIjoiNTQ2Nzk3MDY1OTQ4MzM1MzUyMSIsImV4cGlyZXMiOiIyMDI0LTAyLTE0VDAyOjQxOjEzLjc2Njk1NDg3M1oifSwidHJpcGxlbGlmdCI6eyJ1aWQiOiIyNzIxNDY4MzgxOTQwNDU1OTQ3NjcyIiwiZXhwaXJlcyI6IjIwMjQtMDItMTRUMDI6NDE6MTIuNTM2MjU4MzI5WiJ9LCJ0dGQiOnsidWlkIjoiYjk5ODEwNTktNzM5ZS00ZTEwLWE5NmQtOWVkZDE2MTFjYTgxIiwiZXhwaXJlcyI6IjIwMjQtMDItMTRUMDI6NDE6MTIuNjk0OTU1MDQ2WiJ9fSwiYmRheSI6IjIwMjQtMDEtMzFUMDI6NDE6MTIuNTM2MjUzNzY5WiJ9
.sync.a-mo.net/ Name: _sv3_4
Value: 1
.pubmatic.com/ Name: SyncRTB3
Value: 1707264000%3A15_2_223%7C1707523200%3A63%7C1707868800%3A165_48_71_55_13_231_250_21_220_5_104_266_178_166_22_56_8_3_54
.pubmatic.com/ Name: ipc
Value: 0^^2^0
.pubmatic.com/ Name: pi
Value: 0:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5

8 Console Messages

Source Level URL
Text
other warning URL: https://p.ad.gt/api/v1/p/288
Message:
Unrecognized feature: 'attribution-reporting'.
javascript error URL: https://mtnc.yazdangh.site/
Message:
Access to XMLHttpRequest at 'https://cloudflareinsights.com/cdn-cgi/rum' from origin 'https://mtnc.yazdangh.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cloudflareinsights.com/cdn-cgi/rum
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mtnc.yazdangh.site/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=2173' from origin 'https://mtnc.yazdangh.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=2173
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://eb2.3lift.com/xuid?mid=2711&xuid=99fcf3da-56b3-40eb-8a18-ee7d56b694b8&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20BED543C3-DDAA-4404-9C99-43762BCDF25A&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=mtnc.yazdangh.site&e=27&uid=bf368814-a000-427c-8e0d-fef8d691693c(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://mtnc.yazdangh.site').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8492babfad9c3c8e261c0201eda94599.safeframe.googlesyndication.com
a.ad.gt
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
analytics.twitter.com
ap.lijit.com
apex.go.sonobi.com
api.intentiq.com
api.rlcdn.com
assets.a-mo.net
ats.rlcdn.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
c3.a-mo.net
cadmus.script.ac
cdn.edkt.io
cdn.exelator.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.indexww.com
ce.lijit.com
cloudflareinsights.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
core.iprom.net
crb.kargo.com
creativecdn.com
csync.loopme.me
d.adroll.com
dis.criteo.com
dis.eu.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
elb.the-ozone-project.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
gum.criteo.com
hb-api.omnitagjs.com
hb.vntsm.com
hb.vntsm.io
hb.yahoo.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
ice.360yield.com
id.a-mx.com
id.hadron.ad.gt
id.rtb.mx
id5-sync.com
ids.ad.gt
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
js-sec.indexww.com
krk.kargo.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mp.4dex.io
mtnc.yazdangh.site
mug.criteo.com
mydmp.exelator.com
nmcsync.imrworldwide.com
onsite-tag-logs.apps.nielsen.com
ow.pubmatic.com
p.ad.gt
p.cpx.to
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixels.ad.gt
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.cpx.to
s.tribalfusion.com
script.4dex.io
secure-assets.rubiconproject.com
secure-gl.imrworldwide.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
