urlscan.io logo urlscan.io
SecurityTrails logo

cnz.to Open in urlscan Pro
51.161.66.85  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cnz.to/
Effective URL: https://cnz.to/
Submission: On December 30 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 110 IPs in 9 countries across 121 domains to perform 702 HTTP transactions. The main IP is 51.161.66.85, located in Montreal, Canada and belongs to OVH, FR. The main domain is cnz.to.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 20th 2023. Valid for: a year.
This is the only time cnz.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 38 51.161.66.85 16276 (OVH)
5 172.217.13.138 15169 (GOOGLE)
3 23.223.209.41 20940 (AKAMAI-ASN1)
2 172.217.13.168 15169 (GOOGLE)
1 23.66.228.170 16625 (AKAMAI-AS)
1 174.138.117.212 14061 (DIGITALOC...)
26 151.101.1.181 54113 (FASTLY)
7 172.217.13.196 15169 (GOOGLE)
2 23.56.163.9 16625 (AKAMAI-AS)
6 104.18.214.59 13335 (CLOUDFLAR...)
1 23.223.209.69 20940 (AKAMAI-ASN1)
4 172.217.13.163 15169 (GOOGLE)
2 31.13.71.7 32934 (FACEBOOK)
12 172.217.13.142 15169 (GOOGLE)
8 172.217.13.130 15169 (GOOGLE)
1 23 52.203.254.189 14618 (AMAZON-AES)
7 172.217.13.195 15169 (GOOGLE)
2 138.199.40.58 60068 (CDN77 ^_^)
1 199.232.196.134 54113 (FASTLY)
1 31.13.71.36 32934 (FACEBOOK)
15 3.160.22.10 16509 (AMAZON-02)
1 172.253.63.155 15169 (GOOGLE)
1 104.16.143.23 13335 (CLOUDFLAR...)
1 172.67.164.44 13335 (CLOUDFLAR...)
4 74.119.119.139 19750 (AS-CRITEO)
1 34.120.155.137 396982 (GOOGLE-CL...)
9 10 15.197.193.217 16509 (AMAZON-02)
1 3 35.244.193.51 15169 (GOOGLE)
1 9 172.217.13.98 15169 (GOOGLE)
9 172.217.13.102 15169 (GOOGLE)
3 3.160.3.135 16509 (AMAZON-02)
4 172.217.13.170 15169 (GOOGLE)
1 172.217.13.214 15169 (GOOGLE)
8 172.217.13.161 15169 (GOOGLE)
2 4 3.160.5.46 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
2 35.241.45.217 15169 (GOOGLE)
1 108.156.172.23 16509 (AMAZON-02)
1 18.238.25.98 16509 (AMAZON-02)
5 23.51.57.13 16625 (AKAMAI-AS)
4 4 198.148.27.131 19189 (PULSEPOINT)
2 3 63.251.86.50 10913 (INTERNAP-BLK)
6 24 34.98.64.218 396982 (GOOGLE-CL...)
4 4 23.66.229.147 16625 (AKAMAI-AS)
10 23.56.163.106 16625 (AKAMAI-AS)
4 34.226.253.159 14618 (AMAZON-AES)
5 14 52.223.22.214 16509 (AMAZON-02)
4 10 104.18.36.155 13335 (CLOUDFLAR...)
2 7 172.64.151.101 13335 (CLOUDFLAR...)
2 4 23.83.76.39 395954 (LEASEWEB-...)
1 1 23.56.162.28 16625 (AKAMAI-AS)
3 7 107.23.135.200 14618 (AMAZON-AES)
8 8 68.67.179.166 29990 (ASN-APPNEX)
13 14 35.211.178.172 15169 (GOOGLE)
5 3.225.218.10 14618 (AMAZON-AES)
2 2 23.22.36.112 14618 (AMAZON-AES)
4 34.195.28.76 14618 (AMAZON-AES)
3 3.160.23.31 16509 (AMAZON-02)
3 104.36.115.111 62713 (AS-PUBMATIC)
2 69.173.151.96 26667 (RUBICONPR...)
1 34.204.123.217 14618 (AMAZON-AES)
4 8 35.244.154.8 396982 (GOOGLE-CL...)
2 2 107.178.254.65 396982 (GOOGLE-CL...)
26 70 172.217.13.162 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
7 10 68.67.160.132 29990 (ASN-APPNEX)
4 4 50.116.194.21 6336 (TURN-US-ASN)
3 6 151.101.130.49 54113 (FASTLY)
4 6 52.22.225.85 14618 (AMAZON-AES)
3 11 52.46.151.131 16509 (AMAZON-02)
4 4 74.119.119.150 19750 (AS-CRITEO)
2 8 23.105.12.136 30633 (LEASEWEB-...)
1 15.235.42.104 16276 (OVH)
4 4 192.184.68.149 14618 (AMAZON-AES)
7 7 52.87.108.188 14618 (AMAZON-AES)
16 26 69.173.151.100 26667 (RUBICONPR...)
1 52.203.123.191 14618 (AMAZON-AES)
1 1 8.43.72.97 26667 (RUBICONPR...)
2 13.107.42.14 8068 (MICROSOFT...)
2 3 52.95.126.138 16509 (AMAZON-02)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
1 147.75.195.55 54825 (PACKET)
6 6 52.45.219.8 14618 (AMAZON-AES)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 74.119.119.131 19750 (AS-CRITEO)
2 34.120.107.143 396982 (GOOGLE-CL...)
3 8.43.72.42 26667 (RUBICONPR...)
2 3.222.229.145 14618 (AMAZON-AES)
1 35.190.39.111 15169 (GOOGLE)
2 2 18.205.135.201 14618 (AMAZON-AES)
2 4 35.227.252.103 15169 (GOOGLE)
7 7 207.198.113.88 13768 (COGECO-PEER1)
3 7 34.111.113.62 396982 (GOOGLE-CL...)
2 4 34.102.243.38 396982 (GOOGLE-CL...)
4 8 54.243.90.71 14618 (AMAZON-AES)
42 142.250.80.98 15169 (GOOGLE)
19 172.217.13.193 15169 (GOOGLE)
34 172.217.13.198 15169 (GOOGLE)
6 6 159.127.43.169 25751 (VALUECLICK)
1 1 172.104.105.5 63949 (AKAMAI-LI...)
1 1 31.220.27.155 ()
4 4 124.146.153.169 2514 (INFOSPHER...)
1 2 51.222.39.185 16276 (OVH)
2 2 23.44.201.169 20940 (AKAMAI-ASN1)
1 209.204.227.110 27381 (CASALE-MEDIA)
1 2 69.20.43.192 27357 (RACKSPACE)
7 3.160.22.80 16509 (AMAZON-02)
25 44.241.82.97 16509 (AMAZON-02)
1 142.251.16.156 15169 (GOOGLE)
2 2 18.214.11.191 14618 (AMAZON-AES)
2 2 18.238.25.89 16509 (AMAZON-02)
5 5 199.38.167.130 54312 (ROCKETFUEL)
1 4 169.197.150.7 398989 (DEEPINTENT)
1 172.64.149.180 13335 (CLOUDFLAR...)
1 1 44.215.45.69 14618 (AMAZON-AES)
1 108.156.172.34 16509 (AMAZON-02)
6 108.156.184.111 16509 (AMAZON-02)
1 4 104.18.24.173 ()
3 3 35.194.66.159 396982 (GOOGLE-CL...)
6 6 64.74.236.159 ()
1 1 35.214.242.163 15169 (GOOGLE)
1 2 23.51.57.155 16625 (AKAMAI-AS)
5 5 54.156.159.24 14618 (AMAZON-AES)
1 1 20.253.86.149 8075 (MICROSOFT...)
1 1 69.166.1.67 27630 (AS-XFERNET)
1 52.200.12.121 14618 (AMAZON-AES)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
6 3.93.69.72 14618 (AMAZON-AES)
27 3.214.33.241 14618 (AMAZON-AES)
1 1 51.255.68.171 16276 (OVH)
5 5 54.174.90.242 14618 (AMAZON-AES)
1 1 198.24.170.51 19437 (SS-ASH)
5 5 185.167.164.49 198622 (ADFORM)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
1 15 162.248.18.37 62713 (AS-PUBMATIC)
2 7 8.28.7.81 62713 (AS-PUBMATIC)
1 1 8.28.7.82 62713 (AS-PUBMATIC)
1 2 162.248.18.34 62713 (AS-PUBMATIC)
3 4 34.233.0.32 14618 (AMAZON-AES)
2 2 193.122.128.135 31898 (ORACLE-BM...)
2 22 8.28.7.83 62713 (AS-PUBMATIC)
1 40.76.134.238 8075 (MICROSOFT...)
1 2 38.68.201.140 174 (COGENT-174)
6 6 173.231.178.115 ()
3 6 54.158.15.169 ()
3 52.23.26.141 ()
3 72.44.44.12 ()
702 110
38    51.161.66.85 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip85.ip-51-161-66.net
cnz.to
5    172.217.13.138 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f10.1e100.net
fonts.googleapis.com
3    23.223.209.41 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-223-209-41.deploy.static.akamaitechnologies.com
use.typekit.net
2    172.217.13.168 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f8.1e100.net
www.googletagmanager.com
1    23.66.228.170 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-66-228-170.deploy.static.akamaitechnologies.com
s7.addthis.com
1    174.138.117.212 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
geniuslinkcdn.com
26    151.101.1.181 (United States)

ASN54113 (FASTLY, US)
scripts.mediavine.com
keywords.mediavine.com
7    172.217.13.196 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f4.1e100.net
www.google.com
2    23.56.163.9 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-9.deploy.static.akamaitechnologies.com
assets.pinterest.com
6    104.18.214.59 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
1    23.223.209.69 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-223-209-69.deploy.static.akamaitechnologies.com
p.typekit.net
4    172.217.13.163 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f3.1e100.net
fonts.gstatic.com
2    31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net
connect.facebook.net
12    172.217.13.142 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f14.1e100.net
www.youtube.com
www.google-analytics.com
8    172.217.13.130 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f2.1e100.net
securepubads.g.doubleclick.net
23    52.203.254.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-254-189.compute-1.amazonaws.com
exchange.mediavine.com
7    172.217.13.195 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f3.1e100.net
www.gstatic.com
2    138.199.40.58 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-40-58.bunnyinfra.net
a.omappapi.com
1    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
cnz.disqus.com
1    31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com
www.facebook.com
15    3.160.22.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-22-10.cmh68.r.cloudfront.net
api.omappapi.com
1    172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
stats.g.doubleclick.net
1    104.16.143.23 (None, )

ASN13335 (CLOUDFLARENET, US)
choczuc.os.tc
1    172.67.164.44 (United States)

ASN13335 (CLOUDFLARENET, US)
sda.fyi
4    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
10    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
9    172.217.13.98 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f2.1e100.net
googleads.g.doubleclick.net
9    172.217.13.102 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f6.1e100.net
static.doubleclick.net
ad.doubleclick.net
3    3.160.3.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-3-135.cmh68.r.cloudfront.net
c.amazon-adsystem.com
4    172.217.13.170 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f10.1e100.net
jnn-pa.googleapis.com
1    172.217.13.214 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f22.1e100.net
i.ytimg.com
8    172.217.13.161 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f1.1e100.net
yt3.ggpht.com
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
4    3.160.5.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-5-46.cmh68.r.cloudfront.net
sb.scorecardresearch.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
2    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
1    108.156.172.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-172-23.cmh68.r.cloudfront.net
cdn.opecloud.com
1    18.238.25.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-25-98.cmh68.r.cloudfront.net
config.aps.amazon-adsystem.com
5    23.51.57.13 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-13.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    63.251.86.50 (United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
24    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
google-bidout-d.openx.net
4    23.66.229.147 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-66-229-147.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    23.56.163.106 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-106.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    34.226.253.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-253-159.compute-1.amazonaws.com
rtb.gumgum.com
14    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
10    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
htlb.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
7    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
4    23.83.76.39 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
ssbsync.smartadserver.com
1    23.56.162.28 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-162-28.deploy.static.akamaitechnologies.com
contextual.media.net
7    107.23.135.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-135-200.compute-1.amazonaws.com
match.sharethrough.com
8    68.67.179.166 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
14    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
5    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
2    23.22.36.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-36-112.compute-1.amazonaws.com
ice.360yield.com
4    34.195.28.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-28-76.compute-1.amazonaws.com
crb.kargo.com
3    3.160.23.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-23-31.cmh68.r.cloudfront.net
aax.amazon-adsystem.com
3    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    69.173.151.96 (United States)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    34.204.123.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-123-217.compute-1.amazonaws.com
pdmp.tagger.opecloud.com
8    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
70    172.217.13.162 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f2.1e100.net
cm.g.doubleclick.net
www.googletagservices.com
googleads4.g.doubleclick.net
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
10    68.67.160.132 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
4    50.116.194.21 (United States)

ASN6336 (TURN-US-ASN, US)
PTR: presentation-atl1.turn.com
ad.turn.com
6    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
6    52.22.225.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-225-85.compute-1.amazonaws.com
pr-bh.ybp.yahoo.com
11    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
8    23.105.12.136 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
1    15.235.42.104 (Terrebonne, Canada)

ASN16276 (OVH, FR)
PTR: haproxy-ca-003.roqad.pl
wt.rqtrk.eu
4    192.184.68.149 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
7    52.87.108.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-108-188.compute-1.amazonaws.com
match.prod.bidr.io
26    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    52.203.123.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-123-191.compute-1.amazonaws.com
pdmp.profiles.tagger.opecloud.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    52.95.126.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    147.75.195.55 (Parsippany, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
6    52.45.219.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-219-8.compute-1.amazonaws.com
sync.ipredictive.com
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
3    8.43.72.42 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    3.222.229.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-229-145.compute-1.amazonaws.com
tlx.3lift.com
1    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
2    18.205.135.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-135-201.compute-1.amazonaws.com
aorta.clickagy.com
4    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
7    207.198.113.88 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
7    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
4    34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com
feed.pghub.io
pandg.tapad.com
8    54.243.90.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-90-71.compute-1.amazonaws.com
fw.adsafeprotected.com
42    142.250.80.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
pagead2.googlesyndication.com
19    172.217.13.193 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f1.1e100.net
tpc.googlesyndication.com
34    172.217.13.198 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f6.1e100.net
s0.2mdn.net
6    159.127.43.169 (United States)

ASN25751 (VALUECLICK, US)
PTR: iad08-nessy-float1.dotomi.com
dclk-match.dotomi.com
casale-match.dotomi.com
pubmatic-match.dotomi.com
1    172.104.105.5 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1715-5.members.linode.com
a.c.appier.net
1    31.220.27.155 (None, )

ASN- ()
s.uuidksinc.net
4    124.146.153.169 (Miyado, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    51.222.39.185 (Canada)

ASN16276 (OVH, FR)
PTR: ip185.ip-51-222-39.net
onetag-sys.com
2    23.44.201.169 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-201-169.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
1    209.204.227.110 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a938.casalemedia.com
2    69.20.43.192 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
7    3.160.22.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-22-80.cmh68.r.cloudfront.net
static.adsafeprotected.com
25    44.241.82.97 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-82-97.us-west-2.compute.amazonaws.com
dt.adsafeprotected.com
1    142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net
bid.g.doubleclick.net
2    18.214.11.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-11-191.compute-1.amazonaws.com
i.liadm.com
2    18.238.25.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-25-89.cmh68.r.cloudfront.net
live.rezync.com
5    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    44.215.45.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-45-69.compute-1.amazonaws.com
um4.eqads.com
1    108.156.172.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-172-34.cmh68.r.cloudfront.net
native.sharethrough.com
6    108.156.184.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-184-111.cmh68.r.cloudfront.net
b.sharethrough.com
4    104.18.24.173 (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
3    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
6    64.74.236.159 (None, )

ASN- ()
b1sync.zemanta.com
1    35.214.242.163 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 163.242.214.35.bc.googleusercontent.com
csync.loopme.me
2    23.51.57.155 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-155.deploy.static.akamaitechnologies.com
sync.teads.tv
5    54.156.159.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-159-24.compute-1.amazonaws.com
pm.w55c.net
1    20.253.86.149 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    69.166.1.67 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    52.200.12.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-12-121.compute-1.amazonaws.com
partners.tremorhub.com
1    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
6    3.93.69.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-69-72.compute-1.amazonaws.com
s.update.sharethru.com
27    3.214.33.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-33-241.compute-1.amazonaws.com
usersync.gumgum.com
1    51.255.68.171 (France)

ASN16276 (OVH, FR)
PTR: ns3028611.ip-51-255-68.eu
dsp.nrich.ai
5    54.174.90.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-90-242.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    198.24.170.51 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
5    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
15    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
7    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
4    34.233.0.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-0-32.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
2    193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
22    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
2    38.68.201.140 (Ashburn, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
6    173.231.178.115 (None, )

ASN- ()
cm.adgrx.com
6    54.158.15.169 (None, )

ASN- ()
thrtle.com
3    52.23.26.141 (None, )

ASN- ()
sync.bfmio.com
3    72.44.44.12 (None, )

ASN- ()
rtb.adentifi.com
Apex Domain
Subdomains		 Transfer
91 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
static.doubleclick.net — Cisco Umbrella Rank: 248
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
ad.doubleclick.net — Cisco Umbrella Rank: 139
bid.g.doubleclick.net — Cisco Umbrella Rank: 840
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
395 KB
68 googlesyndication.com
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
431 KB
55 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 544
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
image2.pubmatic.com — Cisco Umbrella Rank: 859 Failed
image6.pubmatic.com — Cisco Umbrella Rank: 793
image8.pubmatic.com — Cisco Umbrella Rank: 661
image4.pubmatic.com — Cisco Umbrella Rank: 1224
simage2.pubmatic.com — Cisco Umbrella Rank: 723
simage4.pubmatic.com
106 KB
49 mediavine.com
scripts.mediavine.com — Cisco Umbrella Rank: 7879
exchange.mediavine.com — Cisco Umbrella Rank: 1074
keywords.mediavine.com — Cisco Umbrella Rank: 8675
484 KB
46 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946
eus.rubiconproject.com — Cisco Umbrella Rank: 588
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 788
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537 Failed
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1237
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
108 KB
40 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 900
static.adsafeprotected.com — Cisco Umbrella Rank: 602
dt.adsafeprotected.com — Cisco Umbrella Rank: 567
689 KB
38 cnz.to
cnz.to
918 KB
34 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
735 KB
31 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1472
usersync.gumgum.com — Cisco Umbrella Rank: 1858
10 KB
30 openx.net
u.openx.net — Cisco Umbrella Rank: 672
us-u.openx.net — Cisco Umbrella Rank: 491
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
rtb.openx.net — Cisco Umbrella Rank: 695
5 KB
21 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
87 KB
18 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
htlb.casalemedia.com — Cisco Umbrella Rank: 484 Failed
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
a938.casalemedia.com — Cisco Umbrella Rank: 118769
dsum.casalemedia.com — Cisco Umbrella Rank: 1364
11 KB
18 adnxs.com
acdn.adnxs.com Failed
secure.adnxs.com — Cisco Umbrella Rank: 478
ib.adnxs.com — Cisco Umbrella Rank: 229
14 KB
17 omappapi.com
a.omappapi.com — Cisco Umbrella Rank: 5231
api.omappapi.com — Cisco Umbrella Rank: 5432
29 KB
16 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 372
tlx.3lift.com — Cisco Umbrella Rank: 592 Failed
8 KB
14 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
7 KB
14 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
native.sharethrough.com — Cisco Umbrella Rank: 2612
b.sharethrough.com — Cisco Umbrella Rank: 2351
sdk.sharethrough.com Failed
109 KB
12 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622
6 KB
11 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
connectid.analytics.yahoo.com Failed
4 KB
11 gstatic.com
fonts.gstatic.com
www.gstatic.com
796 KB
10 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
4 KB
9 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
pandg.tapad.com — Cisco Umbrella Rank: 2251
2 KB
9 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 983
id.rlcdn.com — Cisco Umbrella Rank: 711
idsync.rlcdn.com — Cisco Umbrella Rank: 408
2 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 71
998 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
jnn-pa.googleapis.com — Cisco Umbrella Rank: 203
46 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
dis.criteo.com — Cisco Umbrella Rank: 550
9 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
450 KB
7 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 681
4 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
4 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
55 KB
6 thrtle.com
thrtle.com
2 KB
6 adgrx.com
cm.adgrx.com
3 KB
6 sharethru.com
s.update.sharethru.com — Cisco Umbrella Rank: 4046
49 KB
6 zemanta.com
b1sync.zemanta.com
3 KB
6 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2627
casale-match.dotomi.com — Cisco Umbrella Rank: 2999
stx-match.dotomi.com Failed
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2850
2 KB
6 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 836
3 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
1 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4165
onesignal.com — Cisco Umbrella Rank: 1473
146 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
3 KB
5 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
4 KB
5 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
4 KB
5 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
5 KB
5 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133
creativecdn.com — Cisco Umbrella Rank: 564 Failed
3 KB
4 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1370
2 KB
4 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
2 KB
4 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 925
1 KB
4 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
4 KB
4 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
2 KB
4 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 910
1 KB
4 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 501
4 KB
4 pghub.io
pghub.io — Cisco Umbrella Rank: 1888
feed.pghub.io — Cisco Umbrella Rank: 2194
11 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
3 KB
4 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1596
cdn-ima.33across.com — Cisco Umbrella Rank: 1352
ssc-cms.33across.com Failed
5 KB
4 typekit.net
use.typekit.net — Cisco Umbrella Rank: 446
p.typekit.net — Cisco Umbrella Rank: 559
69 KB
3 adentifi.com
rtb.adentifi.com
857 B
3 bfmio.com
sync.bfmio.com
1 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
2 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
5 KB
3 opecloud.com
cdn.opecloud.com — Cisco Umbrella Rank: 5764
pdmp.tagger.opecloud.com — Cisco Umbrella Rank: 8425
pdmp.profiles.tagger.opecloud.com — Cisco Umbrella Rank: 7860
13 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4174
967 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1781
2 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1299
628 B
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1785
1 KB
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
1 KB
2 lkqd.net
cs.lkqd.net — Cisco Umbrella Rank: 2260
1 KB
2 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2266
2 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
587 B
2 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1768
870 B
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1010
522 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 777
881 B
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1817
ad.360yield.com Failed
783 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
90 KB
2 pinterest.com
assets.pinterest.com — Cisco Umbrella Rank: 3234
log.pinterest.com Failed
19 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
150 KB
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 3298
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 3279
609 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3181
581 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428
487 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1153
175 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 951
757 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3950
462 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 870
418 B
1 eqads.com
um4.eqads.com — Cisco Umbrella Rank: 2169
270 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
352 B
1 uuidksinc.net
s.uuidksinc.net
288 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 8865
gocm.c.appier.net Failed
596 B
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4118
474 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
13 KB
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
451 B
1 rqtrk.eu
wt.rqtrk.eu — Cisco Umbrella Rank: 1499
350 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4434
405 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 665
678 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 226
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 89
67 KB
1 sda.fyi
sda.fyi — Cisco Umbrella Rank: 8245
637 B
1 os.tc
choczuc.os.tc
693 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 disqus.com
cnz.disqus.com
ssp.disqus.com Failed
2 KB
1 geniuslinkcdn.com
geniuslinkcdn.com — Cisco Umbrella Rank: 62016
2 KB
1 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 3351
361 B
0 crwdcntrl.net Failed
bcp.crwdcntrl.net Failed
0 adswizz.com Failed
synchroscript.deliveryengine.adswizz.com Failed
0 ctnsnet.com Failed
ipac.ctnsnet.com Failed
0 mathtag.com Failed
sync.mathtag.com Failed
0 acuityplatform.com Failed
ums.acuityplatform.com Failed
0 opera.com Failed
t.adx.opera.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 aralego.com Failed
sync.aralego.com Failed
0 taptapnetworks.com Failed
sonata-notifications.taptapnetworks.com Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
0 bing.com Failed
c.bing.com Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 smaato.net Failed
s.ad.smaato.net Failed
0 storygize.net Failed
sid.storygize.net Failed
0 1rx.io Failed
sync.1rx.io Failed
0 bttrack.com Failed
bttrack.com Failed
0 yieldmo.com Failed
ads.yieldmo.com Failed
702 121
Domain Requested by
61 cm.g.doubleclick.net 26 redirects u.openx.net
cnz.to
googleads.g.doubleclick.net
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
ssbsync.smartadserver.com
rtb.gumgum.com
eb2.3lift.com
42 pagead2.googlesyndication.com cnz.to
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
fw.adsafeprotected.com
www.googletagservices.com
native.sharethrough.com
googleads.g.doubleclick.net
s0.2mdn.net
38 cnz.to 1 redirects cnz.to
34 s0.2mdn.net 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
cnz.to
s0.2mdn.net
27 usersync.gumgum.com rtb.gumgum.com
ads.pubmatic.com
25 dt.adsafeprotected.com 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
cnz.to
25 scripts.mediavine.com cnz.to
scripts.mediavine.com
exchange.mediavine.com
23 exchange.mediavine.com 1 redirects scripts.mediavine.com
exchange.mediavine.com
cnz.to
u.openx.net
ssbsync.smartadserver.com
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
rtb.gumgum.com
ads.pubmatic.com
22 simage2.pubmatic.com 2 redirects ads.pubmatic.com
cnz.to
rtb.gumgum.com
20 us-u.openx.net 5 redirects u.openx.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
cnz.to
ads.pubmatic.com
19 tpc.googlesyndication.com cnz.to
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
16 pixel.rubiconproject.com 10 redirects cnz.to
googleads.g.doubleclick.net
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
15 image2.pubmatic.com 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
googleads.g.doubleclick.net
ads.pubmatic.com
cnz.to
rtb.gumgum.com
15 api.omappapi.com a.omappapi.com
14 x.bidswitch.net 13 redirects cnz.to
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
14 eb2.3lift.com 5 redirects scripts.mediavine.com
eb2.3lift.com
ads.pubmatic.com
11 s.amazon-adsystem.com 3 redirects u.openx.net
cnz.to
c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
rtb.gumgum.com
ads.pubmatic.com
10 token.rubiconproject.com 6 redirects eus.rubiconproject.com
10 ib.adnxs.com 7 redirects cnz.to
googleads.g.doubleclick.net
eb2.3lift.com
10 eus.rubiconproject.com exchange.mediavine.com
eus.rubiconproject.com
native.sharethrough.com
rtb.gumgum.com
scripts.mediavine.com
10 match.adsrvr.org 9 redirects scripts.mediavine.com
9 googleads.g.doubleclick.net 1 redirects www.youtube.com
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
cnz.to
pagead2.googlesyndication.com
native.sharethrough.com
9 www.youtube.com cnz.to
www.youtube.com
8 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
8 ad.doubleclick.net cnz.to
8 fw.adsafeprotected.com 4 redirects cnz.to
8 rtb-csync.smartadserver.com 2 redirects ssbsync.smartadserver.com
8 secure.adnxs.com 8 redirects
8 securepubads.g.doubleclick.net scripts.mediavine.com
securepubads.g.doubleclick.net
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
www.googletagservices.com
7 image6.pubmatic.com 2 redirects ads.pubmatic.com
7 static.adsafeprotected.com 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
7 www.googletagservices.com 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
7 pixel.tapad.com 3 redirects google-bidout-d.openx.net
ads.pubmatic.com
cnz.to
7 pixel-sync.sitescout.com 7 redirects
7 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
7 match.prod.bidr.io 7 redirects 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
7 match.sharethrough.com 3 redirects cnz.to
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
ssbsync.smartadserver.com
eus.rubiconproject.com
googleads.g.doubleclick.net
7 www.gstatic.com www.google.com
www.youtube.com
www.gstatic.com
7 www.google.com cnz.to
www.gstatic.com
www.youtube.com
www.google.com
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
6 thrtle.com 3 redirects cnz.to
rtb.gumgum.com
6 cm.adgrx.com 6 redirects
6 s.update.sharethru.com native.sharethrough.com
s.update.sharethru.com
6 b1sync.zemanta.com 6 redirects 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
6 b.sharethrough.com 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
6 sync.ipredictive.com 6 redirects
6 pr-bh.ybp.yahoo.com 4 redirects u.openx.net
ads.pubmatic.com
6 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
6 idsync.rlcdn.com 2 redirects u.openx.net
ssum-sec.casalemedia.com
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
cnz.to
5 c1.adform.net 5 redirects
5 sync.srv.stackadapt.com 5 redirects
5 pm.w55c.net 5 redirects 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
5 p.rfihub.com 5 redirects
5 ups.analytics.yahoo.com cnz.to
u.openx.net
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
ads.pubmatic.com
5 ssum-sec.casalemedia.com 3 redirects 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
5 ads.pubmatic.com exchange.mediavine.com
rtb.gumgum.com
scripts.mediavine.com
ads.pubmatic.com
5 fonts.googleapis.com cnz.to
client
4 beacon.lynx.cognitivlabs.com 3 redirects ads.pubmatic.com
4 creativecdn.com 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
4 match.deepintent.com 1 redirects ssum-sec.casalemedia.com
rtb.gumgum.com
4 tg.socdm.com 4 redirects
4 rtb.openx.net 2 redirects google-bidout-d.openx.net
4 cms.quantserve.com 4 redirects
4 dis.criteo.com 4 redirects
4 ad.turn.com 4 redirects
4 crb.kargo.com cnz.to
ads.pubmatic.com
4 ssbsync.smartadserver.com 2 redirects exchange.mediavine.com
native.sharethrough.com
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
4 rtb.gumgum.com exchange.mediavine.com
s.amazon-adsystem.com
rtb.gumgum.com
4 secure-assets.rubiconproject.com 4 redirects
4 bh.contextweb.com 4 redirects 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
4 sb.scorecardresearch.com 2 redirects cnz.to
4 jnn-pa.googleapis.com www.youtube.com
4 gum.criteo.com scripts.mediavine.com
static.criteo.net
gum.criteo.com
4 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
4 cdn.onesignal.com cnz.to
cdn.onesignal.com
choczuc.os.tc
3 rtb.adentifi.com cnz.to
ads.pubmatic.com
3 sync.bfmio.com cnz.to
ads.pubmatic.com
3 um.simpli.fi 3 redirects
3 a.tribalfusion.com 1 redirects ads.pubmatic.com
3 aax-eu.amazon-adsystem.com 2 redirects cnz.to
3 fastlane.rubiconproject.com scripts.mediavine.com
3 hbopenbid.pubmatic.com scripts.mediavine.com
3 htlb.casalemedia.com scripts.mediavine.com
3 aax.amazon-adsystem.com c.amazon-adsystem.com
3 ap.lijit.com 2 redirects exchange.mediavine.com
3 c.amazon-adsystem.com scripts.mediavine.com
c.amazon-adsystem.com
3 lexicon.33across.com 1 redirects cnz.to
cdn-ima.33across.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 use.typekit.net cnz.to
use.typekit.net
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pubmatic-match.dotomi.com 2 redirects
2 sync.technoratimedia.com 2 redirects
2 googleads4.g.doubleclick.net cnz.to
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 casale-match.dotomi.com 2 redirects
2 live.rezync.com 2 redirects
2 i.liadm.com 2 redirects
2 cs.lkqd.net 1 redirects googleads.g.doubleclick.net
2 analytics.pangle-ads.com 2 redirects
2 onetag-sys.com 1 redirects 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
2 dclk-match.dotomi.com 2 redirects
2 pandg.tapad.com pghub.io
2 feed.pghub.io 2 redirects
2 aorta.clickagy.com 2 redirects
2 google-bidout-d.openx.net oa.openxcdn.net
2 oajs.openx.net oa.openxcdn.net
2 capi.connatix.com 1 redirects cnz.to
2 px.ads.linkedin.com cnz.to
eb2.3lift.com
2 pippio.com 2 redirects
2 id.rlcdn.com 2 redirects
2 prebid-server.rubiconproject.com scripts.mediavine.com
2 tlx.3lift.com scripts.mediavine.com
2 ice.360yield.com 2 redirects
2 u.openx.net 1 redirects exchange.mediavine.com
2 pghub.io scripts.mediavine.com
native.sharethrough.com
2 onesignal.com cdn.onesignal.com
2 a.omappapi.com cnz.to
a.omappapi.com
2 connect.facebook.net cnz.to
connect.facebook.net
2 assets.pinterest.com cnz.to
assets.pinterest.com
2 www.googletagmanager.com cnz.to
www.googletagmanager.com
1 simage4.pubmatic.com ads.pubmatic.com
1 us01.z.antigena.com ads.pubmatic.com
1 image4.pubmatic.com 1 redirects
1 image8.pubmatic.com 1 redirects
1 server.cpmstar.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 partners.tremorhub.com googleads.g.doubleclick.net
1 sync.go.sonobi.com 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 csync.loopme.me 1 redirects ads.pubmatic.com
1 s.tribalfusion.com cnz.to
1 native.sharethrough.com cnz.to
1 um4.eqads.com 1 redirects
1 js-sec.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 bid.g.doubleclick.net 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
1 a938.casalemedia.com cnz.to
1 s.uuidksinc.net 1 redirects
1 a.c.appier.net 1 redirects
1 esp.rtbhouse.com invstatic101.creativecdn.com
1 static.criteo.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 prebid.a-mo.net cnz.to
1 pixel-us-east.rubiconproject.com 1 redirects
1 pdmp.profiles.tagger.opecloud.com cdn.opecloud.com
1 wt.rqtrk.eu ssbsync.smartadserver.com
1 tags.rd.linksynergy.com 1 redirects
1 pdmp.tagger.opecloud.com cnz.to
1 contextual.media.net 1 redirects
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.opecloud.com cnz.to
1 oa.openxcdn.net scripts.mediavine.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 api.rlcdn.com scripts.mediavine.com
1 sda.fyi scripts.mediavine.com
1 choczuc.os.tc cdn.onesignal.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.facebook.com cnz.to
1 cnz.disqus.com cnz.to
1 keywords.mediavine.com scripts.mediavine.com
1 p.typekit.net use.typekit.net
1 geniuslinkcdn.com cnz.to
1 s7.addthis.com cnz.to
0 bcp.crwdcntrl.net Failed cnz.to
0 synchroscript.deliveryengine.adswizz.com Failed cnz.to
0 ipac.ctnsnet.com Failed ads.pubmatic.com
0 sync.mathtag.com Failed ads.pubmatic.com
0 gocm.c.appier.net Failed ads.pubmatic.com
0 ums.acuityplatform.com Failed ads.pubmatic.com
0 t.adx.opera.com Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 sync.aralego.com Failed ads.pubmatic.com
0 sonata-notifications.taptapnetworks.com Failed ads.pubmatic.com
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
0 c.bing.com Failed 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
0 cs.admanmedia.com Failed 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
0 ad.360yield.com Failed 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
0 s.ad.smaato.net Failed 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
0 sid.storygize.net Failed 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
0 ssp.disqus.com Failed 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
0 sync.1rx.io Failed 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
ads.pubmatic.com
0 stx-match.dotomi.com Failed 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
0 bttrack.com Failed 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
0 ssc-cms.33across.com Failed 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
0 sdk.sharethrough.com Failed 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
0 connectid.analytics.yahoo.com Failed securepubads.g.doubleclick.net
0 log.pinterest.com Failed cnz.to
0 ads.yieldmo.com Failed exchange.mediavine.com
0 acdn.adnxs.com Failed exchange.mediavine.com
702 192
Subject Issuer Validity Valid
cnz.to
Sectigo RSA Domain Validation Secure Server CA		 2023-12-20 -
2024-12-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-21 -
2024-10-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-09 -
2024-12-11		 a year crt.sh
geniuslinkcdn.com
R3		 2023-11-05 -
2024-02-03		 3 months crt.sh
*.mediavine.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-07-01 -
2024-08-01		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-07 -
2024-08-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-08 -
2024-01-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M01		 2023-04-05 -
2024-05-03		 a year crt.sh
a.omappapi.com
R3		 2023-11-18 -
2024-02-16		 3 months crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-13 -
2024-04-20		 a year crt.sh
api.opmnstr.com
Amazon RSA 2048 M03		 2023-12-11 -
2025-01-07		 a year crt.sh
sda.fyi
GTS CA 1P5		 2023-12-26 -
2024-03-25		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-08		 a year crt.sh
cdn.opecloud.com
Amazon RSA 2048 M02		 2023-12-16 -
2025-01-12		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M02		 2023-11-17 -
2024-12-15		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03		 2023-12-11 -
2025-01-08		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.tagger.opecloud.com
Amazon RSA 2048 M03		 2023-08-29 -
2024-09-26		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.profiles.tagger.opecloud.com
Amazon RSA 2048 M02		 2023-08-08 -
2024-09-06		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-12-23 -
2024-03-22		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-11-27 -
2024-02-25		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-11-08 -
2024-02-06		 3 months crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-18 -
2024-09-17		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
update.sharethru.com
R3		 2023-12-17 -
2024-03-16		 3 months crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M03		 2023-12-12 -
2025-01-09		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh

This page contains 123 frames:

Primary Page: https://cnz.to/
Frame ID: 228E447670CA95D49C2AEB51E7AB8E10
Requests: 179 HTTP requests in this frame

Frame: https://www.youtube.com/embed/TfcsN2nBDyU
Frame ID: D3A9EB64A384BA8C6FD03E1B451923F4
Requests: 5 HTTP requests in this frame

Frame: https://www.youtube.com/embed/TfcsN2nBDyU
Frame ID: 8415BEE836C6274D77AD5C9BCDDF8A78
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/TfcsN2nBDyU
Frame ID: 493EB2C5356A00AE840F7463DC7161E5
Requests: 20 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJXgwUAAAAAET-Yr7diyD-TIsfvfnRt0rkjgu8&co=aHR0cHM6Ly9jbnoudG86NDQz&hl=en-GB&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=tewda5u5xkaa
Frame ID: 2377E2B246D7DB405924ACC9EAEB8F86
Requests: 5 HTTP requests in this frame

Frame: https://choczuc.os.tc/webPushIframe
Frame ID: 74C423A5979676A77104D15D16605BC0
Requests: 4 HTTP requests in this frame

Frame: https://scripts.mediavine.com/sync/check
Frame ID: 5182C0EF6669E4FC140735C6759AAC60
Requests: 1 HTTP requests in this frame

Frame: https://exchange.mediavine.com/usersync/sync?origin=https://cnz.to&src=//exchange.mediavine.com&s2sVersion=production&gdpr=0&us_privacy=1---&gppString=DBABzw~1---~BqgAAAAAAgA&p=%7B%22appnexus%22%3Atrue%2C%22centro%22%3Atrue%2C%22emx_digital%22%3Atrue%2C%22gumgum%22%3Atrue%2C%22huddled_masses%22%3Atrue%2C%22indexExchange%22%3Atrue%2C%22kargo%22%3Atrue%2C%22mediadotnet%22%3Atrue%2C%22mediagrid%22%3Atrue%2C%22openx%22%3Atrue%2C%22pubmatic%22%3Atrue%2C%22pulsepoint%22%3Atrue%2C%22rubicon%22%3Atrue%2C%22sharethrough%22%3Atrue%2C%22smartmedia%22%3Atrue%2C%22sovrn%22%3Atrue%2C%22triplelift%22%3Atrue%2C%22verizon%22%3Atrue%2C%22yieldmo%22%3Atrue%7D
Frame ID: 2560B2B85F5BE2BCB38763FAE3EC2D09
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Frame ID: E2903590C075A369419129B88174625E
Requests: 21 HTTP requests in this frame

Frame: https://exchange.mediavine.com/usersync/redirect?partner=pulsepoint&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=tXCG8tgaSK9D&ev=7427dc00-a722-11ee-9bd0-e5d8c377681f&pid=562036
Frame ID: 9D20AD37E253437599EB80E460B33C74
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B86A4D341F02A14F4E1BAABAD364E381
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.mediavine.com/usersync/redirect?partner=openx&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=
Frame ID: 9C43CE1DBB9D475CA985132D33988451
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17404&endpoint=us-east
Frame ID: A7AA1FC0F8B21C5C497E5AA99E74A53B
Requests: 20 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Frame ID: B4107259BBDC4D029860B0B156FA09A0
Requests: 12 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dyieldmo%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D%24UID
Frame ID: 0FBF508405F1E6AD2B94F4B8B797A686
Requests: 1 HTTP requests in this frame

Frame: https://exchange.mediavine.com/usersync/redirect?partner=triplelift&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=3610331112224181422439
Frame ID: A3E99374EFA020E70FB63DD8095514E7
Requests: 1 HTTP requests in this frame

Frame: https://exchange.mediavine.com/usersync/redirect?partner=indexExchange&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=ZZAtsDWU3MR7QbQeOCmP9AAA%261420
Frame ID: 6EBED99361B3E9D69BE27971347A50D7
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=8
Frame ID: 1A3EA22EA2748D3EF2BB223722EEFAD3
Requests: 6 HTTP requests in this frame

Frame: https://exchange.mediavine.com/usersync/redirect?partner=mediadotnet&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=3469492926465194000V10
Frame ID: 2365409DB48BD552DE832BEFA8242CD5
Requests: 1 HTTP requests in this frame

Frame: https://exchange.mediavine.com/usersync/redirect?partnerId=5b730dc2-93d3-4f06-9265-105364495611&partner=sharethrough
Frame ID: DB346CFD68EC415A909E216032C0219F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en-GB&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LdJXgwUAAAAAET-Yr7diyD-TIsfvfnRt0rkjgu8
Frame ID: F89ED08E7A91D3784E56BB95D3C4AEF7
Requests: 3 HTTP requests in this frame

Frame: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FE2078D0E947DBD7D76415482B1A5E84
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: F0B0C9F58A762E1B1FC90C2967A7EBA4
Requests: 6 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 5090DEC9A9542629AC4CFA78E4343F82
Requests: 6 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fcnz.to%2F&owner=P%26G&bp_id=mediavine&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22Food%20%26%20Drink%22%2C%22subcategory%22%3A%22Food%20%26%20Drink%22%7D
Frame ID: 14AC0D191E0A13114E6FA4B2E730572E
Requests: 1 HTTP requests in this frame

Frame: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FCD992DA570B00CED0038A07981DB5C9
Requests: 23 HTTP requests in this frame

Frame: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EA5B9BF35E61365617819B6BC71F8610
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiHRhDRp0cYkrGY3QEwAQ&v=APEucNUXKHlZQZ95SLvEeTPuKnYzGczvrMLXxCT1ZTqxClHqXU-e_DXBuSOWxotsP8Pm-7W1iE-MA0aepKMAf7TK0IZmVaHzXg
Frame ID: AFB8B2CA12B6986E8D718B41DAE4AC86
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3D171518B7B054BDA52AC7E9097F487B
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=cnz.to&us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=
Frame ID: 84CDDF48FC5FF85AF3E52488E7ABDDD4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 24E9177EA6A49536642465FEB3F25EC7
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQqI3GARi6i7T7ATAB&v=APEucNUS1KqHxA1PFfBcPtxyDJSlDaJC-G0wjC2E9RBtFBm8eoaFW8DyjCLbSK3gM2S9RLmnQU0EVvTCOnUXvvFcsUcasZ_X3w
Frame ID: 19D252FFDAFCD824349AAEB816340ADB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: AA3CD1DAB6CF69288BAC9BB3BE7453EF
Requests: 25 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg
Frame ID: EE1ABB6EF4CB68CB516109B83817E6F9
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: F3AF53B9A885075B142D34DE0D5DE1C7
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: B2319CE8AD7F88738E17EF0531DF3B1D
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 48AFEA2C260EFD337812367BAE3734F3
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Frame ID: 9FF2D81794533921254A5790FB19877A
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: ACB0A3BE1D3DDCF974F82718B7FA987E
Requests: 3 HTTP requests in this frame

Frame: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3E50C0E06D8FAA0796CA2D098AFDF77A
Requests: 5 HTTP requests in this frame

Frame: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1AB3B50DD0E51E94276EE7F0C2CF01AC
Requests: 19 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=193478&gdpr=0&gpp=DBABzw~1---~BqgAAAAAAgA
Frame ID: 8F186CFEB00692380FB6C699C22D2490
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiHRhDRp0cYzq-Y3QEwAQ&v=APEucNV_xbitWYoLnxanlHYDIS-mIKUw28l31yxnZ1iSwT6AL39olXxt6KoivxJbT1nyaY_d2QHjPfUptfPUwYpayWTduYzqMw
Frame ID: DB19B822F1638FFB132EA64FCCE906FD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EB7C5C3D662E2C6B5A37ACD727D244AD
Requests: 9 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=8dcf15ef-e7fa-4910-9b99-301f709ccc14&expiration=1711810099
Frame ID: EE951049AEB4E9C2F26E08C990FBD570
Requests: 1 HTTP requests in this frame

Frame: https://native.sharethrough.com/assets/sfp.js
Frame ID: 203AD63F8F9C4574A7D328BFE6DF57B2
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F2F2DE85C9640645EFCF6AF177DFEC65
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: BEC18B3DC6981032EDBBAC4D1944F970
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12455646190286929920/index.html?ev=01_250
Frame ID: 0998BE3EC81204B63DCB2BAB3720E32B
Requests: 5 HTTP requests in this frame

Frame: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 40764D64C6943F6F878ACE6560104BD4
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiHRhDRp0cYzq-Y3QEwAQ&v=APEucNUIo0tMa9xg2vQu0hNfbCdsgATNlvS2-E_hRWIPcaaJ12iv1NBo9fI1hQx0iL2srJxZWtd7PcNpoEeSTb7RIPsDhx5oYQ
Frame ID: 7AAC361589630C316D63837EE7D5BB3F
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4ABEF6A8CE1DDB6794C06BBDDE4B8F2C
Requests: 9 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=47&gdpr=0&gdpr_consent=
Frame ID: 29E30B41F38A84F8A42827DB7157681B
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=18694&gdpr=0&gdpr_consent=
Frame ID: 9E1F436202FE622585C26DABEC96D61B
Requests: 4 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Frame ID: A673E6E4CF3D7A9AEACFD052C4348908
Requests: 34 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 23CEF75C726306950B75AB6200B0652E
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B0008A8A3455323621F17F877F89A4D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4YifjixwEwAQ&v=APEucNXcnCG0hPA1wCh0jDvAC7cQyMcFdX-u-Tq1apknonNQ8JCM8q85RrxIck_OWy72oBgO1SLNZrtEzbXB-L_30Kr9DvHPvTXw9NBj_94w1BF640SIbso
Frame ID: 4DA0A9BE75D4F436D2D1F1EE2C997B53
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 31834FBED30E82D49555E7F4ABA1DB79
Requests: 13 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=1179816859700053156&gdpr=&gdpr_consent=
Frame ID: C3B12FA69D4C6C0C9517A1271F94337C
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8yZjI5ZjBkMi0yYmNiLTQzMzEtODcwOC1iOTJhYzM0Yjc5ZWI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 8E85D7E2F2B8DB2F2B0888656E5DDDB2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 8402F1A58B5824541283D8FFD0A52FB2
Requests: 9 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=ae9fa611-1916-4d55-ab82-f7eea3328191
Frame ID: B70AD61B2C62E6D795A5F5FF07034A99
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZZAtssCo8X0AAKa-QK8AAAAA
Frame ID: 0E48B9E1D47D20DAFA19D43A448478F2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=7RpKiJEwcRBLYinh3zAK6r9vZv2qo-Fnfw_kiB471q8&pi=gumgum&tc=1
Frame ID: BA52D48FC32EDF7F45C913B324D3DFD6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 39E20DCFD4A8259EB3D4AE54818EE807
Requests: 4 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=6463982688388548906&gdpr=0&gdpr_consent=
Frame ID: 9A37BC352738389C7686C2F5C3CAC80C
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV84ZGU5YWJkNy02MjUzLTRkOWItOTZiMi02NDZjZjI0NGZhZTg=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 6754AB2F5976AAFD65BD35AD6C950F12
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: A926801D982064436D22691459C56BF1
Requests: 9 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=ae9fa611-1916-4d55-ab82-f7eea3328191
Frame ID: 4ED423A75F23FD623EF6C55885E4C9F3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZZAts8Co8X0AAKa-QLoAAAAA
Frame ID: 74643F08E64C2A4A3ACB587F2E0B1ADE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=7RpKiJEwcRBLYinh3zAK6r9vZv2qo-Fnfw_kiB471q8&pi=gumgum&tc=1
Frame ID: B8760341AC6182AD6F005A308D3E6289
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 658D585F4E472885580521F4DA07A7E1
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157108&us_privacy=1---
Frame ID: CAD9B9D79F537DA99B08103D355CB633
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=
Frame ID: 65CD1581B4CC2A725A29EA773CCE79F7
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&
Frame ID: 1CBC059C28AA246A755A3E298E7D3117
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4E936C57779EB1A80756E871F6BAC486
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Frame ID: 1397F591857A60B089FBFDE278D5C641
Requests: 26 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: A470FA235E39CB041AF757A482706A01
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=972AF3CC-0F5F-44DC-A166-D97F871E6350&redir=true&gdpr=0&gdpr_consent=
Frame ID: 668C1E20E985CEDAE4CE053580815BA9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACVt07LIFsAABOibw3ZwQ&gdpr=0
Frame ID: DAC0E274758F46CF9E038C553F003510
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_cb216b4e293447c4b00c9
Frame ID: 2A75F8DFC59D4741C59F27889666371F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2896712593121374864&gdpr=0&gdpr_consent=
Frame ID: 35069E8DCD82F8E5B6F70C5B5BE86D52
Requests: 1 HTTP requests in this frame