shb.richaudience.com
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.cloudflareinsights.com
static.criteo.net
sync-dmp.mobtrakk.com
sync-tm.everesttech.net
sync.1rx.io
sync.a-mo.net
sync.bfmio.com
sync.colossusssp.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.venatusmedia.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
venatusmedia-d.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
ad.mrtnsvr.com
api.rlcdn.com
cloudflareinsights.com
core.iprom.net
image2.pubmatic.com
sync-dmp.mobtrakk.com
sync.richaudience.com
104.18.38.76
104.18.43.178
104.244.42.131
104.36.113.110
104.36.115.111
104.36.115.113
107.178.254.65
13.32.151.38
131.153.242.59
142.251.16.157
147.135.119.114
147.28.146.89
151.101.66.49
162.19.138.116
162.19.138.117
162.248.18.34
162.55.120.196
162.55.233.29
172.240.127.129
172.240.155.76
172.64.151.101
178.250.1.9
18.200.207.104
18.238.55.58
185.167.164.49
185.184.8.90
192.184.69.215
198.148.27.131
199.38.167.131
204.237.133.243
205.251.251.220
207.198.113.86
208.115.232.150
216.200.232.249
23.105.12.158
23.105.12.172
23.198.95.152
23.215.40.187
23.215.40.199
23.23.156.183
23.35.158.76
23.48.9.103
23.58.127.99
23.58.232.192
2400:52e0:1a00::845:1
2600:1f18:4e9:5a02:7a40:2956:c998:e321
2600:1f18:61c0:2205:c006:9cb1:4bb0:4b28
2600:9000:269f:1000:1e:a43d:b640:93a1
2600:9000:26a0:1400:6:44e3:f8c0:93a1
2602:803:c002:200::32
2603:c020:400d:3000:67b7:1059:7283:c690
2606:4700:10::6816:3556
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:246e
2606:4700:10::ac43:2483
2606:4700:20::681a:346
2606:4700:20::681a:9a9
2606:4700:3031::6815:5b03
2606:4700:4400::6812:22b2
2606:4700::6810:3965
2606:4700::6812:1691
2606:4700::6812:18ad
2606:4700::6813:9e13
2606:ae80:1471:11::440
2606:ae80:1471:13::820
2607:f350:3:2569:0:10:0:a
2607:f350:3:2569:0:10:0:d
2607:f8b0:4004:c06::61
2607:f8b0:4004:c06::9b
2607:f8b0:4004:c07::84
2607:f8b0:4004:c08::8b
2607:f8b0:4004:c0b::5e
2607:f8b0:4004:c0b::5f
2607:f8b0:4004:c17::6a
2607:f8b0:4004:c17::84
2607:f8b0:4004:c1b::9d
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:1ec:21::14
3.161.213.118
3.162.3.76
3.162.8.154
3.208.170.161
3.210.33.43
3.211.27.57
3.215.187.101
3.217.51.221
3.222.156.11
3.225.218.10
34.111.113.62
34.120.111.33
34.200.143.154
34.95.69.49
35.174.193.222
35.186.193.173
35.211.178.172
35.214.250.24
35.227.252.103
35.236.220.17
35.244.154.8
35.244.159.8
35.244.193.51
35.71.131.137
35.71.139.29
37.157.6.233
38.98.69.175
40.76.134.238
44.194.20.78
44.218.250.129
50.16.49.36
52.0.156.250
52.19.231.135
52.31.207.164
52.44.173.38
52.46.143.56
52.55.97.47
52.7.244.219
52.71.57.44
54.154.104.171
54.161.18.58
54.163.229.247
54.192.51.26
54.197.121.110
54.204.225.159
54.245.116.245
64.227.64.62
67.220.226.238
68.67.160.24
69.194.240.13
69.90.254.78
74.119.119.139
74.119.119.150
8.18.47.7
8.28.7.83
8.43.72.97
8.43.72.98
82.145.213.8
99.84.252.55
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c5e35862041164f89908f159c040496daeb2fbc341cbca980a58a48a7deab17
0cf13a918dd33438690c38a94ecf6df3216b72a288636269cf4e7c734a85b63c
0f940ce11b34c69244819691130d4fdb4974cac9b3eea798579dcf8fdc835a66
14c6abb30c6e9e78535602294b18ed6df19f83d2e704acd8fef305e9e5e38b42
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1dce6d81144d464eba9beaa4c6c488714237e0ba771aecebd0048bdd4dd21838