Frame: https://exchange.mediavine.com/usersync/redirect?partner=pubmatic&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=972AF3CC-0F5F-44DC-A166-D97F871E6350
Frame ID: 88D784FE1904893C19F9E6CE91CFE298
Requests: 1 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?us_privacy=1---&referrer_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&page_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&owner=P%26G&bp_id=sharethrough&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js
Frame ID: 63028E8A860757663A0BF2730F73C468
Requests: 1 HTTP requests in this frame

Frame: blob://https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/18ecce90-5884-4fad-8f6d-39522defdc2d
Frame ID: 3591BA8AB0E6778130A6A00CA4457B28
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 62E1A94DC664015418CB6C7F263CEDFB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-LAf9PzhR6DjsxWh9rML_PjjEPLjtUTzqOPEnCuX
Frame ID: 2C28D27696D383052094047D6177DBEF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7ba6d1fc-a722-11ee-bdda-0ac735083d6b
Frame ID: 24BDDD3554C2004F24DFDE7FC10B4CD5
Requests: 1 HTTP requests in this frame

Frame: https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=0&gdpr_consent=&gdpr_pd=
Frame ID: 99E6B1491E1B8323DA298BFB78E37FC3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188723640060651
Frame ID: 8B89426B2D30EE3D465A8369FBC5BCAA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=nBW3J1V4X1FJS-QQH9TL4bnVUCs&gdpr=0&gdpr_consent=
Frame ID: D1C75DB338CBCD82886808428C4EBE2B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:IwFXRTno1RjADq5&gdpr=0&gdpr_consent=
Frame ID: 4FD777F366FB56780E4E383D48410183
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 9C921B8ABF81EC51D2D7ADAB58D665B5
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=972AF3CC-0F5F-44DC-A166-D97F871E6350
Frame ID: 38E16F3A6EDDF2E1211B86106422A64F
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: F3E4B1E820339A5ACD6D75AF1F056D8F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-LAf9PzhR6DjsxWh9rML_PjjEPLjtUTzqOPEnCuX
Frame ID: 02026C9C2AD0C4D592A6CB391C7DB064
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7ba6d1fc-a722-11ee-bdda-0ac735083d6b
Frame ID: C9A02F096DD1B1B12B6E927693177ABC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 5AEB555BFDA514462734EA2565A256D7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188723640060651
Frame ID: DB0F96A6A4F3E164F8433E09FC064A90
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=nBW3J1V4X1FJS-QQH9TL4bnVUCs&gdpr=0&gdpr_consent=
Frame ID: D52C448E0E0FD00C32BFA6E8C8E2BCD0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:IwFXRTno1RjADq5&gdpr=0&gdpr_consent=
Frame ID: A58159E0E82604CFED59097A8682634B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=972AF3CC-0F5F-44DC-A166-D97F871E6350
Frame ID: 2728B4C66500F31A084B5D43B4EAE2D8
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: A1E0D28DB0861FE1927EF8EF91839BEB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-LAf9PzhR6DjsxWh9rML_PjjEPLjtUTzqOPEnCuX
Frame ID: 654BB1CBC434A17F066D14A3537B1991
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7ba6d1fc-a722-11ee-bdda-0ac735083d6b
Frame ID: 45E22B2E48C10F57B6C909B77F1A935F
Requests: 1 HTTP requests in this frame

Frame: https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy=
Frame ID: 7F98D923F6D12F6CC09BE3524B8A4C3A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188723640060651
Frame ID: B2FBF28C80474765409A3522CF9B4982
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=nBW3J1V4X1FJS-QQH9TL4bnVUCs&gdpr=0&gdpr_consent=
Frame ID: 146F8570B7A983CF71FFE51583CA2A34
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:IwFXRTno1RjADq5&gdpr=0&gdpr_consent=
Frame ID: 37CDA389BD6024C66166E222123F51AB
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=972AF3CC-0F5F-44DC-A166-D97F871E6350
Frame ID: 8818E5891DD7966E9F8A07D31F89F2CE
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 3398D2B3D7C490590674A47F1A0B071A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=f97c712f-8434-4736-8165-dff7fb9eb5a8&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID}
Frame ID: 4A637412D5364589EB4FA05FA6244573
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 681EA2FCB9686F2F3F70603238897AA1
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 8CDB227DDED3089C21171E98FF886492
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Frame ID: A6278EC4495BBFBB033F392D6A84247C
Requests: 1 HTTP requests in this frame

Frame: https://ums.acuityplatform.com/tum?umid=6
Frame ID: C0291219DF046E5721A407574CD78D33
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 239BB04FBFE5E0DDE22E64DA93498270
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
Frame ID: 9B62ED5CE027AC0037CDB4A8A2026E75
Requests: 1 HTTP requests in this frame

Frame: https://gocm.c.appier.net/pubmatic
Frame ID: D27B6DC6D270F6834080FAB07161A2D4
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 82C33ACC06D51C892D4E127E01D7453E
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 86D79C3F9C644F1834123E5B528929AA
Requests: 1 HTTP requests in this frame

Frame: https://exchange.mediavine.com/usersync/redirect?partner=pubmatic&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=972AF3CC-0F5F-44DC-A166-D97F871E6350
Frame ID: 2C2111968CA39D3CEDE615A5063A6555
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Chocolate & Zucchini | Simple Recipes from my Paris Kitchen

Page URL History Show full URLs

  1. http://cnz.to/ HTTP 301
    https://cnz.to/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • //assets\.pinterest\.com/js/pinit\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

702
Requests

71 %
HTTPS

0 %
IPv6

121
Domains

192
Subdomains

110
IPs

9
Countries

7145 kB
Transfer

17654 kB
Size

168
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cnz.to/ HTTP 301
    https://cnz.to/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 128
  • https://lexicon.33across.com/v1/envelope?pid=0014000000xvEfwAAE&gdpr=0&src=pbjs&ver=8.20.0&coppa=0&us_privacy=1--- HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0014000000xvEfwAAE&gdpr=0&src=pbjs&ver=8.20.0&coppa=0&us_privacy=1---&b=1&g=UirMx53d5u8oegrQyZa2Gj0tQBj%2BZ8YP6zvPSowR4xw%3D
Request Chain 132
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 154
  • https://sb.scorecardresearch.com/cs/27053452/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/27053452/beacon.js
Request Chain 168
  • https://bh.contextweb.com/bh/rtset?pid=562036&ev=7427dc00-a722-11ee-9bd0-e5d8c377681f&rurl=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpulsepoint%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D%25%25VGUID%25%25 HTTP 302
  • https://exchange.mediavine.com/usersync/redirect?partner=pulsepoint&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=tXCG8tgaSK9D&ev=7427dc00-a722-11ee-9bd0-e5d8c377681f&pid=562036
Request Chain 171
  • https://u.openx.net/w/1.0/cm?id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.mediavine.com/usersync/redirect?partner=openx&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId= HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.mediavine.com/usersync/redirect?partner=openx&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=
Request Chain 172
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17404&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17404&endpoint=us-east
Request Chain 175
  • https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dtriplelift%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dtriplelift%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D%24UID HTTP 302
  • https://exchange.mediavine.com/usersync/redirect?partner=triplelift&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=3610331112224181422439
Request Chain 176
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193478&cb=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3DindexExchange%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3DindexExchange%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D&s=193478&C=1 HTTP 302
  • https://exchange.mediavine.com/usersync/redirect?partner=indexExchange&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=ZZAtsDWU3MR7QbQeOCmP9AAA%261420
Request Chain 178
  • https://contextual.media.net/cksync.php?cs=19&type=mdv&ovsid=7427dc00-a722-11ee-9bd0-e5d8c377681f&us_privacy=1---&redirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dmediadotnet%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D%3Cvsid%3E HTTP 302
  • https://exchange.mediavine.com/usersync/redirect?partner=mediadotnet&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=3469492926465194000V10
Request Chain 179
  • https://match.sharethrough.com/universal/v1?supply_id=47b99924&us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dsharethrough%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D HTTP 302
  • https://exchange.mediavine.com/usersync/redirect?partnerId=5b730dc2-93d3-4f06-9265-105364495611&partner=sharethrough
Request Chain 180
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dsovrn%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dsovrn%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D%24UID&sovrn_retry=true HTTP 307
  • https://exchange.mediavine.com/usersync/redirect?partner=sovrn&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=H6HYiLZHd5pThMccSmegS3gY
Request Chain 181
  • https://secure.adnxs.com/getuid?https://exchange.mediavine.com/usersync/redirect?partner=appnexus&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dappnexus%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D%24UID HTTP 302
  • https://exchange.mediavine.com/usersync/redirect?partner=appnexus&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=2963816996209011993
Request Chain 182
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dmediagrid%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=1---&user_id=7427dc00-a722-11ee-9bd0-e5d8c377681f HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dmediagrid%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=1---&user_id=7427dc00-a722-11ee-9bd0-e5d8c377681f HTTP 302
  • https://exchange.mediavine.com/usersync/redirect?partner=mediagrid&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=1b5adac0-e56f-4876-8fdb-b83d18162df4
Request Chain 185
  • https://ice.360yield.com/server_match?&partner_id=1625&r=https://exchange.mediavine.com/usersync/redirect?partner=improvedigital&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId={PUB_USER_ID} HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?&partner_id=1625&r=https://exchange.mediavine.com/usersync/redirect?partner=improvedigital&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=%7BPUB_USER_ID%7D HTTP 302
  • https://exchange.mediavine.com/usersync/redirect?partner=improvedigital&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=669f73d2-b4d0-43df-9fbc-0799d95effcd
Request Chain 186
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1mahn14&ttd_puid=7427dc00-a722-11ee-9bd0-e5d8c377681f&ttd_tpi=1&rurl=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dthe_trade_desk%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D%25%25TDID%25%25 HTTP 302
  • https://exchange.mediavine.com/usersync/redirect?partner=the_trade_desk&type=pixel&partnerId=ae9fa611-1916-4d55-ab82-f7eea3328191 HTTP 302
  • https://exchange.mediavine.com/pixel.gif
Request Chain 200
  • https://sb.scorecardresearch.com/b?c1=2&c2=27053452&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1703947691763&ns_c=UTF-8&c7=https%3A%2F%2Fcnz.to%2F&c8=Chocolate%20%26%20Zucchini%20%7C%20Simple%20Recipes%20from%20my%20Paris%20Kitchen&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=27053452&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1703947691763&ns_c=UTF-8&c7=https%3A%2F%2Fcnz.to%2F&c8=Chocolate%20%26%20Zucchini%20%7C%20Simple%20Recipes%20from%20my%20Paris%20Kitchen&c9=
Request Chain 204
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=e1e3582e-9af3-0db0-137b-cddb1c422e29 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokZTFlMzU4MmUtOWFmMy0wZGIwLTEzN2ItY2RkYjFjNDIyZTI5EAAaDQir28CsBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=41c73c5780330c1b6d98a3df183dea6e9523d8e5b5340bdbff93e513d736f370791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA0MWM3M2M1NzgwMzMwYzFiNmQ5OGEzZGYxODNkZWE2ZTk1MjNkOGU1YjUzNDBiZGJmZjkzZTUxM2Q3MzZmMzcwNzkxNDI2YjU0MTdkY2UyMRAAGgwIrNvArAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA0MWM3M2M1NzgwMzMwYzFiNmQ5OGEzZGYxODNkZWE2ZTk1MjNkOGU1YjUzNDBiZGJmZjkzZTUxM2Q3MzZmMzcwNzkxNDI2YjU0MTdkY2UyMRAAGgwIrNvArAYSBAgCEABCAEoA&google_error=3 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=0b61be16-f575-498c-bd89-0fdf40e6b9ce
Request Chain 205
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=5659502509214791558
Request Chain 206
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4241110474002595656&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 207
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZZAtrgAKzRwSbwBd HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZAtrgAKzRwSbwBd&_test=ZZAtrgAKzRwSbwBd
Request Chain 209
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ecf35b35-4b1e-802a-8c0c-cfbf4dea8411 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ecf35b35-4b1e-802a-8c0c-cfbf4dea8411&dcc=t
Request Chain 210
  • https://match.adsrvr.org/track/cmf/openx?oxid=b4252748-57b4-3bd0-4c02-4d2825d94ff1&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=ae9fa611-1916-4d55-ab82-f7eea3328191&ttd_puid=b4252748-57b4-3bd0-4c02-4d2825d94ff1&gdpr=0&gdpr_consent=
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTg0YWY0ODItOWVjMy02NTc0LTU5ZTItMTc5MWVmM2I4MTkx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTg0YWY0ODItOWVjMy02NTc0LTU5ZTItMTc5MWVmM2I4MTkx&google_tc=
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIijdUGW6EtTDa17g4l0x4o&google_cver=1
Request Chain 217
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=b88e34e8-ef93-4d51-afac-7b807bd1ac74&gdpr=0&gdpr_consent=
Request Chain 218
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26uid%3DSMART_USER_ID%26gdpr_pd%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=2833654250881570906&gdpr_pd=0&gdpr=0&gdpr_consent=
Request Chain 219
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=td36KrGMon6u3vB_u97uIrWO9Syu2KEt5Y7vG0Xr
Request Chain 220
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACVt07LIFsAABOibw3ZwQ&partnerid=127&gdpr=0
Request Chain 225
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17404&khaos=LQS6GMOO-13-GYA2 HTTP 302
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQS6GMOO-13-GYA2
Request Chain 226
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TAnSfcCYQ9aS1DMIlVaorg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TAnSfcCYQ9aS1DMIlVaorg
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJNKj4fIIFWvBbzKQbMzAFM&google_cver=1
Request Chain 228
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQS6GMOO-13-GYA2
Request Chain 229
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=J63BxSwXT9aRir_xvmXpnQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=J63BxSwXT9aRir_xvmXpnQ
Request Chain 230
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODhiM2UzMzhmZmNhMjNhZjZjMWM4MDMzOWZjM2JlN2ZkYzE1NTdhNQ
Request Chain 231
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFTNkdNT08tMTMtR1lBMg== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFJOd_QGoi7F_IwehtGeAhM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFTNkdNT08tMTMtR1lBMg==&google_push=
Request Chain 232
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQS6GMOO-13-GYA2&ex=d-rubiconproject.com&status=ok
Request Chain 233
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ae9fa611-1916-4d55-ab82-f7eea3328191&gdpr=0&gdpr_consent=&expires=30
Request Chain 234
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/MBAcc9pNvoCKoJaj04xSssn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WXvS7MFE2oKQEIVt5WNju9Qwaz4UnTt8_5XwNw--~A
Request Chain 235
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACVt07LIFsAABOibw3ZwQ&expires=30
Request Chain 236
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQS6GMOO-13-GYA2&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQS6GMOO-13-GYA2&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 237
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQS6GMOO-13-GYA2&redir=true
Request Chain 238
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LQS6GMOO-13-GYA2
Request Chain 239
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQS6GMOO-13-GYA2
Request Chain 240
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5424119b-601b-4303-9302-c674017cde11&expires=30
Request Chain 241
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQS6GMOO-13-GYA2
Request Chain 261
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=abab13ad-05ce-079e-3a97-d669c1eb41c0&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:d315bb6d79becfd911c66fcbff551b2d
Request Chain 262
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=a3OtdP4ygv6qdgGf9sB1Sw==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 263
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=7546a3af-2181-4724-952e-e7e8c84f055b
Request Chain 264
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=ea0cb69f-fd08-4957-b853-f508bc735d02-65902db0-5553&gdpr=0&gdpr_consent=
Request Chain 265
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=b25b54b4-0cb3-0657-06e3-d5fe16558efd HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=b25b54b4-0cb3-0657-06e3-d5fe16558efd
Request Chain 266
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=abab13ad-05ce-079e-3a97-d669c1eb41c0&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:d315bb6d79becfd911c66fcbff551b2d
Request Chain 267
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=a3OtdP4ygv6qdgGf9sB1Sw==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 268
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=1f2ab506-7b61-4110-9343-c48701588d22
Request Chain 269
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=ea0cb69f-fd08-4957-b853-f508bc735d02-65902db0-5553&gdpr=0&gdpr_consent=
Request Chain 270
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=b25b54b4-0cb3-0657-06e3-d5fe16558efd HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=b25b54b4-0cb3-0657-06e3-d5fe16558efd
Request Chain 271
  • https://feed.pghub.io/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fcnz.to%2F&owner=P%26G&bp_id=mediavine&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22Food%20%26%20Drink%22%2C%22subcategory%22%3A%22Food%20%26%20Drink%22%7D HTTP 302
  • https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fcnz.to%2F&owner=P%26G&bp_id=mediavine&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22Food%20%26%20Drink%22%2C%22subcategory%22%3A%22Food%20%26%20Drink%22%7D
Request Chain 289
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENG20CJtEDcDIZCzwdp8ht4&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENG20CJtEDcDIZCzwdp8ht4&google_cver=1&C=1
Request Chain 290
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZAtr6yzX0QvgfmWsP6.BAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENG20CJtEDcDIZCzwdp8ht4&google_cver=1&google_hm=2
Request Chain 291
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPdie72k4OaklV4hHJXd4y0&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPdie72k4OaklV4hHJXd4y0%26google_cver%3D1
Request Chain 292
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1OTUwMjUwOTIxNDc5MTU1OA%3D%3D
Request Chain 293
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECLyhz_rf4jBrO89J9HLXX4&google_cver=1&google_push=AXcoOmTt3_Can6Dm2q1_ejm5V9lmpUJC9OPAtxpAWIYU_tYFj1dOI2LmBd-WuhXESbzGB59SWkP5jOO1RAaA1-FfdaEWpOK3GZ_9 HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=75ebd1b971e1055&is_secure=true&networkId=14000&version=1&google_gid=CAESECLyhz_rf4jBrO89J9HLXX4&google_cver=1&google_push=AXcoOmTt3_Can6Dm2q1_ejm5V9lmpUJC9OPAtxpAWIYU_tYFj1dOI2LmBd-WuhXESbzGB59SWkP5jOO1RAaA1-FfdaEWpOK3GZ_9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGV0LWNX6jXQMhqzMqAAAAAAA&expiration=1704034099&google_cver=1&is_secure=true&google_gid=CAESECLyhz_rf4jBrO89J9HLXX4&google_push=AXcoOmTt3_Can6Dm2q1_ejm5V9lmpUJC9OPAtxpAWIYU_tYFj1dOI2LmBd-WuhXESbzGB59SWkP5jOO1RAaA1-FfdaEWpOK3GZ_9
Request Chain 294
  • https://a.c.appier.net/gcm?google_gid=CAESEFuSgjO-vd8na0_DotWdNV4&google_cver=1&google_push=AXcoOmSedpAEQ5-7YyrghXf7o9B2Ey7rdw_8-TrZLw3KcqwleYRczk8ulkEa_w3DjyQ-lw8dEKnjyZOhVdww7kkBbtvSvI3F_6E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bHZEWjZtaE5BV0NHakJ0dnNTMlFaUQ%3D%3D&google_push=AXcoOmSedpAEQ5-7YyrghXf7o9B2Ey7rdw_8-TrZLw3KcqwleYRczk8ulkEa_w3DjyQ-lw8dEKnjyZOhVdww7kkBbtvSvI3F_6E
Request Chain 295
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPWGlfBHd2Se2S4Q0HmuFT8&google_cver=1&google_push=AXcoOmRW8p-NfmVcC39tNQtchVQt23Nq1O_R5Kur-xj_P-0sFM-vZxB-mcpI2ezxlFPBezRT9_8bGji8U7bihtrOXZJnOYhvgeA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRW8p-NfmVcC39tNQtchVQt23Nq1O_R5Kur-xj_P-0sFM-vZxB-mcpI2ezxlFPBezRT9_8bGji8U7bihtrOXZJnOYhvgeA&google_hm=G1rawOVvSHaP27g9GBYt9A==
Request Chain 296
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEEdxo049SNh3xNGuaqiULc8&c_param1=AXcoOmQTehY_o9qUG9fB_VKwFM4d1b9SP287zDLV9uJfraE9HvKSUvcmVSehkiNoweslzJCsugUIzRdWmymp4_oKECqT2j7VmN_R&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQTehY_o9qUG9fB_VKwFM4d1b9SP287zDLV9uJfraE9HvKSUvcmVSehkiNoweslzJCsugUIzRdWmymp4_oKECqT2j7VmN_R
Request Chain 297
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESENqahe8Fd3bkYR8jZrhyGfM&google_cver=1&google_push=AXcoOmR3jaydBzSJ9qVyXPJeEOu9glj5Ap-GKgEH1y4P3afdoX82U3x7CqPQupJsK2pUfDPrHITvvANCqz3vtkWT5wEuCMctltQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmR3jaydBzSJ9qVyXPJeEOu9glj5Ap-GKgEH1y4P3afdoX82U3x7CqPQupJsK2pUfDPrHITvvANCqz3vtkWT5wEuCMctltQ&google_hm=WlpBdHM4Q284WDBBQUthLVFNd0FBQUFB
Request Chain 298
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECuieq6WbBOlXga96NunhTQ&google_cver=1&google_push=AXcoOmRVEqzKU7QrfB_cnaaXaRb3qPyT8gK2ueNLCF0r126HZiQVBblsoJk3h8x4sPSsTgqcRyh4lP0-e_daVd9I5zSEI4M9wxx40Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRVEqzKU7QrfB_cnaaXaRb3qPyT8gK2ueNLCF0r126HZiQVBblsoJk3h8x4sPSsTgqcRyh4lP0-e_daVd9I5zSEI4M9wxx40Q HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 299
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEBmMhRvIPBzMaGDvHjxFyK0&google_cver=1&google_push=AXcoOmRUeQmdNz_6rEyLEhOWh-XO9obw3ghG6Cm3OTXGy-we0v_aC5-S6vl-RYftULXtXnBU94Pt_xStcEFg2y2Y-h2DCrRzEhL23A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRUeQmdNz_6rEyLEhOWh-XO9obw3ghG6Cm3OTXGy-we0v_aC5-S6vl-RYftULXtXnBU94Pt_xStcEFg2y2Y-h2DCrRzEhL23A
Request Chain 323
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESECh4cNY4aUpNyOH72Dl7M0w&google_cver=1
Request Chain 324
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=U2QzUVlTNDJwNVk
Request Chain 325
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJNKj4fIIFWvBbzKQbMzAFM&google_cver=1
Request Chain 326
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODhiM2UzMzhmZmNhMjNhZjZjMWM4MDMzOWZjM2JlN2ZkYzE1NTdhNQ
Request Chain 331
  • https://fw.adsafeprotected.com/rfw/st/1298974/68196513/4.js?adContainerId=gcc_ri2QZbOdJOLD6toPoJKUwAo&cbFunctionName=goog_wrapCb_ri2QZbOdJOLD6toPoJKUwAo&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fcnz.to&adsafe_type=y&adsafe_url=https%3A%2F%2Fcnz.to%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:408a6d4a-259f-badd-b9cc-791dd0d5ea17,c:ygbzzD,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7949887ccd-8lsh8,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tZVYSKJ+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o*.1298974-68196513%7C1o1%7C1o2%7C1o31%7C1p11%7C1q%7C1r,idMap:1o*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.qs.bi,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:29,oid:76c89eed-a722-11ee-936d-265e10b10f22,v:19.8.466,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=gcc_ri2QZbOdJOLD6toPoJKUwAo&cbFunctionName=goog_wrapCb_ri2QZbOdJOLD6toPoJKUwAo&true_pb=
Request Chain 339
  • https://fw.adsafeprotected.com/rfw/bgd/1552256/76024099/xbbe/creative/adj?p=APEucNU94AhH1VI5SjcCs-l8VmeMAUHybXvi-gFWwJKtswzisY_-ZP8&d=CokBAKAmf-BUeYD0aNTygpasvcodkacXP8civ4kd6_i6BGb7JHj79IA_f0jHWADCT7R9X2cPw_G-s28u84mVWV-LFtXADDA5RCCKMQS2ENfgSIJhnSFURVBLrYX2H9K13Y-V3nc-D0zb0VtoC-fTshY8FZ9_lhHIFTPJATnB0wNcdEwMnPBJalGV_goSiQ4AoCZ_4OMvo8tmbuHbxJDTHmZjszBni024kbZYIpLP8UZONmuUU53vZUgHvyR_fTElkGT3ePB3iApICflv009mRL_bPzeZ6X4zxC6bgG7YRoRHsW5TRljepPx8h_OxrVhHRbr67ngzcVlf41YhzNpChDzzfqAVP-xLVnu3_wbOnC9aiDbydreLdYV-bYyyqmdLX_G2SqcdC-IQkVwerGgAcXKYaxdkgWO00wbTv_x_KPlwPpr94RMXAe1KDYu5jQQcBmEAFbngkCzniilhp9yu-zluXcgZGCjB62qusjdPIDpSzl9i7xKKNa2D3EzBoniiGoz8IMqiBKJ1wSBvUHgxrfrlUKc9hIz8-8AqsQcYMdeRFNXl9BZzRFN28S05DyrajO7Dq1tu8fn-Kq8E7eUwF8SNZfPYvzxKq8v6PBmrjL_xj5xY_czSj8GPOpRdAUtAfqN5C0DtmjOQKM9LHtazYbUYCKS11ySc8Df8LQXbjknFEa2zrWK8d0yJ2g4a6vzY4aLY9YvrOgtdIk5SQo_2n5moMP-JnmmSdRrwweL6rzirVDt4WnOJ6E5YkFQkdWjkhaYMFhJNCYWEdmwkaL-bjz_-YYIemrdWFQXPfgQoZU6Q_FBGYDMBTD6WsZMOEXPXeW4AC-z9nOyJh_bYvA0OXSVZ0D0h9TdrGOHC_J5Z5LTiBkq2RNhUyTfin_7J-iXf9edgYJ3uU3Lc-E5G9_hAv8QtiqC17BINUtEDBWncVHReUra8d1fUZtbraOVztfDcqxh5o9msom7bnwIQ9joXMddImc8emlTlyV2d_V1229yDXfSt1qiIuKa3T2x-eANBO54mz0rUC1GohkKJwgEc4zGjsvt0e1-yDpk12WWgeu6wbErm85LKh5t7rRtliJl_vWuJCvovqCoilJn1Zjuw8a9YRSKv_y-b_aoxe6Y-QkSs0sXe1JABEOO0fDz5nCikneU16nSc4ari2s7qnW78MPMonn0Bu2zmx5EA-1mxPo5p55uqUX9hO2KGZrETjMXc1_mNXGYv-FMc5OEWRetvhcl0CzoF5Ci1DG1j5GYKKcnEiNm0YH0qrM0XIJxWs5Sil3yklzj8Xu25BRE7q4-kEqQ02g3LbWUdvm-E8fNxDlZvr07nWZs136IXaO1nmUwkKwazTimYoT5VGEg8CJcJByAgPxwVa1qpMqQMgqzhF0v09d_sOopD9G6KU1tr6PzNC_YDkzhseb0GSLwMZ9A8n-J-x6jpGIiANxD1oC60yb3Pt_sVjPR5B2rdLFIxzWQIdNfdjeQJXX85RvcQGT82FprtuxSFF9L0MZwUSqE_Mm4EFltzst4Z1iBg-b9mhCboBSC2w3xSgF_IzuJz0tUsfNyokHaI_fW3n6hJxjp53n5OXfHhfRi5icEu3nSxEvu7rPC6oFaH286d9WNUKCbklyVXYmk_O6Pxf2hZvgJxQ6adsC34Z61Dse1U9Rb9T0tPx81gOR-Rn9NJOCiwU_VmsFhwzBuDHnR1H5pk03lPItcxzoBlHYF7iuCqSmEHsxJfzRheCcKYpHupkOulEVjGbxhtCPar8hD-6T02T6WU81elEymtF3p3rTahh9uIq0U4k4mDDiU6pwnZaIteMLqL4PQvZ-TBZTcMz5fk0N2UDPpt0XPV0wfCHYMfmydr13ndkw_Of0N6pElh8xqkCDmrNFH1FWIMRQqDUZPuhgKiNYMdtl3QmO2Jd8ep30S4slZMnHjWgkFpw3UEWtuJLMkXohWDrvfNg4NtoZJdJLRlw1VJRDM-6M7UXzb-bvWsISw_gr3nqoFzfHzK_P0eZUimiTtUGvt5V_QaB3NpFHPyBslQQ89BsFU0LvrpWpViJadpUpODsJTqkO3Hq8-R8lRw194Wv7C97HomzirA2Jgq5yik1I2qpmIGSwvFtsePdBnqmS3wK5Pj8b0kVDg00MRAqptfNANLxYOesbROZWESX2vniP47lwHknM-jc2RQilyDWrRftu2verKBplTpjEeFtm1tvaqBflNnaYvocAFF1qmo0ic2zntv2VVow5fmoibW-qclI60V75e9Xc-qT8HXHRl8RR7x1GWIHQqjBkgE2-Z1HV4sQfNGQ_ZIuj5hcEyJ78m-s6-_U-9DDHnH0jIple57I78cWs0OHFrt1cG7PlG4AZc8PWNe5IOnFRwaI2sQ55RHwGKe414bHrFUlaJe87jhF7NirCPLMABaJM0pVKByosoAEmD4_Yw5w_HM6s3e0TdDCqg-La7AcYdULBLzNloyqKah0UH64knmibMwFprazD4_rynXcnezEVyvjc8yw5qUilV4lJANkYGQyzFowbI1fWpNwp-cWUBomLTx0UVsf8Wp_w8qqdPTbsrMZHLjRrBOXUU0VHvbszQKaTEVINv_xDK57GZyGk8IBBJJAC8eF_-vCPauUU4pko1djivWY0xsMm8o6BBbVy5yhYuaRBQmGasfkdfzp94vbaVwUNoxNr5qdDkejQpYQTdpIck84obtOOXPShgBYAE&bundleId=&ias_dspID=3&ias_campId=1013483123&ias_pubId=193478&ias_chanId=13&ias_placementId=20367901655&bidurl=https://cnz.to/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iTp2dZ0dGdFygba4gkfklQ&adsafe_url=https%3A%2F%2Fcnz.to&adsafe_type=g&adsafe_url=https%3A%2F%2Fcnz.to%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:871837eb-91dc-86a4-fc86-9c9b3d1bbaf0,c:ygbzB2,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7949887ccd-hzpvv,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.320.100,am:i,cc:NaN.NaN.320.100,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:rHRbA1,mtim:4,mot:0,app:0,maw:0,fm:tZVYSMa+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o31%7C1o4%7C1p1*.1552256-76024099%7C1p11%7C1q%7C1r1,idMap:1p1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us.bi,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:27,oid:76c89ea5-a722-11ee-940d-b25f653e03f1,v:19.8.466,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNU94AhH1VI5SjcCs-l8VmeMAUHybXvi-gFWwJKtswzisY_-ZP8&d=CokBAKAmf-BUeYD0aNTygpasvcodkacXP8civ4kd6_i6BGb7JHj79IA_f0jHWADCT7R9X2cPw_G-s28u84mVWV-LFtXADDA5RCCKMQS2ENfgSIJhnSFURVBLrYX2H9K13Y-V3nc-D0zb0VtoC-fTshY8FZ9_lhHIFTPJATnB0wNcdEwMnPBJalGV_goSiQ4AoCZ_4OMvo8tmbuHbxJDTHmZjszBni024kbZYIpLP8UZONmuUU53vZUgHvyR_fTElkGT3ePB3iApICflv009mRL_bPzeZ6X4zxC6bgG7YRoRHsW5TRljepPx8h_OxrVhHRbr67ngzcVlf41YhzNpChDzzfqAVP-xLVnu3_wbOnC9aiDbydreLdYV-bYyyqmdLX_G2SqcdC-IQkVwerGgAcXKYaxdkgWO00wbTv_x_KPlwPpr94RMXAe1KDYu5jQQcBmEAFbngkCzniilhp9yu-zluXcgZGCjB62qusjdPIDpSzl9i7xKKNa2D3EzBoniiGoz8IMqiBKJ1wSBvUHgxrfrlUKc9hIz8-8AqsQcYMdeRFNXl9BZzRFN28S05DyrajO7Dq1tu8fn-Kq8E7eUwF8SNZfPYvzxKq8v6PBmrjL_xj5xY_czSj8GPOpRdAUtAfqN5C0DtmjOQKM9LHtazYbUYCKS11ySc8Df8LQXbjknFEa2zrWK8d0yJ2g4a6vzY4aLY9YvrOgtdIk5SQo_2n5moMP-JnmmSdRrwweL6rzirVDt4WnOJ6E5YkFQkdWjkhaYMFhJNCYWEdmwkaL-bjz_-YYIemrdWFQXPfgQoZU6Q_FBGYDMBTD6WsZMOEXPXeW4AC-z9nOyJh_bYvA0OXSVZ0D0h9TdrGOHC_J5Z5LTiBkq2RNhUyTfin_7J-iXf9edgYJ3uU3Lc-E5G9_hAv8QtiqC17BINUtEDBWncVHReUra8d1fUZtbraOVztfDcqxh5o9msom7bnwIQ9joXMddImc8emlTlyV2d_V1229yDXfSt1qiIuKa3T2x-eANBO54mz0rUC1GohkKJwgEc4zGjsvt0e1-yDpk12WWgeu6wbErm85LKh5t7rRtliJl_vWuJCvovqCoilJn1Zjuw8a9YRSKv_y-b_aoxe6Y-QkSs0sXe1JABEOO0fDz5nCikneU16nSc4ari2s7qnW78MPMonn0Bu2zmx5EA-1mxPo5p55uqUX9hO2KGZrETjMXc1_mNXGYv-FMc5OEWRetvhcl0CzoF5Ci1DG1j5GYKKcnEiNm0YH0qrM0XIJxWs5Sil3yklzj8Xu25BRE7q4-kEqQ02g3LbWUdvm-E8fNxDlZvr07nWZs136IXaO1nmUwkKwazTimYoT5VGEg8CJcJByAgPxwVa1qpMqQMgqzhF0v09d_sOopD9G6KU1tr6PzNC_YDkzhseb0GSLwMZ9A8n-J-x6jpGIiANxD1oC60yb3Pt_sVjPR5B2rdLFIxzWQIdNfdjeQJXX85RvcQGT82FprtuxSFF9L0MZwUSqE_Mm4EFltzst4Z1iBg-b9mhCboBSC2w3xSgF_IzuJz0tUsfNyokHaI_fW3n6hJxjp53n5OXfHhfRi5icEu3nSxEvu7rPC6oFaH286d9WNUKCbklyVXYmk_O6Pxf2hZvgJxQ6adsC34Z61Dse1U9Rb9T0tPx81gOR-Rn9NJOCiwU_VmsFhwzBuDHnR1H5pk03lPItcxzoBlHYF7iuCqSmEHsxJfzRheCcKYpHupkOulEVjGbxhtCPar8hD-6T02T6WU81elEymtF3p3rTahh9uIq0U4k4mDDiU6pwnZaIteMLqL4PQvZ-TBZTcMz5fk0N2UDPpt0XPV0wfCHYMfmydr13ndkw_Of0N6pElh8xqkCDmrNFH1FWIMRQqDUZPuhgKiNYMdtl3QmO2Jd8ep30S4slZMnHjWgkFpw3UEWtuJLMkXohWDrvfNg4NtoZJdJLRlw1VJRDM-6M7UXzb-bvWsISw_gr3nqoFzfHzK_P0eZUimiTtUGvt5V_QaB3NpFHPyBslQQ89BsFU0LvrpWpViJadpUpODsJTqkO3Hq8-R8lRw194Wv7C97HomzirA2Jgq5yik1I2qpmIGSwvFtsePdBnqmS3wK5Pj8b0kVDg00MRAqptfNANLxYOesbROZWESX2vniP47lwHknM-jc2RQilyDWrRftu2verKBplTpjEeFtm1tvaqBflNnaYvocAFF1qmo0ic2zntv2VVow5fmoibW-qclI60V75e9Xc-qT8HXHRl8RR7x1GWIHQqjBkgE2-Z1HV4sQfNGQ_ZIuj5hcEyJ78m-s6-_U-9DDHnH0jIple57I78cWs0OHFrt1cG7PlG4AZc8PWNe5IOnFRwaI2sQ55RHwGKe414bHrFUlaJe87jhF7NirCPLMABaJM0pVKByosoAEmD4_Yw5w_HM6s3e0TdDCqg-La7AcYdULBLzNloyqKah0UH64knmibMwFprazD4_rynXcnezEVyvjc8yw5qUilV4lJANkYGQyzFowbI1fWpNwp-cWUBomLTx0UVsf8Wp_w8qqdPTbsrMZHLjRrBOXUU0VHvbszQKaTEVINv_xDK57GZyGk8IBBJJAC8eF_-vCPauUU4pko1djivWY0xsMm8o6BBbVy5yhYuaRBQmGasfkdfzp94vbaVwUNoxNr5qdDkejQpYQTdpIck84obtOOXPShgBYAE&bundleId=&ias_xappb=
Request Chain 372
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZAtr6yzX0QvgfmWsP6.BAAA%261351&gpdr=&gdpr_consent=&us_privacy=&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=DBABzw~1---~BqgAAAAAAgA&bidder_uuid=ZZAtr6yzX0QvgfmWsP6.BAAA%261351&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=172f0ee4dc514afd9bb1280f435372c7 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=172f0ee4-dc51-4afd-9bb1-280f435372c7 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=48b12a2e-bad8-4687-af8f-2e19bbf7b62b%3A1703947698.0510182&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D48b12a2e-bad8-4687-af8f-2e19bbf7b62b%253A1703947698.0510182%26_%3D1703947698.0542147&cb=1703947698.0542467 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=969188723640060651&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D48b12a2e-bad8-4687-af8f-2e19bbf7b62b%253A1703947698.0510182%26_%3D1703947698.0542147 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=48b12a2e-bad8-4687-af8f-2e19bbf7b62b%3A1703947698.0510182&_=1703947698.0542147 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOaxWao0w9ttB6JC-xpYTRE&google_cver=1
Request Chain 374
  • https://match.adsrvr.org/track/cmf/casale?gpp=DBABzw~1---~BqgAAAAAAgA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ae9fa611-1916-4d55-ab82-f7eea3328191&expiration=1706539696&gdpr=0&gdpr_consent=
Request Chain 375
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZAtr6yzX0QvgfmWsP6-BAAABUcAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=&google_gid=CAESEG4YuTkTNFgva5v_ZOcwO6s&google_cver=1
Request Chain 377
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gpp=DBABzw~1---~BqgAAAAAAgA HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=643de0dc3b4911fa&is_secure=true&networkId=19998&version=1&gpp=DBABzw%7E1---%7EBqgAAAAAAgA HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGYvwrWNKbGQMTxduMAAAAAAA&expiration=1704034097&gpp=DBABzw~1---~BqgAAAAAAgA&is_secure=true
Request Chain 378
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gpp=DBABzw~1---~BqgAAAAAAgA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZAtrgAKzRwSbwBd&gpp=DBABzw~1---~BqgAAAAAAgA
Request Chain 380
  • https://um4.eqads.com/um/cs?gpp=DBABzw~1---~BqgAAAAAAgA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=8dcf15ef-e7fa-4910-9b99-301f709ccc14&expiration=1711810099
Request Chain 383
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEAFrRFFeiFrofTTdIRzgh_c&google_cver=1&google_push=AXcoOmT6goEmAgr1N87Ge2vEBtwq71cksnsedg_1xWZ6oVEMvNs-Icm2cUQEfXJDshRAtSWGBT3376WgirCn7CXRPfVEvkVjHxq1&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT6goEmAgr1N87Ge2vEBtwq71cksnsedg_1xWZ6oVEMvNs-Icm2cUQEfXJDshRAtSWGBT3376WgirCn7CXRPfVEvkVjHxq1%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAFrRFFeiFrofTTdIRzgh_c&google_cver=1&google_push=AXcoOmT6goEmAgr1N87Ge2vEBtwq71cksnsedg_1xWZ6oVEMvNs-Icm2cUQEfXJDshRAtSWGBT3376WgirCn7CXRPfVEvkVjHxq1&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT6goEmAgr1N87Ge2vEBtwq71cksnsedg_1xWZ6oVEMvNs-Icm2cUQEfXJDshRAtSWGBT3376WgirCn7CXRPfVEvkVjHxq1%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 384
  • https://um.simpli.fi/gp_match?google_gid=CAESEA3exreLDS83O4-h4eRjtX8&google_cver=1&google_push=AXcoOmQzs81c7svr_eOx4_UiUK8Ma_BHFIIg8CLs5UtIndZT7aU4Tg51z2LSiLuVxGrbp784ohNkC3yx-iYN2ukOOMd17G5sJvLj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E2B2A44A78974F3394C09F6A59216CFD&google_push=AXcoOmQzs81c7svr_eOx4_UiUK8Ma_BHFIIg8CLs5UtIndZT7aU4Tg51z2LSiLuVxGrbp784ohNkC3yx-iYN2ukOOMd17G5sJvLj
Request Chain 385
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRVSTfbcL1Pj-WhfCg2KWD_xtCfDIlXsldp6QVsxbhMQptcRerM7wgO7Kbg5Y73q_9tiEDDQ1GOWL_pgNP-_-TnpYro008&google_gid=CAESEI7EHzLz9BnJOWiLpdzk2C4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-4RESxqmCI5RMbFXdTT8orD0MrrWW1o8nttbyKw&google_push=AXcoOmRVSTfbcL1Pj-WhfCg2KWD_xtCfDIlXsldp6QVsxbhMQptcRerM7wgO7Kbg5Y73q_9tiEDDQ1GOWL_pgNP-_-TnpYro008
Request Chain 386
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEBh9wTTvqp7CdHJqk1IpISo&google_cver=1&google_push=AXcoOmRILNUaYjzYGnzXgxrqKWfIzi0p-Iu6j2MbdPq0ze7jRnE5WQaqsLgO1VlU5xmojehU0uVjIdoYjz2ptSA9PcmONnAE4SY HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEBh9wTTvqp7CdHJqk1IpISo&google_push=AXcoOmRILNUaYjzYGnzXgxrqKWfIzi0p-Iu6j2MbdPq0ze7jRnE5WQaqsLgO1VlU5xmojehU0uVjIdoYjz2ptSA9PcmONnAE4SY&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRILNUaYjzYGnzXgxrqKWfIzi0p-Iu6j2MbdPq0ze7jRnE5WQaqsLgO1VlU5xmojehU0uVjIdoYjz2ptSA9PcmONnAE4SY&google_hm=T0ZsNGNzZHpKUFg1SnktOTUtcng=
Request Chain 387
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENx0bfkwoZA7sjJjKLNQsfs&google_cver=1&google_push=AXcoOmQZ3KmewdOkQAMnWOXJbz2xAvB_jFiQeqHizIJYfLihyNgEd12KjUC5qjSozc7PIAMDfad8ib7i2GwoKyv-sejo7uUsLe_x HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ4MTcyNzIxMzk1NDkxNzUwOTc3Mg%3D%3D&google_push=AXcoOmQZ3KmewdOkQAMnWOXJbz2xAvB_jFiQeqHizIJYfLihyNgEd12KjUC5qjSozc7PIAMDfad8ib7i2GwoKyv-sejo7uUsLe_x
Request Chain 388
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEL195Ib17P9MV9kfW37__fU&google_cver=1&google_push=AXcoOmTFJmR5LvkL4QZ17MDmVT4n34-qsq4p5MPzXb6uGnC_wOLhE4OTfQ3KefEtONAk-Bu86yoLNuXQN6vjwUBN2oZ8j7IvM8McBA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=654e5941-747b-486c-a326-9c9cd8f9789b&google_cver=1&google_gid=CAESEL195Ib17P9MV9kfW37__fU&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTFJmR5LvkL4QZ17MDmVT4n34-qsq4p5MPzXb6uGnC_wOLhE4OTfQ3KefEtONAk-Bu86yoLNuXQN6vjwUBN2oZ8j7IvM8McBA&gdpr=${GDPR}
Request Chain 389
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEBmMhRvIPBzMaGDvHjxFyK0&google_cver=1&google_push=AXcoOmSGfP9J84T4Fxmc2rEEjVSxr2GWrQlfk5DxKlgxUeIteCVUiYeg3dEL_RMtoyukg2iMcG9icRVXTdBs6LRo-eogQ_nx-9YWPQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSGfP9J84T4Fxmc2rEEjVSxr2GWrQlfk5DxKlgxUeIteCVUiYeg3dEL_RMtoyukg2iMcG9icRVXTdBs6LRo-eogQ_nx-9YWPQ
Request Chain 391
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIijdUGW6EtTDa17g4l0x4o&google_cver=1
Request Chain 392
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTg0YWY0ODItOWVjMy02NTc0LTU5ZTItMTc5MWVmM2I4MTkx
Request Chain 393
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEFH2Xn7hFdFKaX_snWjk9Ys&google_cver=1
Request Chain 394
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MzQ0MzczZTctZjMxZC00YjA5LWExNGEtMDExMGFiM2M2YWNm
Request Chain 396
  • https://fw.adsafeprotected.com/rfw/st/1298974/68196516/4.js?adContainerId=gcc_ry2QZdG_Nu_R6toP75CG8Ac&cbFunctionName=goog_wrapCb_ry2QZdG_Nu_R6toP75CG8Ac&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fcnz.to&adsafe_type=y&adsafe_url=https%3A%2F%2Fcnz.to%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:9a84b939-c383-32d0-2f35-37c294808147,c:ygbzIQ,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7949887ccd-ppnp4,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tZVYSTA+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1p11%7C1p12%7C1p131%7C1p141%7C1q%7C1r11%7C1s1%7C1t*.1298974-68196516%7C1t1%7C1t2%7C1t3,idMap:1t*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.qs.bi,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:50,oid:7721bbe5-a722-11ee-943c-ea5b1722c0a1,v:19.8.466,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=gcc_ry2QZdG_Nu_R6toP75CG8Ac&cbFunctionName=goog_wrapCb_ry2QZdG_Nu_R6toP75CG8Ac&true_pb=
Request Chain 430
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP8cdg__PDKru0eY1w_uBn8&google_cver=1&google_push=AXcoOmSrC7KhQwD9_6SBqbiktcknR97dRkEBSWkM3O26XU9iXUGO1Ovd763nNlwRmAH4Bz97W2eQRDtrBR7NMKycOejZ3ioc7Yo HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP8cdg__PDKru0eY1w_uBn8&google_cver=1&google_push=AXcoOmSrC7KhQwD9_6SBqbiktcknR97dRkEBSWkM3O26XU9iXUGO1Ovd763nNlwRmAH4Bz97W2eQRDtrBR7NMKycOejZ3ioc7Yo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SXdGWFJUbm8xUmpBRHE1&google_gid=CAESEP8cdg__PDKru0eY1w_uBn8&google_cver=1&google_push=AXcoOmSrC7KhQwD9_6SBqbiktcknR97dRkEBSWkM3O26XU9iXUGO1Ovd763nNlwRmAH4Bz97W2eQRDtrBR7NMKycOejZ3ioc7Yo
Request Chain 431
  • https://um.simpli.fi/gp_match?google_gid=CAESEA3exreLDS83O4-h4eRjtX8&google_cver=1&google_push=AXcoOmT5v4dPeBfgl_ElmBXMYYVPY6O80DUghDHGjoQrD7a-o3wvPp6tS7-1aEcyV42GQo_oLzoXA1484e8YzJVnF6zisiim27RM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D42EFDD7087845AF9680AB8957760C74&google_push=AXcoOmT5v4dPeBfgl_ElmBXMYYVPY6O80DUghDHGjoQrD7a-o3wvPp6tS7-1aEcyV42GQo_oLzoXA1484e8YzJVnF6zisiim27RM
Request Chain 432
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEC-hFb0XUuHNH1__ZV8fWB4&google_cver=1&google_push=AXcoOmRb8QIEWkTk0qNJQRGq-rU1oy2rB-4RQnJnLzLH95AovsQqcMv2pWRb0vJW-RLydS1JgOPpKH9_P1U50yCuPFV3-NkBZ-Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NGIzOWUwNDctMWE2Ni00ZWFmLTkxMjgtMjMxYWI5ZmQxZGRm&google_gid=CAESEC-hFb0XUuHNH1__ZV8fWB4&google_cver=1&google_push=AXcoOmRb8QIEWkTk0qNJQRGq-rU1oy2rB-4RQnJnLzLH95AovsQqcMv2pWRb0vJW-RLydS1JgOPpKH9_P1U50yCuPFV3-NkBZ-Q
Request Chain 433
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQdYipxMF1HNUCgB7_N6kZ23nLeSPghdbp0Yuc3w1vtCsXCqBGaLUjS8jANbIMN-xCkxH2wr_fs4I4WTRdN55qmo9Simv8%26google_hm%3D%5BUID%5D&google_gid=CAESENGLmYLkuYgsIWW0qTP0nBc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQdYipxMF1HNUCgB7_N6kZ23nLeSPghdbp0Yuc3w1vtCsXCqBGaLUjS8jANbIMN-xCkxH2wr_fs4I4WTRdN55qmo9Simv8&google_hm=a922f506-4180-4c4c-97fe-693780e706eb
Request Chain 434
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESENqahe8Fd3bkYR8jZrhyGfM&google_cver=1&google_push=AXcoOmRNlNrefZf7eqLlzz9soT3StF25l3CFni5ezIeF_pz7sWu4h1ptSC8_KUOBdzRjSXude4kwav3f02AhTdpNhKVd-PRlxuUM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRNlNrefZf7eqLlzz9soT3StF25l3CFni5ezIeF_pz7sWu4h1ptSC8_KUOBdzRjSXude4kwav3f02AhTdpNhKVd-PRlxuUM&google_hm=WlpBdHM4Q284WDBBQUthLVFOUUFBQUFB
Request Chain 435
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESELhNNFBE8FErlf0Af5uVMis&google_cver=1&google_push=AXcoOmTRp4HE05Lrs9tqOQJGxK9xkpC6APcqrtAVpI6hM5SG7sQZ_cauRgeYBRjBSa2uAPP-YfYTl4Zpe-xX5I3ndmOv2C2z0EHwAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZGFlMDhhMjMtZWQ1Ny00NWMxLWEzNDItZmUwMTdhOWIxYWYz&google_push=AXcoOmTRp4HE05Lrs9tqOQJGxK9xkpC6APcqrtAVpI6hM5SG7sQZ_cauRgeYBRjBSa2uAPP-YfYTl4Zpe-xX5I3ndmOv2C2z0EHwAA
Request Chain 436
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENNTdsFIfLoAttrGznMdE6Y&google_cver=1&google_push=AXcoOmSG6ydyjkFcTnVyGjCzW9VeEQcVQebCQnKhjrNU4-b-4TbX5uuVpVEhG30a2Beo1FUtndy5lSlVeqfQgSXlWCFdBaQXVdN1SQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=1b5adac0-e56f-4876-8fdb-b83d18162df4&%%GOOGLE_PUSH_PAIR%%
Request Chain 440
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=18694&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=18694&gdpr=0&gdpr_consent=
Request Chain 445
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252Fsync%252Fv1%253Fsource_id%253DuFFr5RFBYgoUJbWMAWGEZKS3%2526source_user_id%253D%2523PMUID&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252Fsync%252Fv1%253Fsource_id%253DuFFr5RFBYgoUJbWMAWGEZKS3%2526source_user_id%253D%2523PMUID&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTcyQUYzQ0MtMEY1Ri00NERDLUExNjYtRDk3Rjg3MUU2MzUw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 446
  • https://dis.criteo.com/dis/usersync.aspx?r=41&p=244&cp=sharethrough&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&url=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7658cb1d77a660882b48db06%26source_user_id%3D%40%40CRITEO_USERID%40%40&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-CjtswqmCI5RMbFXdTT8orD0MrrWtUtkP97iDww&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 448
  • https://cms.quantserve.com/pixel/p-_jQ037pSmtjhN.gif?idmatch=1&gdpr=0&gdpr_consent=&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=DgeRQgpWyRYVBJsXAASFSg5UnkQVAspFXlTa3sww
Request Chain 450
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=ae9fa611-1916-4d55-ab82-f7eea3328191&gdpr=0&gdpr_consent=
Request Chain 451
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2Stothm3wg5g6opTuaPadz9%26source_user_id%3D&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=7a46d275-e5f0-063d-09a9-6b622f12ed99
Request Chain 452
  • https://c1.adform.net/serving/cookie/match?party=1294&gdpr=0&gdpr_consent=&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1294&gdpr=0&gdpr_consent=&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=tYyXe2fcCnEgDUj176HQNZKu&source_user_id=6172223941383628484&gdpr=0&gdpr_consent=
Request Chain 453
  • https://sync.srv.stackadapt.com/sync?nid=15&gdpr=0&gdpr_consent=&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-9c15b727-5578-5f51-494b-e4101fd4cbe1$ip$185.213.80.43&gdpr=0&gdpr_consent=
Request Chain 454
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=YmE5YjQ4YmMtNWM0OC00ZmYzLTkxZmUtMjZkOWViZTJlMjcw&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid= HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Request Chain 455
  • https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=ZZAtrgAKzRwSbwBd
Request Chain 456
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=%24UID&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid= HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmatch.sharethrough.com%252Fsync%252Fv1%253Fsource_id%3D0e8893f90b606c9c5d33f1be%26gdpr%3D0%26gdpr_consent%3D%26source_user_id%3D%2524UID%26gpp%3DDBABzw%257E1---%257EBqgAAAAAAgA%26gpp_sid%3D HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=2963816996209011993&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=
Request Chain 460
  • https://pr-bh.ybp.yahoo.com/sync/sharethrough/ba9b48bc-5c48-4ff3-91fe-26d9ebe2e270?gdpr=0&gdpr_consent=&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=BVbSRuzbUWjBEF6bQrmLHKkX&source_user_id=y-6ZgXPoFE2oM4OZK6UsjgcJemeVf47OAncXxYOhAZ2TI2~A&gpp=DBABzw~1---~BqgAAAAAAgA
Request Chain 480
  • https://fw.adsafeprotected.com/rfw/st/1298974/68196516/4.js?adContainerId=gcc_sC2QZaKkD6qK6toP7KmJmAI&cbFunctionName=goog_wrapCb_sC2QZaKkD6qK6toP7KmJmAI&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fcnz.to&adsafe_type=y&adsafe_url=https%3A%2F%2Fcnz.to%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:88d3cac3-bcde-fc25-b33d-6d2dff0a2305,c:ygbzQq,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-7949887ccd-bb9zk,rg:va,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tZVYT1g+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1p11%7C1p12%7C1p13%7C1p141%7C1p15%7C1q%7C1r11%7C1s11%7C1s12%7C1s13%7C1s14%7C1t1%7C1t2%7C1t31%7C1t4%7C1u*.1298974-68196516%7C1u1%7C1u2%7C1u3,idMap:1u*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:45,oid:7764b819-a722-11ee-8372-faa9ea39486c,v:19.8.466,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=gcc_sC2QZaKkD6qK6toP7KmJmAI&cbFunctionName=goog_wrapCb_sC2QZaKkD6qK6toP7KmJmAI&true_pb=
Request Chain 482
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEJFo8VaQkCMKgfi2kCEZ1D4&google_cver=1
Request Chain 483
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBYEmCf84URCM7ux67UZ0b0&google_cver=1
Request Chain 490
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frtb-csync.smartadserver.com%252Fredir%252F%253Fissi%253D1%2526partnerid%253D86%2526partneruserid%253D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2963816996209011993&gdpr=0&gdpr_consent=
Request Chain 491
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=cd35ffb1-22a8-4e8c-916d-a6e93d3b2077&gdpr=0
Request Chain 492
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjgzMzY1NDI1MDg4MTU3MDkwNg==&gdpr=0&gdpr_consent=
Request Chain 493
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7318399637020932253&gdpr=0&gdpr_consent=
Request Chain 504
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6358375726502932821
Request Chain 505
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_2f29f0d2-2bcb-4331-8708-b92ac34b79eb&gdpr=&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=d5a10885-e7e9-48af-aefc-6b6be8bf5457&expires=1&user_group=2&ssp=gumgum2&bsw_param=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=&gdpr_consent=&us_privacy=
Request Chain 506
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=43188338-7fa1-0386-2b79-5dc5ed894eb7
Request Chain 507
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-9c15b727-5578-5f51-494b-e4101fd4cbe1$ip$185.213.80.43
Request Chain 508
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-hjRM5IFE2pdQzwzeRawd3W_wtE_GLusKppi8~A
Request Chain 509
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=5424119b-601b-4303-9302-c674017cde11
Request Chain 511
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_2f29f0d2-2bcb-4331-8708-b92ac34b79eb&gdpr=&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&puid=u_2f29f0d2-2bcb-4331-8708-b92ac34b79eb&s=2&us_privacy=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=Vs6NN-XJLUhrh03ZYYyz&us_privacy=1---
Request Chain 512
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=cCzRBpruGTaG&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Request Chain 513
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=2833654250881570906
Request Chain 515
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6358375726502932821
Request Chain 516
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_8de9abd7-6253-4d9b-96b2-646cf244fae8&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dgumgum2%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=gumgum2&user_id=7wV3pg_sjCQGtDJ4MOSp0 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=&gdpr_consent=&us_privacy=
Request Chain 517
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=43188338-7fa1-0386-2b79-5dc5ed894eb7
Request Chain 518
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-9c15b727-5578-5f51-494b-e4101fd4cbe1$ip$185.213.80.43
Request Chain 519
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-hjRM5IFE2pdQzwzeRawd3W_wtE_GLusKppi8~A
Request Chain 520
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=5424119b-601b-4303-9302-c674017cde11
Request Chain 522
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_8de9abd7-6253-4d9b-96b2-646cf244fae8&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=u_8de9abd7-6253-4d9b-96b2-646cf244fae8&s=2&us_privacy= HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=OFl4csdzJPX5Jy-95-rx&gdpr=0
Request Chain 523
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=jCQgeKmpJZtm&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Request Chain 524
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=2833654250881570906
Request Chain 526
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=1179816859700053156&gdpr=&gdpr_consent=
Request Chain 529
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=ae9fa611-1916-4d55-ab82-f7eea3328191
Request Chain 530
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZAtssCo8X0AAKa-QK8AAAAA
Request Chain 531
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=7RpKiJEwcRBLYinh3zAK6r9vZv2qo-Fnfw_kiB471q8&pi=gumgum&tc=1
Request Chain 532
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 533
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=6463982688388548906&gdpr=0&gdpr_consent=
Request Chain 536
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=ae9fa611-1916-4d55-ab82-f7eea3328191
Request Chain 537
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZAts8Co8X0AAKa-QLoAAAAA
Request Chain 538
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=7RpKiJEwcRBLYinh3zAK6r9vZv2qo-Fnfw_kiB471q8&pi=gumgum&tc=1
Request Chain 539
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 540
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent=&gdpr=0&khaos=LQS6GMOO-13-GYA2 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQS6GMOO-13-GYA2&gdpr=0
Request Chain 541
  • https://x.bidswitch.net/syncd?dsp_id=16&user_group=1&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dbidswitch_dbm%26google_hm%3D%24%7BBSW_UID_ENCODED%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_hm=MWI1YWRhYzAtZTU2Zi00ODc2LThmZGItYjgzZDE4MTYyZGY0
Request Chain 542
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&piggybackCookie=CAESELC1147cEPZgZr4tdYuCOrA&google_cver=1
Request Chain 543
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&p=360&gdpr=0&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpubmatic%26google_hm%3D%23%23B64_PM_UID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&p=360&gdpr=0&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpubmatic%26google_hm%3D%23%23B64_PM_UID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTcyQUYzQ0MtMEY1Ri00NERDLUExNjYtRDk3Rjg3MUU2MzUw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=156557&pr=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DuFFr5RFBYgoUJbWMAWGEZKS3%26source_user_id%3D972AF3CC-0F5F-44DC-A166-D97F871E6350&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=972AF3CC-0F5F-44DC-A166-D97F871E6350
Request Chain 600
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LQS6GMOO-13-GYA2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LQS6GMOO-13-GYA2
Request Chain 602
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=ae9fa611-1916-4d55-ab82-f7eea3328191&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 603
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzYxMDMzMTExMjIyNDE4MTQyMjQzOQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 604
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFSRgmuNaKFYcZuqUDjuqcs&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 605
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzYxMDMzMTExMjIyNDE4MTQyMjQzOQ%3D%3D
Request Chain 607
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2481727213954917509772?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-8fPEIiJE2oSiQdJQoiKLGb_tiCrLnIzyMJ5v6xYXKQ--~A&dongle=0883
Request Chain 608
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2481727213954917509772&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=triplelift&bsw_custom_parameter=1b5adac0-e56f-4876-8fdb-b83d18162df4 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=f97c712f-8434-4736-8165-dff7fb9eb5a8&ssp=triplelift&bsw_param=1b5adac0-e56f-4876-8fdb-b83d18162df4 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=1b5adac0-e56f-4876-8fdb-b83d18162df4&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 609
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=b88e34e8-ef93-4d51-afac-7b807bd1ac74&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 610
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2896712593121374864&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 614
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDVnQwN0xJRnNBQUJPaWJ3M1p3UQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AACVt07LIFsAABOibw3ZwQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACVt07LIFsAABOibw3ZwQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AACVt07LIFsAABOibw3ZwQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 307
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3D2256C19F18EE421DAF857A505503C3B3%26att%3D1%26pid%3D82%26cb%3Dhttps%253A%252F%252Fmatch.prod.bidr.io%252Fcookie-sync%253Fgdpr%253D0%2526gdpr%253D0%2526bee_sync_partners%253Dpm%2526bee_sync_current_partner%253Dsyn%2526bee_sync_initiator%253Dadx%2526bee_sync_hop_count%253D3%26uid%3D HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&nuid=2256C19F18EE421DAF857A505503C3B3&att=1&pid=82&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&uid=ZZAtsDWU3MR7QbQeOCmP9AAA%261420 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACVt07LIFsAABOibw3ZwQ&gdpr=0
Request Chain 615
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_cb216b4e293447c4b00c9
Request Chain 616
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2896712593121374864&gdpr=0&gdpr_consent=
Request Chain 618
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lyrzzA9fRNyhZtl_hx5jUA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 619
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=972AF3CC-0F5F-44DC-A166-D97F871E6350 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=7457a107-ff24-47bb-9883-05820d7eb0cc%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ae9fa611-1916-4d55-ab82-f7eea3328191&ttd_puid=7457a107-ff24-47bb-9883-05820d7eb0cc%2C%2C
Request Chain 622
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELC1147cEPZgZr4tdYuCOrA&google_cver=1
Request Chain 623
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D42EFDD7087845AF9680AB8957760C74
Request Chain 624
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ae9fa611-1916-4d55-ab82-f7eea3328191&gdpr=0&gdpr_consent=
Request Chain 627
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5424119b-601b-4303-9302-c674017cde11&gdpr=0&gdpr_consent=
Request Chain 628
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=972AF3CC-0F5F-44DC-A166-D97F871E6350&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=738f4e19a30e11d9&is_secure=true&networkId=17100&version=1&nuid=972AF3CC-0F5F-44DC-A166-D97F871E6350&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGYvwrWNKbyQNgAyp-AAAAAAA&expiration=1704034100&nuid=972AF3CC-0F5F-44DC-A166-D97F871E6350&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 629
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA5_10E820E69_24EE407E&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 640
  • https://feed.pghub.io/tag?us_privacy=1---&referrer_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&page_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&owner=P%26G&bp_id=sharethrough&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js HTTP 302
  • https://pandg.tapad.com/tag?us_privacy=1---&referrer_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&page_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&owner=P%26G&bp_id=sharethrough&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js
Request Chain 651
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-LAf9PzhR6DjsxWh9rML_PjjEPLjtUTzqOPEnCuX
Request Chain 652
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7ba6d1fc-a722-11ee-bdda-0ac735083d6b
Request Chain 653
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 654
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188723640060651
Request Chain 655
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=nBW3J1V4X1FJS-QQH9TL4bnVUCs&gdpr=0&gdpr_consent=
Request Chain 656
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:IwFXRTno1RjADq5&gdpr=0&gdpr_consent=
Request Chain 658
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=f97c712f-8434-4736-8165-dff7fb9eb5a8&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=972AF3CC-0F5F-44DC-A166-D97F871E6350
Request Chain 659
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=972AF3CC-0F5F-44DC-A166-D97F871E6350&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=972AF3CC-0F5F-44DC-A166-D97F871E6350&vxii_pid=12&vxii_pid1=10067&vxii_rcid=54fa1451-1f39-45d4-b813-a9d7252af799
Request Chain 664
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4241110474002595656&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 665
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ea0cb69f-fd08-4957-b853-f508bc735d02-65902db0-5553&gdpr=0&gdpr_consent=
Request Chain 666
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=972AF3CC-0F5F-44DC-A166-D97F871E6350&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=972AF3CC-0F5F-44DC-A166-D97F871E6350&vxii_pid=12&vxii_pid1=10067&vxii_rcid=bdecbb53-7e7b-4d70-8027-cceca8fd54ee
Request Chain 672
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-LAf9PzhR6DjsxWh9rML_PjjEPLjtUTzqOPEnCuX
Request Chain 673
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4241110474002595656&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 674
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7ba6d1fc-a722-11ee-bdda-0ac735083d6b
Request Chain 675
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=969188723640060651&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 676
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ea0cb69f-fd08-4957-b853-f508bc735d02-65902db0-5553&gdpr=0&gdpr_consent=
Request Chain 677
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188723640060651
Request Chain 678
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=nBW3J1V4X1FJS-QQH9TL4bnVUCs&gdpr=0&gdpr_consent=
Request Chain 679
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:IwFXRTno1RjADq5&gdpr=0&gdpr_consent=
Request Chain 681
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=972AF3CC-0F5F-44DC-A166-D97F871E6350&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=972AF3CC-0F5F-44DC-A166-D97F871E6350&vxii_pid=12&vxii_pid1=10067&vxii_rcid=57e65f1e-d414-4e0a-a921-49f96f8399da
Request Chain 687
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-LAf9PzhR6DjsxWh9rML_PjjEPLjtUTzqOPEnCuX
Request Chain 688
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4241110474002595656&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 689
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7ba6d1fc-a722-11ee-bdda-0ac735083d6b
Request Chain 690
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy=
Request Chain 691
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ea0cb69f-fd08-4957-b853-f508bc735d02-65902db0-5553&gdpr=0&gdpr_consent=
Request Chain 692
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188723640060651
Request Chain 693
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=nBW3J1V4X1FJS-QQH9TL4bnVUCs&gdpr=0&gdpr_consent=
Request Chain 694
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:IwFXRTno1RjADq5&gdpr=0&gdpr_consent=
Request Chain 698
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=f97c712f-8434-4736-8165-dff7fb9eb5a8&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID}
Request Chain 699
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 710
  • https://idsync.rlcdn.com/712188.gif?partner_uid=972AF3CC-0F5F-44DC-A166-D97F871E6350&gdpr=0&gdpr_consent= HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=e1e3582e-9af3-0db0-137b-cddb1c422e29
Request Chain 713
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1179816859700053156