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2218553b557772d344674954422c4e111752c907a89f5e8bc7c24a5fc5ee0b26
22e4e23799c85ab58a7f3a58b01e1db5102baed810f095b342d5a3a81555cded
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25b8df945ab6bdb4ac6f55a345112dcdc89907e9b0c37bab18e6fea90ba035ca
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
2644ea1a0fb53b7b0e69ed533e6bf377bdf89f0262d20cfae8da240a62fd7e32
2709f3ec243c8195b6f121f89d5b52acc4044043531193f6cd89eb4321100c91
28078ee4ffaaba4de400d10a5dd1f6d2506ddde91c86e2de4e0d03161de81df5
2874c84bfd818cf5244e09f4fbf690c1ed292f8d71464ffc38f2bc277a661127
2b7d4d9cd90cd11016b78a52abbb0f226be4bda5590babd3dfa1d3d0be4702ae
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e9cea3b8453d7a34904d722de3f4fd8e4da05c0f0fc2382d1fa7a51d472f367
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775
30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
355afc0778b7cd941fe5a3cd5329815ff2796329351fca179721a097ffee996f
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e61fa9bac2b16a8521c9be78f4e2ab6a14d6c67f569b3aeb111386484b2394f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40543bb9c1be35ba405862257fe66d9a2bde6f19fc214f09ab6d60ed2598d704
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476afad407717dbeffaa6aed1dc07e6a20ad161f7868c225641c3defe9091e69
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
508ec1418d9498ff28d313b9972402037e837ceca5c372c672099a23dbdb764d
5127b133655d52e7f123265ea329f9fcb21db9d02bbfd2265cf0a8599e9ebcb2
54292da4d2fbadc171be699a82322c6d9f068c6a5f9e68b100d2d3b42ee0ac64
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b3f3c17fce24d1b88a3de624883c31a597699f1d03049c85b5e94463169b05
58886813491582a52a34cba2454d4c9b88052d692cf4452ea469ff23998e867b
5963155991ef6cccaa5ccde93b269c06161b4e36b2784be6028b78c954a3c569
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5fac76e3fa98868f0ebc57913da81fcfe7c0b2653a172c28bdb2fe0ea98e41b1
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
615c1b091c22ea7fd8aa1415023974431e7fb993bc25f66091770d7e68b7cc3c
61924be56ec2d4b0eb3bf862554a3723ff3b187610d1ecac73bfca112b3ac1f1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6478c995ccdb84ddcf04c7fe507bd4e0e8167ee923732dfaa8859cf1e4f3c56e
64db048b205c91b4c4e9708929d6216c99617f8c582c020f27ac975b901cbd4d
67728c2b28e95e78aad43ea7de27d0f3885b8a9e6629d356dcda7d86d5b1d451
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae369048a3fe9c82cf19b7c9868f2d305558d3e376cf5ffb5e507c8cc7ba7d7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cc5b0b62d31a6ca58d73cca12a23603fac1902cfe4f533abfd03e25b81a5224
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
72862c917bef16944a34b58e8496be05ea9149c34e334f2582e45e3de593508d
73a33d16e57666d3aa4c6319270812fff99bcadfcc269ed93771a2731c26aa6a
73a3f57745fdfa25b572b13fa1b30f686230547bdf0e36fcd4805960784f464e
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74caf538a13c95aefefa22401f38a52b252634be0204da422c5d83d4d8636461
7521206778e780201870e5f767c32bc2624676904b41c1049d3ed19793e941a9
77894d43add0cf8258c722e5abfdb2db6b2cc1abca05c1910dc0d0419a7816aa
7c415e0eb17ead2fb65fed0185e557cc902c67b7b8430678b8a78d86ee9e0b54
7dc6491cd658b489247545e22cb81cf11d2eb9b3388a250d58da6f502c764ea1
81e64eb54991af3af2161d11db3842e61616a72be13841613f4a7b8e7760efae