702 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cnz.to/
Redirect Chain
  • http://cnz.to/
  • https://cnz.to/
91 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
626d3910c1bebfb805a062511b7a3ddc0da9731896a291daf80830db0944b3b9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
block-all-mixed-content
content-type
text/html; charset=UTF-8
date
Sat, 30 Dec 2023 14:48:09 GMT
pragma
no-cache
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Sat, 30 Dec 2023 14:48:09 GMT
Location
https://cnz.to/
Server
nginx
css
fonts.googleapis.com/ 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,700,700italic
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f10.1e100.net
Software
ESF /
Resource Hash
b2b3b691360be91324019c0b40152380c20a1d1b179b2573955a5c7505a06ebf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 30 Dec 2023 13:17:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Dec 2023 14:48:10 GMT
qff3qrt.css
use.typekit.net/ 		2 KB
858 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/qff3qrt.css
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.223.209.41 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-223-209-41.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a7b84c22955a599195b5b1f0f81a856301da7a989b360f268277d4c3ce01a0b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Sat, 30 Dec 2023 14:48:10 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
635
style.css
cnz.to/wp-content/themes/candz/ 		62 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cnz.to/wp-content/themes/candz/style.css?v=1519241472
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
fb371db66244b0729c3a71e0ac435ce47c415f4d6b7ee5a662058dc67e7f7b96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:09 GMT
content-encoding
gzip
last-modified
Wed, 21 Feb 2018 19:31:12 GMT
server
nginx
etag
W/"5a8dc900-f6c2"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600, public
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-277034-3
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
597286e3bce960a6a5e1a893ac3c5375afecf53a47b92c8c1c0895dfdbca779b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68970
x-xss-protection
0
last-modified
Sat, 30 Dec 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 30 Dec 2023 14:48:10 GMT
colorbox.css
cnz.to/wp-content/themes/candz/colorbox/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cnz.to/wp-content/themes/candz/colorbox/colorbox.css?ver=1.0
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
fe23f9304c2fe4b3b97fb6223ea13be406a3a3044de905a854e9d374d1487a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
last-modified
Wed, 02 Oct 2013 14:28:26 GMT
server
nginx
etag
W/"524c2d8a-eab"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600, public
style.min.css
cnz.to/wp-includes/css/dist/block-library/ 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cnz.to/wp-includes/css/dist/block-library/style.min.css?ver=5.9.2
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
last-modified
Sun, 27 Mar 2022 16:24:46 GMT
server
nginx
etag
W/"62408fce-145a9"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600, public
settings.css
cnz.to/wp-content/plugins/essential-grid/public/assets/css/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cnz.to/wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=2.2.5
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
dfb3b42576276140e6cb0f820c26240408d7b0c2a09db6e7d7de5b303f5202f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
last-modified
Wed, 04 Jul 2018 12:31:34 GMT
server
nginx
etag
W/"5b3cbe26-8a8a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600, public
css
fonts.googleapis.com/ 		27 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%2C800&ver=5.9.2
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f10.1e100.net
Software
ESF /
Resource Hash
22215d5fe62312c1ef69f2de8b6b06dd8ea9a44f0e6be7f8ef4fbc742fb51564
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 30 Dec 2023 13:33:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Dec 2023 14:48:10 GMT
css
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=5.9.2
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f10.1e100.net
Software
ESF /
Resource Hash
afe9c3cbc980202176a0e1e99a357b605ab1c151f2e4479f405b9989fe41282c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 30 Dec 2023 12:50:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Dec 2023 14:48:10 GMT
css
fonts.googleapis.com/ 		808 B
414 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Serif%3A400%2C700&ver=5.9.2
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f10.1e100.net
Software
ESF /
Resource Hash
47c4f6f4b1714fa507e962fdba1252afc452c293c1fdc76a7ea747d8ddbb0201
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 30 Dec 2023 14:11:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Dec 2023 14:48:10 GMT
fontello.css
cnz.to/wp-content/plugins/essential-grid/public/assets/font/fontello/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cnz.to/wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=2.2.5
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
168642741cf6acd34501d09c8cc1c7e6be332ca9222f3223419bd1664b381839

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
last-modified
Wed, 21 Feb 2018 05:27:06 GMT
server
nginx
etag
W/"5a8d032a-3177"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600, public
jquery.min.js
cnz.to/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cnz.to/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
last-modified
Sun, 27 Mar 2022 16:24:52 GMT
server
nginx
etag
W/"62408fd4-15db1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
jquery-migrate.min.js
cnz.to/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cnz.to/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
last-modified
Sun, 27 Mar 2022 16:24:52 GMT
server
nginx
etag
W/"62408fd4-2bd8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
jquery.iosslider.min.js
cnz.to/wp-content/themes/candz/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cnz.to/wp-content/themes/candz/jquery.iosslider.min.js?ver=1.0
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
d610dabc67e887c42adeae2620a970f34dea4dd8039f36bb056bfd7d8674a5c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
last-modified
Mon, 30 Sep 2013 18:43:56 GMT
server
nginx
etag
W/"5249c66c-807d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
jquery.rwdImageMaps.min.js
cnz.to/wp-content/themes/candz/ 		1 KB
834 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cnz.to/wp-content/themes/candz/jquery.rwdImageMaps.min.js?ver=1.0
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
ed839d9fae4a8e722e9c408c2716a6f1eb789b99ef16722cd39ff4965749d8fb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
last-modified
Mon, 30 Sep 2013 18:43:56 GMT
server
nginx
etag
W/"5249c66c-45a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
addthis_widget.js
s7.addthis.com/js/300/ 		56 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js?ver=5.9.2
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-170.deploy.static.akamaitechnologies.com
Software
Oracle API Gateway /
Resource Hash
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 30 Dec 2023 14:48:10 GMT
server
Oracle API Gateway
opc-request-id
/0BBD7BF498885A4B43606C03B24ABCE8/1E9F28B0C0017F9B4B0A70E378680B2A
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/javascript
x-distribution
99
x-host
s7.addthis.com
content-length
76
x-xss-protection
1; mode=block
jquery.colorbox-min.js
cnz.to/wp-content/themes/candz/colorbox/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cnz.to/wp-content/themes/candz/colorbox/jquery.colorbox-min.js?ver=1.0
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
41946d688c5783094bcbe709067b5fd5dcbd81364473c6bcefb2dc5aadd19872

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
last-modified
Wed, 02 Oct 2013 14:28:26 GMT
server
nginx
etag
W/"524c2d8a-2b3f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
jquery.fitvids.js
cnz.to/wp-content/themes/candz/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cnz.to/wp-content/themes/candz/jquery.fitvids.js?ver=1.0
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
c759c8d031f86a043d2326d9b28d2f95d5d84339ca91d32129652bfb67404c1f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
last-modified
Wed, 12 Oct 2016 14:21:48 GMT
server
nginx
etag
W/"57fe46fc-906"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
modernizr.custom.17686.js
cnz.to/wp-content/themes/candz/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cnz.to/wp-content/themes/candz/modernizr.custom.17686.js?ver=1.0
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
592b1627edb42210d91ebe730f62069cb082f04dd25c4a63da955ac597b8c432

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
last-modified
Sun, 13 Oct 2013 13:38:20 GMT
server
nginx
etag
W/"525aa24c-2130"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
jquery.cookie.min.js
cnz.to/wp-content/themes/candz/ 		1 KB
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cnz.to/wp-content/themes/candz/jquery.cookie.min.js?ver=1.0
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
045fbd67064a7994e38eccd3dd0be6773ced45c093d1011baed44a6d23ee5047

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
last-modified
Sun, 01 Dec 2013 13:48:00 GMT
server
nginx
etag
W/"529b3e10-596"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
jscript.js
cnz.to/wp-content/themes/candz/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cnz.to/wp-content/themes/candz/jscript.js?ver=1.06
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
8c1a5733b2830f10e5f1d5b727bfc5e963379c939feabae4c4e8fa95bd19fc41

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
last-modified
Tue, 06 Mar 2018 22:16:34 GMT
server
nginx
etag
W/"5a9f1342-159b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
frontend-gtag.min.js
cnz.to/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cnz.to/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.1
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
last-modified
Sun, 13 Nov 2022 07:20:06 GMT
server
nginx
etag
W/"63709aa6-2e7a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
zlrecipe_print.js
cnz.to/wp-content/plugins/ziplist-recipe-plugin/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cnz.to/wp-content/plugins/ziplist-recipe-plugin/zlrecipe_print.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
2e6fb6342f15f8c92092db2e29c8cc401c8f6a03cb906befe017980e8516fcae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
last-modified
Thu, 01 Oct 2015 08:09:18 GMT
server
nginx
etag
W/"560cea2e-807"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
snippet.min.js
geniuslinkcdn.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geniuslinkcdn.com/snippet.min.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
174.138.117.212 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
52a81cc44904eac8d8d3d8aa4d66fa18c2ed0c537a2a170547d94534476cd188

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
ratelimit-reset
1703947750
transfer-encoding
chunked
ratelimit-limit
15
last-modified
Tue, 29 Nov 2022 19:24:18 GMT
server
nginx
ratelimit-observed
0
etag
W/"63865c62-1614"
ratelimit-resettime
Sat, 30 Dec 2023 14:49:10 GMT
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-max-age
1728000
ratelimit-remaining
15
expires
Sun, 31 Dec 2023 14:48:10 GMT
chocolate-and-zucchini.js
scripts.mediavine.com/tags/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/tags/chocolate-and-zucchini.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
a4d32a636e53dc9171fa27726cd8de02f1290cb72bc8f4497e8e467afc43ffb7
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
40729
x-powered-by
Express
x-cache
HIT, HIT
content-length
17761
x-served-by
cache-iad-kcgs7200053-IAD, cache-yul12821-YUL
x-timer
S1703947690.332710,VS0,VE0
etag
W/"faa4-EWtWgn+LNMo/eyZ6yPthUATk8Kg"
vary
country=INTL, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-cache
accept-ranges
bytes
x-cache-hits
29, 2
logo2018.png
cnz.to/wp-content/themes/candz/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnz.to/wp-content/themes/candz/images/logo2018.png
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
8dd846b760e7325c652a093a1f446cbddb4edbb2da418f84ac67d186c69b6585

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
last-modified
Tue, 20 Feb 2018 14:52:50 GMT
server
nginx
etag
"5a8c3642-147b"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
5243
tasting-paris-clotilde-dusoulier.png
cnz.to/wp-content/themes/candz/banner-images/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnz.to/wp-content/themes/candz/banner-images/tasting-paris-clotilde-dusoulier.png
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
1ac7875370ad693799d60ec5df8c2e6e0659755d072a2d0cc94a78ec00eca772

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
last-modified
Tue, 20 Feb 2018 14:52:48 GMT
server
nginx
etag
"5a8c3640-848a"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
33930
red_lentil_curry_cauliflower_coconut_chips-3.jpg
cnz.to/wp-content/uploads/2017/09/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnz.to/wp-content/uploads/2017/09/red_lentil_curry_cauliflower_coconut_chips-3.jpg
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
7473f661bdedc64ecb16194dfaf50a4173d44f535fc1f3459ad8e19fb692698f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
last-modified
Tue, 05 Sep 2017 13:45:02 GMT
server
nginx
etag
"59aeaa5e-12b19"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
76569
power_of_intention-190x290.jpg
cnz.to/wp-content/uploads/2018/08/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnz.to/wp-content/uploads/2018/08/power_of_intention-190x290.jpg
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
e225b81fbcf0a25b3fce3191d7098ff4b4416eacba7789d049f83ac0bd2bb660

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
last-modified
Fri, 03 Aug 2018 13:45:02 GMT
server
nginx
etag
"5b645c5e-485b"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
18523
side_bar_banner.jpg
cnz.to/wp-content/uploads/2018/03/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnz.to/wp-content/uploads/2018/03/side_bar_banner.jpg
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
f4dd805c4f7961ff41eeb2cf8dfc005073d976155bb560a8e07337e80910baec

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
last-modified
Sat, 10 Mar 2018 13:30:01 GMT
server
nginx
etag
"5aa3ddd9-551d"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
21789
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=en-GB
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
GSE /
Resource Hash
378c6c792ec64cc2769a33491b2ad8463a0a4c539779329ca6b1760d8848cd02
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 30 Dec 2023 14:48:10 GMT
pinit.js
assets.pinterest.com/js/ 		361 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.9 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-x-true-ttl
300
content-encoding
br
x-cdn
akamai
etag
"62d32c28f14783b94192cd8d35bc010d"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=224
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
203
comment_count.js
cnz.to/wp-content/plugins/disqus-comment-system/public/js/ 		889 B
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cnz.to/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
last-modified
Sun, 27 Mar 2022 16:27:06 GMT
server
nginx
etag
W/"6240905a-379"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.9.2
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2322
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83db1508bb01a240-YYZ
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Tue, 02 Jan 2024 14:48:10 GMT
helper.min.js
cnz.to/wp-content/plugins/optinmonster/assets/dist/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cnz.to/wp-content/plugins/optinmonster/assets/dist/js/helper.min.js?ver=2.11.0
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
45bd57a08f2ab75688b262993ca9687a1997df152860a1c146b863751719a6e6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
last-modified
Sun, 13 Nov 2022 07:20:28 GMT
server
nginx
etag
W/"63709abc-826"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
print.css
cnz.to/wp-content/themes/candz/ 		54 B
241 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cnz.to/wp-content/themes/candz/print.css
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
edca91aa72640c4450f408ce4e6cb8d7442a84cd03128936c1d48ee03e56705b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
last-modified
Sun, 13 Oct 2013 14:53:58 GMT
server
nginx
etag
W/"525ab406-36"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600, public
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=qff3qrt&ht=tk&f=8546.8553&a=220556&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qff3qrt.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.223.209.69 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-223-209-69.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
last-modified
Fri, 14 Jul 2023 12:43:54 GMT
server
nginx
etag
"64b1430a-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
wp-emoji-release.min.js
cnz.to/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cnz.to/wp-includes/js/wp-emoji-release.min.js?ver=5.9.2
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
last-modified
Sun, 27 Mar 2022 16:24:53 GMT
server
nginx
etag
W/"62408fd5-4705"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cnz.to
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 05:20:39 GMT
x-content-type-options
nosniff
age
34051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Dec 2024 05:20:39 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 30 Dec 2023 14:48:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
FwIScQJfem/M4JgxDlWFFknZmS4Fmi1gDLwJvAu+j451BAyYlkfagi+GpwWuO36sDy4QjffrBt2dYTUhdz4q5Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-optimizer
1
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
TfcsN2nBDyU
www.youtube.com/embed/ Frame D3A9 		92 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/TfcsN2nBDyU
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-qbPjm4jXiLihm9x3JlWung' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 14:48:10 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
search.png
cnz.to/wp-content/themes/candz/images/ 		301 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnz.to/wp-content/themes/candz/images/search.png
Requested by
Host: cnz.to
URL: https://cnz.to/wp-content/themes/candz/style.css?v=1519241472
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
790a641195160a109673107f3cdfd955e038a362ba6d64e3dba9843eba0b2f7b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/wp-content/themes/candz/style.css?v=1519241472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
last-modified
Sun, 09 Feb 2014 19:20:05 GMT
server
nginx
etag
"52f7d4e5-12d"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
301
social-new.png
cnz.to/wp-content/themes/candz/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnz.to/wp-content/themes/candz/images/social-new.png
Requested by
Host: cnz.to
URL: https://cnz.to/wp-content/themes/candz/style.css?v=1519241472
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
93d9a8bb1bc0c533f83c02ef72845a803d273cb2dee096b1c003e8a8cff78811

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/wp-content/themes/candz/style.css?v=1519241472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
last-modified
Tue, 01 Dec 2015 15:47:14 GMT
server
nginx
etag
"565dc102-49c"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
1180
linen.jpg
cnz.to/wp-content/themes/candz/banner-images/ 		196 KB
196 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnz.to/wp-content/themes/candz/banner-images/linen.jpg
Requested by
Host: cnz.to
URL: https://cnz.to/wp-content/themes/candz/style.css?v=1519241472
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
f0a5bc2020eef2cb7796a178c3034546cfc6cd9262e5cac607ab83555963c8ef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/wp-content/themes/candz/style.css?v=1519241472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
last-modified
Tue, 20 Feb 2018 14:52:46 GMT
server
nginx
etag
"5a8c363e-31030"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
200752
comments-large.png
cnz.to/wp-content/themes/candz/images/ 		386 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnz.to/wp-content/themes/candz/images/comments-large.png
Requested by
Host: cnz.to
URL: https://cnz.to/wp-content/themes/candz/style.css?v=1519241472
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
ee918de21d584e237cbde44c0c934956741607a048f9cf14652afd6cfd633d19

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/wp-content/themes/candz/style.css?v=1519241472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
last-modified
Mon, 30 Sep 2013 18:43:36 GMT
server
nginx
etag
"5249c658-182"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
386
quote.png
cnz.to/wp-content/themes/candz/images/ 		356 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnz.to/wp-content/themes/candz/images/quote.png
Requested by
Host: cnz.to
URL: https://cnz.to/wp-content/themes/candz/style.css?v=1519241472
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
d2052d156ae64a1c75bff9546010dd13d09f6ccba3932f28b548a635ad206531

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/wp-content/themes/candz/style.css?v=1519241472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
last-modified
Sun, 09 Feb 2014 19:20:15 GMT
server
nginx
etag
"52f7d4ef-164"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
356
l
use.typekit.net/af/3f38e7/00000000000000000000ebe8/27/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/3f38e7/00000000000000000000ebe8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qff3qrt.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.223.209.41 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-223-209-41.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
58fa43ae9450923e73f0bbb2acd96efd04f4f6da9c6c227669dbf919f0226ac8

Request headers

Referer
https://use.typekit.net/qff3qrt.css
Origin
https://cnz.to
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
server
nginx
etag
"0c0512e29ad5894bdef049b42a2c7171e22d0082"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33944
l
use.typekit.net/af/d3e49f/00000000000000000000ebef/27/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/d3e49f/00000000000000000000ebef/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qff3qrt.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.223.209.41 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-223-209-41.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1f1d91dd79f22852adfb2b0f1cf616c700dcb2ac982ee62959746b79b5da7f3e

Request headers

Referer
https://use.typekit.net/qff3qrt.css
Origin
https://cnz.to
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
server
nginx
etag
"5074a8f84743887f3304b99841ebf81f490ca5f6"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
34776
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cnz.to
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 16:36:05 GMT
x-content-type-options
nosniff
age
598325
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50296
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:10:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Dec 2024 16:36:05 GMT
clotilde_montmartre_mirror.jpg
cnz.to/wp-content/uploads/2018/02/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnz.to/wp-content/uploads/2018/02/clotilde_montmartre_mirror.jpg
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
032d3b1ae4d2c64ef963000cd2ca67039cd645059ce4efecbfd64238f1618c12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
last-modified
Wed, 21 Feb 2018 15:15:02 GMT
server
nginx
etag
"5a8d8cf6-369e"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
13982
batch-cooking-winter.jpg
cnz.to/wp-content/uploads/2018/01/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnz.to/wp-content/uploads/2018/01/batch-cooking-winter.jpg
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
ceaf78ad1b28ab450e1ea15ae58c12dab4b2443ba0d0114fc30498a396e69699

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
last-modified
Fri, 12 Jan 2018 17:45:02 GMT
server
nginx
etag
"5a58f41e-19c99"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
105625
swedish_chocolate_balls-5.jpg
cnz.to/wp-content/uploads/2016/11/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnz.to/wp-content/uploads/2016/11/swedish_chocolate_balls-5.jpg
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
8e678c2fb72fda1769db364e9f3430fce64c5d66d1acffaf13467fcab181f33a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
last-modified
Tue, 08 Nov 2016 17:30:01 GMT
server
nginx
etag
"58220b99-16d09"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
93449
swedish_chocolate_balls-2.jpg
cnz.to/wp-content/uploads/2016/11/ 		215 KB
216 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnz.to/wp-content/uploads/2016/11/swedish_chocolate_balls-2.jpg
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
68d315867b21afa712c8c662510e4db04d1b4282a3c581d711b87c6855c82dd1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
last-modified
Tue, 08 Nov 2016 16:45:03 GMT
server
nginx
etag
"5822010f-35d75"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
220533
countryLookup
scripts.mediavine.com/flooring/ 		77 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/flooring/countryLookup
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/chocolate-and-zucchini.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
2364d71e2d786b2da8d73b625541ebd98a1d1e96d1b156faec4aa9763b034b09
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
cache-yul12824-YUL
date
Sat, 30 Dec 2023 14:48:10 GMT
via
1.1 varnish
strict-transport-security
max-age=300
server
Varnish
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
77
retry-after
0
x-cache-hits
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/chocolate-and-zucchini.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
5442131fb8e00b6cf40add31f12ca2de70f0151300a4a8a7a9460c8daf146bc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29292
x-xss-protection
0
server
cafe
etag
552 / 19721 / 31080056 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:48:10 GMT
settings.json
scripts.mediavine.com/launcher/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/launcher/settings.json?off=mediavine
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/chocolate-and-zucchini.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
cfa2a8ba24e6321ca3488d746dfd6bbc82faa38c6c3da09a581b6d82c037fba8
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
30
x-powered-by
Express
x-cache
HIT, HIT
content-length
1234
x-served-by
cache-iad-kjyo7100137-IAD, cache-yul12824-YUL
x-timer
S1703947690.408053,VS0,VE0
etag
W/"1a3d-UlZYeNcvC/rkkuGwaAmyhvRQQd4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-cache
accept-ranges
bytes
x-cache-hits
24, 29
1706732476236910
connect.facebook.net/signals/config/ 		139 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1706732476236910?v=2.9.138&r=stable&domain=cnz.to
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
27187c5790cf7c3b226792b2c3197ce4f996b1a7ccb9b766f88e0b771fff9cf1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 30 Dec 2023 14:48:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
EGY+PlnDrGO5PIwBu2Icy+w+4pUd7InIrlb3yJru94AiTyQAVxOPcX0Yh2RJhRZPccGc6Tv1H1FFyByGPDDCnQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
wrapper.min.js
scripts.mediavine.com/tags/2.94.31/ 		171 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/tags/2.94.31/wrapper.min.js?bust=-1498279595
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/chocolate-and-zucchini.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
29696df9ed6c48222770e98e10178787964ab2de3803dc7213cd24149c4c0f58
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
FTW05BT7RATBVJ04
age
772289
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/2.94.31/wrapper.min.js
content-length
56014
x-amz-id-2
h8JRKIXkujUPWTouEItgqNVf+BohJaM6HXxJdXbHaM5ijp5HAegmUINhzfJWuqLNTcv+twlr5uI=
x-served-by
cache-iad-kcgs7200126-IAD, cache-yul12821-YUL
last-modified
Thu, 21 Dec 2023 16:07:36 GMT
server
AmazonS3
x-timer
S1703947690.475738,VS0,VE0
etag
"00c2ce0844fe840f22389088598fd7b6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 235057
usersync.min.js
exchange.mediavine.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.mediavine.com/usersync.min.js?s2sVersion=production
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/chocolate-and-zucchini.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.254.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-254-189.compute-1.amazonaws.com
Software
/
Resource Hash
16e81fe5eb8e62440c8208fe13409e40ec141b75547a35b7a79655935b409b9f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
last-modified
Tue, 26 Dec 2023 20:14:41 GMT
etag
W/"3217-18ca7c3e196"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
no-cache, private
access-control-allow-credentials
true
accept-ranges
bytes
web.keywords.js
keywords.mediavine.com/keyword/ 		657 B
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://keywords.mediavine.com/keyword/web.keywords.js?pageUrl=https://cnz.to/
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/chocolate-and-zucchini.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
c914ebd74a7b41862cc64bef9bede4a3f6f308c3dae90627ec18745c617f4ec8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
cache-iad-kiad7000144-IAD, cache-yul12821-YUL
date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
47567
x-timer
S1703947690.491173,VS0,VE15
x-powered-by
Express
vary
Origin, Accept-Encoding
x-cache
HIT, MISS
content-type
text/html; charset=utf-8
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-length
338
x-cache-hits
16, 0
recaptcha__en_gb.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 		503 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en_gb.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en-GB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f3.1e100.net
Software
sffe /
Resource Hash
6ec0a341e8e985e726de0f08c522271523761ec352f1b07adb5129da7225c20c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cnz.to/
Origin
https://cnz.to
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 23:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205984
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Dec 2024 23:25:31 GMT
api.min.js
a.omappapi.com/app/js/ 		51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-40-58.bunnyinfra.net
Software
BunnyCDN-NY1-885 /
Resource Hash
83c03c13ae512aeaf45b9a54c62dad09b5d833edae4f2459d3f71f2a3f2744aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
br
cdn-edgestorageid
885
perma-cache
HIT
cdn-storageserver
NY-427
cdn-cachedat
12/30/2023 00:13:06
cdn-pullzone
293267
last-modified
Tue, 12 Dec 2023 19:57:29 GMT
server
BunnyCDN-NY1-885
cdn-fileserver
622
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6578bb29-cb9a"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
37f3ee1501b1a2072a83897168e034fd
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
count.js
cnz.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cnz.disqus.com/count.js
Requested by
Host: cnz.to
URL: https://cnz.to/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 14:48:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubdomains
X-Amz-Cf-Pop
DFW3-C1
Age
16
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 19 Dec 2023 16:18:28 GMT
Server
nginx
ETag
"6581c254-367"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
1S2aHt54Ot_bv9j3k9vCljia1uuaWxWxE6JoQ5b5U2mhDq2morBnmg==
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.9.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
56
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83db1509bc38a240-YYZ
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Tue, 02 Jan 2024 14:48:10 GMT
js
www.googletagmanager.com/gtag/ 		245 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WHT1MYT8SZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-277034-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c646c6161515be66e77913fe1f54eeb7bf14e9c39d55b0b8b2370cc77ca822c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84605
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 30 Dec 2023 14:48:10 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-277034-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 30 Dec 2023 12:52:28 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6942
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 30 Dec 2023 14:52:28 GMT
www-player.css
www.youtube.com/s/player/da154528/ Frame D3A9 		0
0
embed.js
www.youtube.com/s/player/da154528/player_ias.vflset/en_US/ Frame D3A9 		0
0
www-embed-player.js
www.youtube.com/s/player/da154528/www-embed-player.vflset/ Frame D3A9 		0
0
base.js
www.youtube.com/s/player/da154528/player_ias.vflset/en_US/ Frame D3A9 		0
0
TfcsN2nBDyU
www.youtube.com/embed/ Frame 8415 		0
0
TfcsN2nBDyU
www.youtube.com/embed/ Frame 493E 		93 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/TfcsN2nBDyU
Requested by
Host: cnz.to
URL: https://cnz.to/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
ESF /
Resource Hash
984b06744b3f4dad2b827b4f4dd7693574ebb06856dd7bafbdc6994e3dbc6a90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-_rQXgLfJPaRjGA7rrdOk7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 14:48:10 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
randombook.php
cnz.to/wp-content/themes/candz/ 		2 KB
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cnz.to/wp-content/themes/candz/randombook.php
Requested by
Host: cnz.to
URL: https://cnz.to/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
d18a3560a67608ea3c73bcd9658cbe2a70a0493d98c8888c307404a50b0a2259