8286362df68dac29251bd07fffaf93a2d3ab0582c2130b6b4de9415b758f91cc
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
883c6e7dfc6e0a952de508b0dc2077269884ded29e4c6f99593a1b467466c6a7
88bda303970cebf8571ca7a159910483fc43bdeaffad29fc3d69aece59307b93
8a018ad86f6f966a21ca8a22cbacf44a04636f5ba44b13c78c3f005d401b8541
8dac0262ab4d0df9630994eef09447fb846bf1d5503b33888db25782435b7ea5
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
92a5cbf49c469196256b915a5c9ab52445529066ad8c736a0cfbc8ec05c4cec6
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
94f7528b0dfe326666c3f428871cedd3771cb0cc3efd4c2afa729afc018e504d
961813c2cc407cc2f799d1d4b17e1bb11730d890608625f8b74513143614f9b2
97bd8ea8c5b12567d373018f45894f1af838d8570a0153cdc0306dbfa120913b
9847c10d8212f9ea8081496cac070912c80e13a044d6053d9c405ce18c47edfc
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ac06ddbf9e71000fb8f9af22735a9d38de31bb12b15410f060c95c05ffee249
a03aa4f7447066097f6b81dc3baf12a72bfd4509e95539a2e5141931cc4e5acf
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f
a403ce276b85b7942a515a1af433b36013955c505e6bfddfa1dcff6a29e21188
a5e8af00cad0f0834c5a6ab19d7a796a4248bd5f917856d4ba80b38fdec7bbb1
a6059ee2b09b16e37311edda3393c4eb91520536ec3654fede8c7060d397128c
a79e82fb537b0621dd3cad7ccff489e28d71450ae91ee4e27b85c5e0f0fd26d9
a7d112928229d82d1ccc8a040623dfdf51c669c9ad50dd3ac87508d893a143d9
a84968788428f98d340f10ada89ecab924a68eea26aaafc0c424edc981a7697e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ada0388477feef72c88dec17af226fcee23d042798e61fc92a15f9adddbffa5a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5761dd6523004c06a60aa9f4f64f95d6be46f6599a301b75ea7b1df8f9d9e83
b63e543d612152f5b04c6e77f5f8797cb13416c9c2e4440705565bb60d9d8373
b6648d7775a51d492a10e62bcb5fee038d159891e751e98796e0fffb4451d3af
b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408
b881d6053d16f5e1c4a0173d5167d879f0c42f6d4528813fdaf947931efb64f7
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9
bb1c86172576cab594a1c4454371d15bb430161419c43daf4a44c296e1975c59
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc3d2a38d422c836858e61e56406d51609c770a52ff97e697f1afc1b6f68340a
bec18eb04e6117c19c49960d9310455567e5a1bc27d082335f8783ef87093761
c18f9b1652605be556adc4e15f34f4123314aae74746e7882f5356da748aad68
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c760b6ff83e5b0bbbfc8b7b23e4a17d6431b3b4b41c98766a2a80f44aaa0a261
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d220665dbe19df77bc04607636e16681d9c5b892f6480b84498813ba28d73982
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3
d8fcd8dcd62124ec597d57c34fc482ac3ae7b3deb1a15a71798e5389da4d1a15
ddce7e25f2a9edf200e6fed5e587dc34d5fb77af40bbf72c1b3977f0f99b6fe4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df3b6e724eab0f34bc2e5e67db8583d883bd9cb94a663ce62c7feca25bcc56f6
df6e4cca62bdf0ceb7e3e429d69356f417b255a4e69c1c36331d3d9febfb9660
e07235257fa09e3693b037803ea6340edc76b2c667ec3f3683f1bc44767b9e3b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c2b4076f9261fb16ec3fcc613fcdb3140b400fd9fde0a266df4549b0f4bd79
f29692bed02af855a1b94e4b99ac94de8b6f4a41d86ac6ac2897e47d0a0d66b2
f4e0a880994cde7ba71d7ddc06ee74e9ae3a47dbfca4c699fdf8cea5a53cdad2
fc8784955b40693866aa35b4e2367c0d5920458628704529b500a241eb3fa1d3
ff25a5b0faf999014ddf23de01ab703459bb2821ebcbe7cd6bca6a382d702b8b