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://cnz.to/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
pinit_main.js
assets.pinterest.com/js/ 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.40051207520910737
Requested by
Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.9 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-x-true-ttl
300
content-encoding
br
x-cdn
akamai
etag
"3725764cf05d1a0938de73d398772331"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=165
accept-ranges
bytes
content-length
18679
7b1b5bc2bf50b7f1fd3d.min.js
scripts.mediavine.com/tags/6381/ 		59 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/tags/6381/7b1b5bc2bf50b7f1fd3d.min.js
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/2.94.31/wrapper.min.js?bust=-1498279595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
e7dc2d96e7b17036114e965bc4fd20227f0285f0e0a7530015fb57e6ee3a959c
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
HVWFQ1H5M9G4K54Y
age
4517586
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/6381/7b1b5bc2bf50b7f1fd3d.min.js
content-length
12001
x-amz-id-2
hUo2s4Quyjeo6WG/DhPtxEpMYPEOV6zULRSQ8GA4WIszJ6wrLZGhRRBBgbX7znexfXgYx6q8YCc=
x-served-by
cache-iad-kcgs7200119-IAD, cache-yul12821-YUL
last-modified
Tue, 17 Oct 2023 20:02:59 GMT
server
AmazonS3
x-timer
S1703947691.605832,VS0,VE0
etag
"3ac36b93e230c09abea8266587e3313b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
17, 741558
92f7561d06db4cef115b.min.js
scripts.mediavine.com/tags/gpp/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/tags/gpp/92f7561d06db4cef115b.min.js
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/2.94.31/wrapper.min.js?bust=-1498279595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
7ae4c978fe0997597c99e7c7c5f4062280aaa344768ff6022ac6115d3d40a49d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
FTWCFYK1PSWF9T8P
age
772290
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/gpp/92f7561d06db4cef115b.min.js
content-length
3076
x-amz-id-2
mm7HALIF3IkB56MJu7K9pu4xwC++EWjCri8IBVGkSeNh1r29weejkcAzzwY3lsYwNW6EfUHbYKY=
x-served-by
cache-iad-kcgs7200117-IAD, cache-yul12821-YUL
last-modified
Thu, 21 Dec 2023 16:08:21 GMT
server
AmazonS3
x-timer
S1703947691.605981,VS0,VE0
etag
"36c1c5111ea60fd90455ad4adb3ac5be"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
1, 276492
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1019701129&t=pageview&_s=1&dl=https%3A%2F%2Fcnz.to%2F&ul=en-us&de=UTF-8&dt=Chocolate%20%26%20Zucchini%20%7C%20Simple%20Recipes%20from%20my%20Paris%20Kitchen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=788631508&gjid=714919026&cid=88848028.1703947691&tid=UA-277034-3&_gid=2101863569.1703947691&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&did=dZGIzZG&gdid=dZGIzZG&jsscut=1&z=402841815
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cnz.to/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cnz.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1706732476236910&ev=PageView&dl=https%3A%2F%2Fcnz.to%2F&rl=&if=false&ts=1703947690633&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703947690631.588189588&cs_est=true&ler=empty&it=1703947690465&coo=false&rqm=GET
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 30 Dec 2023 14:48:10 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
web
onesignal.com/api/v1/sync/7fd31114-8467-11e5-8b4f-a0369f2d9328/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/7fd31114-8467-11e5-8b4f-a0369f2d9328/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fd8d82240d3e26d9172cbb614fc678c36149712a599be756c9751cda9aaaab8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
8d136613-ab29-4b9c-be1b-dca193ec8559
x-runtime
0.029241
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"5fd8d82240d3e26d9172cbb614fc678c"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
83db150abd46a240-YYZ
access-control-allow-headers
SDK-Version
expires
Sat, 30 Dec 2023 15:48:10 GMT
api.min.css
a.omappapi.com/app/js/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.css
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-40-58.bunnyinfra.net
Software
BunnyCDN-NY1-885 /
Resource Hash
428f350bd53281aeb92b949ccc048356f66823858401537ef57c712bf179fe3e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
br
cdn-edgestorageid
885
perma-cache
HIT
cdn-storageserver
NY-268
cdn-cachedat
12/30/2023 00:13:11
cdn-pullzone
293267
last-modified
Tue, 12 Dec 2023 20:02:02 GMT
server
BunnyCDN-NY1-885
cdn-fileserver
622
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6578bc3a-2644"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
718309fc14d6b7de6899c5f069626ce2
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
754336
api.omappapi.com/v2/embed/15285/ 		126 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/15285/754336
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.22.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-10.cmh68.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
fb52c6a4691c4c183a50921b788be2bd1b704e18e7603c31ee103106a6c1a190

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
x-user-agent
standard--
via
1.1 7339d6364b7bbd2bcf13ffcbadf08be0.cloudfront.net (CloudFront)
x-cache-config
0 0
server
Pagely Gateway/1.5.1
x-amz-cf-pop
CMH68-P3
vary
Accept-Encoding, User-Agent
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers
X-CSRF-Token
content-length
126
x-amz-cf-id
CbSGyfu-Fv8Bas9UVTIl5FWPtt3QsEalM4oSDoE9B_TXlXXqONWHcA==
expires
Sat, 30 Dec 2023 14:48:40 GMT
735607
api.omappapi.com/v2/embed/15285/ 		126 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/15285/735607
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.22.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-10.cmh68.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
fb52c6a4691c4c183a50921b788be2bd1b704e18e7603c31ee103106a6c1a190

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
x-user-agent
standard--
via
1.1 7339d6364b7bbd2bcf13ffcbadf08be0.cloudfront.net (CloudFront)
x-cache-config
0 0
server
Pagely Gateway/1.5.1
x-amz-cf-pop
CMH68-P3
vary
Accept-Encoding, User-Agent
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers
X-CSRF-Token
content-length
126
x-amz-cf-id
LKezf6CeN98Xy5GzMzQFNFo1L-r3DqRIFtW-cYd4ikpSIfOB8K4eFQ==
expires
Sat, 30 Dec 2023 14:48:41 GMT
641421
api.omappapi.com/v2/embed/15285/ 		126 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/15285/641421
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.22.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-10.cmh68.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
fb52c6a4691c4c183a50921b788be2bd1b704e18e7603c31ee103106a6c1a190

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
x-user-agent
standard--
via
1.1 7339d6364b7bbd2bcf13ffcbadf08be0.cloudfront.net (CloudFront)
x-cache-config
0 0
server
Pagely Gateway/1.5.1
x-amz-cf-pop
CMH68-P3
vary
Accept-Encoding, User-Agent
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers
X-CSRF-Token
content-length
126
x-amz-cf-id
6PY-l9LMNR6Qg_viQB-W-NJ6NJA0-KH019JAiOjKQdNWds2wfgMpVQ==
expires
Sat, 30 Dec 2023 14:48:41 GMT
641435
api.omappapi.com/v2/embed/15285/ 		126 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/15285/641435
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.22.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-10.cmh68.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
fb52c6a4691c4c183a50921b788be2bd1b704e18e7603c31ee103106a6c1a190

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
x-user-agent
standard--
via
1.1 7339d6364b7bbd2bcf13ffcbadf08be0.cloudfront.net (CloudFront)
x-cache-config
0 0
server
Pagely Gateway/1.5.1
x-amz-cf-pop
CMH68-P3
vary
Accept-Encoding, User-Agent
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers
X-CSRF-Token
content-length
126
x-amz-cf-id
j88DtuzS_sk1adIZ0JuD5S8LDA5gMlk9eTTZw3Rb-e5P3OyEtBSO8A==
expires
Sat, 30 Dec 2023 14:48:41 GMT
665126
api.omappapi.com/v2/embed/15285/ 		126 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/15285/665126
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.22.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-10.cmh68.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
fb52c6a4691c4c183a50921b788be2bd1b704e18e7603c31ee103106a6c1a190

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
x-user-agent
standard--
via
1.1 7339d6364b7bbd2bcf13ffcbadf08be0.cloudfront.net (CloudFront)
x-cache-config
0 0
server
Pagely Gateway/1.5.1
x-amz-cf-pop
CMH68-P3
vary
Accept-Encoding, User-Agent
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers
X-CSRF-Token
content-length
126
x-amz-cf-id
IJlNMaAFmk1NGjB2RuydvlLLAgaKzDjVe8OtIvl0Q0OxqbMNeH4k0w==
expires
Sat, 30 Dec 2023 14:48:41 GMT
651155
api.omappapi.com/v2/embed/15285/ 		126 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/15285/651155
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.22.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-10.cmh68.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
fb52c6a4691c4c183a50921b788be2bd1b704e18e7603c31ee103106a6c1a190

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
x-user-agent
standard--
via
1.1 7339d6364b7bbd2bcf13ffcbadf08be0.cloudfront.net (CloudFront)
x-cache-config
0 0
server
Pagely Gateway/1.5.1
x-amz-cf-pop
CMH68-P3
vary
Accept-Encoding, User-Agent
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers
X-CSRF-Token
content-length
126
x-amz-cf-id
6QgpPwNVj36yEYgtGL2ysKJvoQzHinC1q_Wse39iuhKAVwsIsZWXVw==
expires
Sat, 30 Dec 2023 14:48:40 GMT
642253
api.omappapi.com/v2/embed/15285/ 		126 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/15285/642253
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.22.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-10.cmh68.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
fb52c6a4691c4c183a50921b788be2bd1b704e18e7603c31ee103106a6c1a190

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
x-user-agent
standard--
via
1.1 7339d6364b7bbd2bcf13ffcbadf08be0.cloudfront.net (CloudFront)
x-cache-config
0 0
server
Pagely Gateway/1.5.1
x-amz-cf-pop
CMH68-P3
vary
Accept-Encoding, User-Agent
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers
X-CSRF-Token
content-length
126
x-amz-cf-id
jD3fZYCbsUROhG6wSU_fIZnqio4MxAuB_hmWsyFmdRSeBpGRjNGebA==
expires
Sat, 30 Dec 2023 14:48:40 GMT
642203
api.omappapi.com/v2/embed/15285/ 		126 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/15285/642203
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.22.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-10.cmh68.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
fb52c6a4691c4c183a50921b788be2bd1b704e18e7603c31ee103106a6c1a190

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
x-user-agent
standard--
via
1.1 7339d6364b7bbd2bcf13ffcbadf08be0.cloudfront.net (CloudFront)
x-cache-config
0 0
server
Pagely Gateway/1.5.1
x-amz-cf-pop
CMH68-P3
vary
Accept-Encoding, User-Agent
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers
X-CSRF-Token
content-length
126
x-amz-cf-id
BCNUmSoW1W7ufLQL8EIoqRYygDENn6HJddXHwPk9YthK6h1et6ILTQ==
expires
Sat, 30 Dec 2023 14:48:40 GMT
599073
api.omappapi.com/v2/embed/15285/ 		126 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/15285/599073
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.22.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-10.cmh68.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
fb52c6a4691c4c183a50921b788be2bd1b704e18e7603c31ee103106a6c1a190

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
x-user-agent
standard--
via
1.1 7339d6364b7bbd2bcf13ffcbadf08be0.cloudfront.net (CloudFront)
x-cache-config
0 0
server
Pagely Gateway/1.5.1
x-amz-cf-pop
CMH68-P3
vary
Accept-Encoding, User-Agent
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers
X-CSRF-Token
content-length
126
x-amz-cf-id
8nDIymInflGhho2GgNjIo8i-HzGUITA1OScH97kOnDhuPsJg8oWGIw==
expires
Sat, 30 Dec 2023 14:48:40 GMT
491276
api.omappapi.com/v2/embed/15285/ 		126 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/15285/491276
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.22.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-10.cmh68.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
fb52c6a4691c4c183a50921b788be2bd1b704e18e7603c31ee103106a6c1a190

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
x-user-agent
standard--
via
1.1 7339d6364b7bbd2bcf13ffcbadf08be0.cloudfront.net (CloudFront)
x-cache-config
0 0
server
Pagely Gateway/1.5.1
x-amz-cf-pop
CMH68-P3
vary
Accept-Encoding, User-Agent
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers
X-CSRF-Token
content-length
126
x-amz-cf-id
RGgCZAb4J8OnYD3bgBlYyjokPUTSSqVB8z5mzfSxfSbNEUjQwhUiLw==
expires
Sat, 30 Dec 2023 14:48:41 GMT
491268
api.omappapi.com/v2/embed/15285/ 		126 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/15285/491268
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.22.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-10.cmh68.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
fb52c6a4691c4c183a50921b788be2bd1b704e18e7603c31ee103106a6c1a190

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
x-user-agent
standard--
via
1.1 7339d6364b7bbd2bcf13ffcbadf08be0.cloudfront.net (CloudFront)
x-cache-config
0 0
server
Pagely Gateway/1.5.1
x-amz-cf-pop
CMH68-P3
vary
Accept-Encoding, User-Agent
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers
X-CSRF-Token
content-length
126
x-amz-cf-id
GG2Zg7kcZG0X4i1pyT7vVg00lRtW5LG5mVqLk9MzeUl5Di53LZ2lpg==
expires
Sat, 30 Dec 2023 14:48:40 GMT
491269
api.omappapi.com/v2/embed/15285/ 		126 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/15285/491269
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.22.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-10.cmh68.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
fb52c6a4691c4c183a50921b788be2bd1b704e18e7603c31ee103106a6c1a190

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
x-user-agent
standard--
via
1.1 7339d6364b7bbd2bcf13ffcbadf08be0.cloudfront.net (CloudFront)
x-cache-config
0 0
server
Pagely Gateway/1.5.1
x-amz-cf-pop
CMH68-P3
vary
Accept-Encoding, User-Agent
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers
X-CSRF-Token
content-length
126
x-amz-cf-id
OcX9rzCcwEZJR-z69km3OsvxbfYnySyE9WtQ7AgHc9Mi-PEToSg8DQ==
expires
Sat, 30 Dec 2023 14:48:40 GMT
491271
api.omappapi.com/v2/embed/15285/ 		126 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/15285/491271
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.22.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-10.cmh68.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
fb52c6a4691c4c183a50921b788be2bd1b704e18e7603c31ee103106a6c1a190

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
x-user-agent
standard--
via
1.1 7339d6364b7bbd2bcf13ffcbadf08be0.cloudfront.net (CloudFront)
x-cache-config
0 0
server
Pagely Gateway/1.5.1
x-amz-cf-pop
CMH68-P3
vary
Accept-Encoding, User-Agent
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers
X-CSRF-Token
content-length
126
x-amz-cf-id
Hvj_1cnfIlztNias7Ef2YjSBXg3DBgWp5XUVsH3M44aoLn0wOYQS0A==
expires
Sat, 30 Dec 2023 14:48:41 GMT
488361
api.omappapi.com/v2/embed/15285/ 		126 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/15285/488361
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.22.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-10.cmh68.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
fb52c6a4691c4c183a50921b788be2bd1b704e18e7603c31ee103106a6c1a190

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
x-user-agent
standard--
via
1.1 7339d6364b7bbd2bcf13ffcbadf08be0.cloudfront.net (CloudFront)
x-cache-config
0 0
server
Pagely Gateway/1.5.1
x-amz-cf-pop
CMH68-P3
vary
Accept-Encoding, User-Agent
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers
X-CSRF-Token
content-length
126
x-amz-cf-id
NO3AbfmHqOt4ve2RPl36L5mna40XpUf1ltB1xJZjSZTyBJeXkqv_VQ==
expires
Sat, 30 Dec 2023 14:48:41 GMT
485908
api.omappapi.com/v2/embed/15285/ 		126 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/15285/485908
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.22.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-10.cmh68.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
fb52c6a4691c4c183a50921b788be2bd1b704e18e7603c31ee103106a6c1a190

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
x-user-agent
standard--
via
1.1 7339d6364b7bbd2bcf13ffcbadf08be0.cloudfront.net (CloudFront)
x-cache-config
0 0
server
Pagely Gateway/1.5.1
x-amz-cf-pop
CMH68-P3
vary
Accept-Encoding, User-Agent
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers
X-CSRF-Token
content-length
126
x-amz-cf-id
0vrpNikrE4SKnUI6-cFonUL2yvux5mLvcXbGyJUGBlZhrDaz7rd7XA==
expires
Sat, 30 Dec 2023 14:48:41 GMT
tasting_paris-190x246.jpg
cnz.to/wp-content/uploads/2017/10/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnz.to/wp-content/uploads/2017/10/tasting_paris-190x246.jpg
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.161.66.85 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip85.ip-51-161-66.net
Software
nginx /
Resource Hash
5150d54b70c76a0397d97a93b42ac834d32381b9f1659a4b4d28ddbb30569c36

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Dec 2023 14:48:10 GMT
last-modified
Wed, 15 Nov 2017 09:15:01 GMT
server
nginx
etag
"5a0c0595-3e54"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
15956
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-WHT1MYT8SZ&gtm=45je3bt0v9134669983&_p=1703947690188&gcd=11l1l1l1l1&dma=0&gdid=dZGIzZG&cid=88848028.1703947691&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1703947690&sct=1&seg=0&dl=https%3A%2F%2Fcnz.to%2F&dt=Chocolate%20%26%20Zucchini%20%7C%20Simple%20Recipes%20from%20my%20Paris%20Kitchen&en=page_view&_fv=1&_ss=1&ep.forceSSL=true&ep.anonymize_ip=true&tfd=1118
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WHT1MYT8SZ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cnz.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-277034-3&cid=88848028.1703947691&jid=788631508&gjid=714919026&_gid=2101863569.1703947691&_u=YEBAAUAAAAAAACAAI~&z=849573230
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cnz.to/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 30 Dec 2023 14:48:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cnz.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
96251a8bad83d10b6957.min.js
scripts.mediavine.com/tags/9906/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/tags/9906/96251a8bad83d10b6957.min.js
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/2.94.31/wrapper.min.js?bust=-1498279595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
39b8040e99ed258fdd8d51bbf92cc9bb8ce8a68809fae8e91253971479dd8bff
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
FTW4R0P8FBBKGDBZ
age
772290
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/9906/96251a8bad83d10b6957.min.js
content-length
8309
x-amz-id-2
nTwN/bkJ9YS1qesPG3f5o/Hw4tJHPpBR+Zayr59JEu5KmctvLDnBa1ENg7J0wwer8SE1pOGV98I=
x-served-by
cache-iad-kiad7000106-IAD, cache-yul12821-YUL
last-modified
Thu, 21 Dec 2023 16:08:21 GMT
server
AmazonS3
x-timer
S1703947691.790146,VS0,VE0
etag
"247c9fe618d66df16b9e323466e15478"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
1, 271518
228568f8b993121aebb6.min.js
scripts.mediavine.com/tags/8110/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/tags/8110/228568f8b993121aebb6.min.js
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/2.94.31/wrapper.min.js?bust=-1498279595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
5837b81f37ccca7e5a03a8898bf629d997e7c188ad5ecba3e08793e79c01f879
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
FTW9N3NQAGQ5TGH3
age
772290
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/8110/228568f8b993121aebb6.min.js
content-length
6428
x-amz-id-2
UXJmWykaDZe7bPIDOegFB9uz5fBLAtz72UxciQEJCnurd3jreMYog2IQWbJnYSn06f4s1MaTBPw=
x-served-by
cache-iad-kcgs7200136-IAD, cache-yul12821-YUL
last-modified
Thu, 21 Dec 2023 16:08:15 GMT
server
AmazonS3
x-timer
S1703947691.790133,VS0,VE0
etag
"4ff4d5168e30b1842a5b5a874a04630e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
1, 268062
3de53a8dca725b06affb.min.js
scripts.mediavine.com/tags/5629/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/tags/5629/3de53a8dca725b06affb.min.js
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/2.94.31/wrapper.min.js?bust=-1498279595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
a0b824fb00f0c50b765512317bc0e93daa203d1b9e2916dad6827fa5fbf45fe5
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
FTWD7SR0ECAJ3AFH
age
772290
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/5629/3de53a8dca725b06affb.min.js
content-length
8076
x-amz-id-2
ji+srP5A1pxI7+uqOT/pUNNhw0EEbIFu0LFKYfO3yIllGml90vn8RztQWADW+ZVBBY00BB7Khc0=
x-served-by
cache-iad-kcgs7200032-IAD, cache-yul12821-YUL
last-modified
Thu, 21 Dec 2023 16:08:21 GMT
server
AmazonS3
x-timer
S1703947691.790681,VS0,VE0
etag
"e71c31793a178eabf22aa1cb9054aaed"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
1, 264781
67203f625849583138fb.min.js
scripts.mediavine.com/tags/2726/ 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/tags/2726/67203f625849583138fb.min.js
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/2.94.31/wrapper.min.js?bust=-1498279595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
ed5413685378401839d0b05c232052d58018dc1a581d0db1411af0cc57e5e57e
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
FTW7DZEN1GS4A0VZ
age
772290
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/2726/67203f625849583138fb.min.js
content-length
6081
x-amz-id-2
/oMS9j7XMiS3AmLrgunItMrHgAaFUKnQE8E0qJ5QTlUqqbaQn2mLwWOKftw6ckQ/fH3qphf6W54=
x-served-by
cache-iad-kjyo7100134-IAD, cache-yul12821-YUL
last-modified
Thu, 21 Dec 2023 16:08:21 GMT
server
AmazonS3
x-timer
S1703947691.790670,VS0,VE0
etag
"40f8b04fe0c0c73c381ffd45988cbdcd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
1, 265162
127c66279545a39a8f5b.min.js
scripts.mediavine.com/tags/3222/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/tags/3222/127c66279545a39a8f5b.min.js
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/2.94.31/wrapper.min.js?bust=-1498279595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
883fa9745390489e86fc6cb70805527a3ca2d558fdd02ec649b90c3944fbc14c
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
K3BH6JP13DFBV2J0
age
2238346
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/3222/127c66279545a39a8f5b.min.js
content-length
3912
x-amz-id-2
8gz/nKZEAs5MiWN7HqKHvyMa3wV3NlFVIvKK0uNevrEBUdz/b+De/cOO+SMYb02DQqlg5NRN3os=
x-served-by
cache-iad-kcgs7200070-IAD, cache-yul12821-YUL
last-modified
Mon, 04 Dec 2023 16:42:20 GMT
server
AmazonS3
x-timer
S1703947691.790682,VS0,VE0
etag
"7468b50abca76eb482caad4ff8f174a5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
22, 645206
b5d7668c3846664e07f1.min.js
scripts.mediavine.com/tags/afterScroll/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/tags/afterScroll/b5d7668c3846664e07f1.min.js
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/2.94.31/wrapper.min.js?bust=-1498279595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
16ec18d8f68aede3d00e56cf0a481bdbf23b46c8a51488c56db63d482a4057dc
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
FTW6AAVFWEQ92GDW
age
772290
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/afterScroll/b5d7668c3846664e07f1.min.js
content-length
27253
x-amz-id-2
TLKy4dGkRcMGZ5rjalsRx0VxsJBKMXxlCT+ovwN6Q0KVt6kKSIVlNL3L1xHlQhAy4cTJiHydTyo=
x-served-by
cache-iad-kcgs7200027-IAD, cache-yul12821-YUL
last-modified
Thu, 21 Dec 2023 16:07:36 GMT
server
AmazonS3
x-timer
S1703947691.790645,VS0,VE0
etag
"a2f4c5d96a1a18cd422e8faddf6edf43"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
2, 247425
05e5b90016757eb6d006.min.js
scripts.mediavine.com/tags/675/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/tags/675/05e5b90016757eb6d006.min.js
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/2.94.31/wrapper.min.js?bust=-1498279595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
241d80503f2c90bbe544d429b1eb12199f5e5e120119341dcfafdb448f637c49
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
FTWFQGXB2X1V6T41
age
772290
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/675/05e5b90016757eb6d006.min.js
content-length
4119
x-amz-id-2
wkis9kCq9KKKHFGdvmfAh2SyrMoBgO53I7n/oDOA0gtv8S2KboSEQaOX0IErhlf1Wl41SCtsDho=
x-served-by
cache-iad-kiad7000176-IAD, cache-yul12821-YUL
last-modified
Thu, 21 Dec 2023 16:08:21 GMT
server
AmazonS3
x-timer
S1703947691.792036,VS0,VE0
etag
"306eabcced998d3328b33a79577ebe6f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
1, 258255
14decf0a94814552b0fa.min.js
scripts.mediavine.com/tags/3367/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/tags/3367/14decf0a94814552b0fa.min.js
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/2.94.31/wrapper.min.js?bust=-1498279595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
ffb80624264fb2038baf8456a09804e1e009afe7d642235beaf65dfea1de6fae
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
STVXCMWSMSNQB8EP
age
3983827
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/3367/14decf0a94814552b0fa.min.js
content-length
1325
x-amz-id-2
dMaM7z6krZv/c5RfejHc4wckEbObdPRDn5TFbrrFl37/pfPhztZTc8Brtw15X2Jw3sN+PFsx5q8=
x-served-by
cache-iad-kjyo7100030-IAD, cache-yul12821-YUL
last-modified
Wed, 18 Oct 2023 15:00:15 GMT
server
AmazonS3
x-timer
S1703947691.792043,VS0,VE0
etag
"7687384995f0a7a1035a10812b11b29b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
3, 690076
anchor
www.google.com/recaptcha/api2/ Frame 2377 		42 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJXgwUAAAAAET-Yr7diyD-TIsfvfnRt0rkjgu8&co=aHR0cHM6Ly9jbnoudG86NDQz&hl=en-GB&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=tewda5u5xkaa
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en_gb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
GSE /
Resource Hash
3815796784b33b1dc536b0db68c65308a5d6e39dbd2033ae0bcc59703a85e165
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CY_pM8oDSMIqdPlGOf_uZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-CY_pM8oDSMIqdPlGOf_uZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 14:48:10 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
www-player.css
www.youtube.com/s/player/da154528/ Frame 493E 		358 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/da154528/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TfcsN2nBDyU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
sffe /
Resource Hash
af17d4cff542b33c97ee3a95f82a21d8993c87fd3472dff534fa855828a3b615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/TfcsN2nBDyU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 09:09:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
193117
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47436
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 02:48:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 27 Dec 2024 09:09:33 GMT
embed.js
www.youtube.com/s/player/da154528/player_ias.vflset/en_US/ Frame 493E 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/da154528/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TfcsN2nBDyU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
sffe /
Resource Hash
234595572b74d58cd52917208142b3131ad7992126358ee0d917a40cd1240e83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/TfcsN2nBDyU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:25:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
454934
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16296
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 02:48:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 24 Dec 2024 08:25:56 GMT
www-embed-player.js
www.youtube.com/s/player/da154528/www-embed-player.vflset/ Frame 493E 		322 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TfcsN2nBDyU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
sffe /
Resource Hash
d854531f9c3833536d6971b4fd7617dafe1a2c6fd0bbed9469122e73ff3b13a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/TfcsN2nBDyU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 01:50:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
219485
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98735
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 02:48:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 27 Dec 2024 01:50:05 GMT
base.js
www.youtube.com/s/player/da154528/player_ias.vflset/en_US/ Frame 493E 		2 MB
767 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/da154528/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TfcsN2nBDyU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
sffe /
Resource Hash
fd8d118fe8ac283b6e6ece58b4bcbbc06cd734f11761faa7c46ff08069f711f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/TfcsN2nBDyU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:25:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
454934
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
785283
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 02:48:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 24 Dec 2024 08:25:56 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 493E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TfcsN2nBDyU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 18:05:35 GMT
x-content-type-options
nosniff
age
74555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Dec 2024 18:05:35 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 493E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TfcsN2nBDyU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 18:05:35 GMT
x-content-type-options
nosniff
age
74555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Dec 2024 18:05:35 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
webPushIframe
choczuc.os.tc/ Frame 74C4 		504 B
693 B 		Document
General
Check archive.org
Download Go to
Full URL
https://choczuc.os.tc/webPushIframe
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.143.23 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b66cf52223472cda1ffbcb97746faf7b29e7564a00b40142e1b81c1be06af2a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
REVALIDATED
cf-ray
83db150ccbac3981-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 30 Dec 2023 14:48:11 GMT
expires
Sat, 30 Dec 2023 15:48:11 GMT
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Origin, Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
a6ff49fd-0974-48c2-860a-b58e54128516
x-runtime
0.013763
x-xss-protection
1; mode=block
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb43371a3fe794ecc3d97a4ac77eacee71d2fe54bc626df474778fb1f4bee476

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		699 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a00c2435d3641f05cf8654bd0f2bb96e4334c66720dd4a0cfd6ab306dc2547ac

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
update
sda.fyi/ 		48 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sda.fyi/update?cats=368,369,371,372
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/2.94.31/wrapper.min.js?bust=-1498279595
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e42835474bed76108be3a8ab1de4095bd3ea32386e75758109723071699b9a8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrK4yGz3LLXTXGiI8eXPbHpvZc2YShkvrQHakB3OQplrTM56r4SCBPpDYT0r3f3zXgZ%2F3%2FTd5YEV6geX%2BqwtL6jJU6buK4K%2F96GV6tQL7RUUspeno630OJBU"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://cnz.to
content-type
application/json
access-control-allow-credentials
true
cf-ray
83db150cd9db39dd-YYZ
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
creativeBlocks
scripts.mediavine.com/ 		28 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/creativeBlocks
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/2.94.31/wrapper.min.js?bust=-1498279595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
80c323dd4df46e2e39e719475263dd85ab66d6e999df021d6522fab5df2d802e
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
37695
x-powered-by
Express
x-cache
HIT, HIT
content-length
8140
x-served-by
cache-iad-kjyo7100140-IAD, cache-yul12824-YUL
x-timer
S1703947691.949876,VS0,VE0
etag
W/"6f5f-frO4+4/nYT5/dujKGmGH+fBXW70"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-cache
accept-ranges
bytes
x-cache-hits
4, 9919
c16e0528c2c3c234ead6.min.js
scripts.mediavine.com/tags/8769/ 		299 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/tags/8769/c16e0528c2c3c234ead6.min.js
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/2.94.31/wrapper.min.js?bust=-1498279595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
a4af3ea6ff18bab36043bbb0c7de1d9e01150241334ceab412c9fe4b8961c2f7
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
BHJCZXYSD1BZHZP4
age
772290
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
MISS, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/8769/c16e0528c2c3c234ead6.min.js
content-length
96317
x-amz-id-2
0FB332BtnnrwcZWWWU/JJQQgCQO1pSvSBih85g63ExLvOHnxzqGd3OmNxHhQo89cMNQQLrvuq9k=
x-served-by
cache-iad-kiad7000052-IAD, cache-yul12821-YUL
last-modified
Thu, 21 Dec 2023 16:08:15 GMT
server
AmazonS3
x-timer
S1703947691.952886,VS0,VE0
etag
"b57f727bd6d034d6feffc9fb272c41d5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
2, 264182
535ecb08db948da2040c.min.js
scripts.mediavine.com/tags/prebid/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/tags/prebid/535ecb08db948da2040c.min.js
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/2.94.31/wrapper.min.js?bust=-1498279595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
abd3328d01e4d867f4f56d97288fe35e273103f3cef7d6785d3f550c738dbd49
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
QQK3QWXDF1ZWF3Y3
age
2159213
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/prebid/535ecb08db948da2040c.min.js
content-length
4764
x-amz-id-2
hXajnbPpG2ABV//W25XFHWaA4u1qJgaSEl7HwazkIMv5zzbFV14M0eOdAHc6fPzZ6ksMnAhugP4=
x-served-by
cache-iad-kiad7000045-IAD, cache-yul12821-YUL
last-modified
Tue, 21 Nov 2023 17:35:08 GMT
server
AmazonS3
x-timer
S1703947691.952929,VS0,VE0
etag
"3d56023aea9e5edefdd89225b0fe8c6a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
7, 249310
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 2377 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJXgwUAAAAAET-Yr7diyD-TIsfvfnRt0rkjgu8&co=aHR0cHM6Ly9jbnoudG86NDQz&hl=en-GB&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=tewda5u5xkaa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 10:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Dec 2024 10:07:46 GMT
recaptcha__en_gb.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 2377 		503 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en_gb.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJXgwUAAAAAET-Yr7diyD-TIsfvfnRt0rkjgu8&co=aHR0cHM6Ly9jbnoudG86NDQz&hl=en-GB&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=tewda5u5xkaa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f3.1e100.net
Software
sffe /
Resource Hash
6ec0a341e8e985e726de0f08c522271523761ec352f1b07adb5129da7225c20c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 23:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205984
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Dec 2024 23:25:31 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcnz.to%2F&domain=cnz.to&cw=1&lsw=1&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://cnz.to
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://cnz.to
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 30 Dec 2023 14:48:10 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
379698
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
adjustments
scripts.mediavine.com/amazon/v1/ 		54 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/amazon/v1/adjustments?offering=mediavine
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/2.94.31/wrapper.min.js?bust=-1498279595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
9a9a9ac1896c842ea8a6bb4a544ff2a33a4c9bb07b9f910c094cc65da69a1661
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
45
x-powered-by
Express
x-cache
HIT, HIT
content-length
12835
x-served-by
cache-iad-kjyo7100126-IAD, cache-yul12824-YUL
x-timer
S1703947691.048573,VS0,VE0
etag
W/"d6e0-TInEVRSSsaZzuN0t/G9UFyaUnoM"
vary
offering=mediavine, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, no cache
accept-ranges
bytes
x-cache-hits
52, 39
envelope
api.rlcdn.com/api/identity/ 		0
246 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=2
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cnz.to/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://cnz.to
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
rid
match.adsrvr.org/track/ 		109 B
556 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=sne7dew&fmt=json
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
37afe63caf6ac4aa70e635de51e477d81ee1270d4a51d02f54defe08274340a2

Request headers

Referer
https://cnz.to/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://cnz.to
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Mon, 29 Jan 2024 14:48:11 GMT
json
gum.criteo.com/sid/ 		338 B
641 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcnz.to%2F&domain=cnz.to&cw=1&lsw=1&us_privacy=1---
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
65ece8eb458cfbc49ac09ba446fe4550caa833f50ffae92288a1ac06477f7157
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://cnz.to/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:10 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cnz.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
631556
expires
0
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0014000000xvEfwAAE&gdpr=0&src=pbjs&ver=8.20.0&coppa=0&us_privacy=1---
  • https://lexicon.33across.com/v1/envelope?pid=0014000000xvEfwAAE&gdpr=0&src=pbjs&ver=8.20.0&coppa=0&us_privacy=1---&b=1&g=UirMx53d5u8oegrQyZa2Gj0tQBj%2BZ8YP6zvPSowR4xw%3D
42 B
138 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000000xvEfwAAE&gdpr=0&src=pbjs&ver=8.20.0&coppa=0&us_privacy=1---&b=1&g=UirMx53d5u8oegrQyZa2Gj0tQBj%2BZ8YP6zvPSowR4xw%3D
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:10 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://cnz.to
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 30 Dec 2023 14:48:10 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://cnz.to
location
https://lexicon.33across.com/v1/envelope?pid=0014000000xvEfwAAE&gdpr=0&src=pbjs&ver=8.20.0&coppa=0&us_privacy=1---&b=1&g=UirMx53d5u8oegrQyZa2Gj0tQBj%2BZ8YP6zvPSowR4xw%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
dc47ee0bbce5ba61d4c4.min.js
scripts.mediavine.com/tags/3322/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/tags/3322/dc47ee0bbce5ba61d4c4.min.js
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/2.94.31/wrapper.min.js?bust=-1498279595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
43cdbb1985231afab309de0be719ef8fe3a81228be641de8b454d1127209f6a7
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
027DHX3QSKZ4MTDR
age
2066955
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
MISS, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/3322/dc47ee0bbce5ba61d4c4.min.js
content-length
2726
x-amz-id-2
UmKIlp4iVmjE7mOJJyQp6Nmw+muOEsxVsJ5VJ++G4O47op4lS78G51WUFvLPd7z8LqzKwiTGDwU=
x-served-by
cache-iad-kcgs7200024-IAD, cache-yul12821-YUL
last-modified
Wed, 06 Dec 2023 16:37:14 GMT
server
AmazonS3
x-timer
S1703947691.076438,VS0,VE0
etag
"b1f88edbfc65df5d8098d9f5abe76437"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
0, 624115
6624ffc53778f73c44e7.min.js
scripts.mediavine.com/tags/427/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/tags/427/6624ffc53778f73c44e7.min.js
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/2.94.31/wrapper.min.js?bust=-1498279595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
3b0700d982298fdc944422457387899a83f0e7d371cd68c883fb488a17d99e35
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
CAVFFS1BE4TW88AK
age
896603
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/427/6624ffc53778f73c44e7.min.js
content-length
2417
x-amz-id-2
P+kE+SU8LnplkI4adtxRK4KjVm6r6jfJKa2UR9DH2RbalC05Udabaeda7mqYwTHufb7uDDG7qMw=
x-served-by
cache-iad-kcgs7200164-IAD, cache-yul12821-YUL
last-modified
Wed, 20 Dec 2023 05:40:39 GMT
server
AmazonS3
x-timer
S1703947691.079604,VS0,VE0
etag
"f6eab85aa683c57b441f6b89699bc298"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
10, 147709
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 00:25:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
51787
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 29 Dec 2024 00:25:04 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 493E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TfcsN2nBDyU
Protocol
H2
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9374de83a1ae003a6d2b760104087e3911f91d4d7de336b2ac5ab7b35e38b1a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 30 Dec 2023 14:48:11 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 493E 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:33:45 GMT
x-content-type-options
nosniff
age
866
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Dec 2023 14:48:45 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/afterScroll/b5d7668c3846664e07f1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.3.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-3-135.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 13:49:35 GMT
content-encoding
gzip
via
1.1 9b50161b0654f8123e6c8e0585e35ade.cloudfront.net (CloudFront), 1.1 13da95a9986b650e208a13e3d3754a9e.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:11 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5, CMH68-P4
age
3517
x-amz-server-side-encryption
AES256
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
BaWz63kN_2ZH3L9uLupghqo2nOn_zJ4LZuMJtnXSC0Y6LlGnULO4xA==
08101a158c9067b992e9.min.js
scripts.mediavine.com/tags/3706/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/tags/3706/08101a158c9067b992e9.min.js
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/2.94.31/wrapper.min.js?bust=-1498279595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
aa863b1f24ed086ab7aa5de96df09eb6587c469c752a797c4ee0ff85d1f5fac0
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
BHJ5WN9D1Y6WAD1M
age
772290
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
MISS, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/3706/08101a158c9067b992e9.min.js
content-length
2733
x-amz-id-2
AYWoge4JfrslTbl1dpfIg5N12rzWmBcbitaN88wQwZ2IVMJ60bJzTEc2ryLx5exQ5JN63s/ob3U=
x-served-by
cache-iad-kiad7000046-IAD, cache-yul12821-YUL
last-modified
Thu, 21 Dec 2023 16:08:21 GMT
server
AmazonS3
x-timer
S1703947691.166466,VS0,VE0
etag
"bd6ff991da778448c0fab19a98fa0cd5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
0, 255717
truncated
/ 		386 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba24896725c75f555776ee09b1ba000865f1c59b82098d665b893685fc528e79

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
efb8b69af53301063c91ea5840e4c1a0a1f8f0297b30ea27b5eb62792d19e058

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 30 Dec 2023 14:48:11 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 493E 		87 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f10.1e100.net
Software
ESF /
Resource Hash
2872dbd28d723d897e1d79e2c419707ec827c87356183ccf0791c3dad5a98045
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40590
x-xss-protection
0
remote.js
www.youtube.com/s/player/da154528/player_ias.vflset/en_US/ Frame 493E 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/da154528/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
sffe /
Resource Hash
e878848ad649d0b771d44453abd0ae8e4aa7a2b93298641ed0c26fff581dcb4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/TfcsN2nBDyU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:42:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
453956
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33549
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 02:48:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 24 Dec 2024 08:42:15 GMT
UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js
www.google.com/js/th/ Frame 493E 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
sffe /
Resource Hash
52100762441ce7d48c9b720b42f5f62d5f691ed5e6fede874f4eb0dc327ecd3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 09:01:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
20792
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19757
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Dec 2024 09:01:39 GMT
sddefault.webp
i.ytimg.com/vi_webp/TfcsN2nBDyU/ Frame 493E 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/TfcsN2nBDyU/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TfcsN2nBDyU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f22.1e100.net
Software
sffe /
Resource Hash
b6c68f825285a77566f508f60e14056f036308cbd75cdda648a82d6d51002e84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
x-content-type-options
nosniff
server
sffe
etag
"1481102108"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67700
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 30 Dec 2023 16:48:11 GMT
truncated
/ Frame 493E 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
AIf8zZS6ubi5OmE_XMTipVgJzaMuZ8I-QzSV6iecDlWlAw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 493E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AIf8zZS6ubi5OmE_XMTipVgJzaMuZ8I-QzSV6iecDlWlAw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TfcsN2nBDyU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
fife /
Resource Hash
9f59408f19a75086b0d83d73baefeeff7585dce8c5f2aee89f5d73fdd3a1a5d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
x-content-type-options
nosniff
server
fife
etag
"v20e"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3210
x-xss-protection
0
expires
Sun, 31 Dec 2023 14:48:11 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ Frame 74C4 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: choczuc.os.tc
URL: https://choczuc.os.tc/webPushIframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://choczuc.os.tc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
47
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83db150e6a664bb8-YUL
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Tue, 02 Jan 2024 14:48:11 GMT
check
scripts.mediavine.com/sync/ Frame 5182 		359 B
704 B 		Document
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/sync/check
Requested by
Host: exchange.mediavine.com
URL: https://exchange.mediavine.com/usersync.min.js?s2sVersion=production
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
8c4fc04634a28970e4a08a3f3a9e5b605fe4bafbc4a91ba48ecd48a486a61825
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
31
cache-control
public, no-cache
content-encoding
gzip
content-length
215
content-type
text/html; charset=utf-8
date
Sat, 30 Dec 2023 14:48:11 GMT
etag
W/"167-TIMC/WIoHklHcqlcGDzARpR3PKA"
strict-transport-security
max-age=300
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
1425788, 35
x-powered-by
Express
x-served-by
cache-iad-kcgs7200136-IAD, cache-yul12821-YUL
x-timer
S1703947691.263138,VS0,VE0
Bxq4bn_S_WQLi1emfppw4efsWzB07mtlRa5_2O6sP_s.js
www.google.com/js/bg/ Frame 2377 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/Bxq4bn_S_WQLi1emfppw4efsWzB07mtlRa5_2O6sP_s.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en_gb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
sffe /
Resource Hash
071ab86e7fd2fd640b8b57a67e9a70e1e7ec5b3074ee6b6545ae7fd8eeac3ffb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJXgwUAAAAAET-Yr7diyD-TIsfvfnRt0rkjgu8&co=aHR0cHM6Ly9jbnoudG86NDQz&hl=en-GB&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=tewda5u5xkaa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 09:01:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
20795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6850
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Dec 2024 09:01:36 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 2377 		105 B
136 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en-GB&v=u-xcq3POCWFlCr3x8_IPxgPu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJXgwUAAAAAET-Yr7diyD-TIsfvfnRt0rkjgu8&co=aHR0cHM6Ly9jbnoudG86NDQz&hl=en-GB&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=tewda5u5xkaa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
GSE /
Resource Hash
118460ae26de819d775e7d384434a2afd2b7b048013e47e385dc302b33b6c3bd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJXgwUAAAAAET-Yr7diyD-TIsfvfnRt0rkjgu8&co=aHR0cHM6Ly9jbnoudG86NDQz&hl=en-GB&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=tewda5u5xkaa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 30 Dec 2023 14:48:11 GMT
truncated
/ 		334 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89e53c14f48b9cc3cb5fa5ddca1d0b73f109fe1e345e7aff3a2489e4bfa58861

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
053a87db56b9f9bdd8d95548754022c044a9ac63721953e23deea5b967029805

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
d273b3f7a25cb28cb418.min.js
scripts.mediavine.com/tags/9300/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/tags/9300/d273b3f7a25cb28cb418.min.js
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/2.94.31/wrapper.min.js?bust=-1498279595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
64a4ed8872228e80f2ef6519ae6f19200ddd5da2670cdbcb30eeb8ac46e09a63
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
4HEN8VRYS81Y0X9K
age
5820115
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/9300/d273b3f7a25cb28cb418.min.js
content-length
940
x-amz-id-2
SNRuLD60iDjP0lMYsYsyEe2nbEguWaiGdCzmyH5Pjkj91zJY+V+j0/J5qZy8UxaeN/+ooq7T2T0=
x-served-by
cache-iad-kcgs7200084-IAD, cache-yul12821-YUL
last-modified
Sat, 14 Oct 2023 19:21:45 GMT
server
AmazonS3
x-timer
S1703947691.394189,VS0,VE0
etag
"76ed95a13469c309bb1771b0e3cc1c4f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
4, 681794
9a4878ce647526870d8c.min.js
scripts.mediavine.com/tags/6409/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/tags/6409/9a4878ce647526870d8c.min.js
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/2.94.31/wrapper.min.js?bust=-1498279595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
6feedee0b3ff656231324e97f80eac7feb981ba46b89187f0daaa9e058e6f6b9
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
4HEVWASQ4VZYSTG4
age
5823442
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/6409/9a4878ce647526870d8c.min.js
content-length
3186
x-amz-id-2
/NshcNxh/13RJsNT3IlIpyfTIsWObCnh5GIAAr2En9SJT7+VVb3FeSWGIKuDw/1t/d7CiqT2HUI=
x-served-by
cache-iad-kiad7000132-IAD, cache-yul12821-YUL
last-modified
Sat, 14 Oct 2023 19:21:46 GMT
server
AmazonS3
x-timer
S1703947691.394314,VS0,VE0
etag
"abb142824b55f4acb7bcc829e62dc8a2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
4, 684685
7a7d57b222fe0e3bde51.min.js
scripts.mediavine.com/tags/5728/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.mediavine.com/tags/5728/7a7d57b222fe0e3bde51.min.js
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/2.94.31/wrapper.min.js?bust=-1498279595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
2890052d7681e41619a41556f585712cc20cea3fcbb19480de840f39c785bce7
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
CAV7WEJMSVA248VQ
age
896603
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/5728/7a7d57b222fe0e3bde51.min.js
content-length
2076
x-amz-id-2
+FIdFYnI49tl3Va+p/GDPvCkWIQ8wwlQuqE4Q0TXZvoMpvPQ5QWp8Gi5yXCSI5RN7QjrCYnIpG8=
x-served-by
cache-iad-kcgs7200085-IAD, cache-yul12821-YUL
last-modified
Wed, 20 Dec 2023 05:40:39 GMT
server
AmazonS3
x-timer
S1703947691.396150,VS0,VE0
etag
"6c9b47373b89c333cc9635ab81025291"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
18, 222854
beacon.js
sb.scorecardresearch.com/internal-cs/27053452/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/27053452/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/27053452/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/27053452/beacon.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Server
3.160.5.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-5-46.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 10:57:21 GMT
content-encoding
gzip
via
1.1 18cb903dd2c9ff38a33d79715104de0a.cloudfront.net (CloudFront)
last-modified
Wed, 06 Dec 2023 05:18:34 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P4
age
21764
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
kdqRmLR8zQ7eVXWEoGufG_tWcq5NWbqcUnlS1mlwXiYj2ZYyX6CnIg==

Redirect headers

date
Sat, 30 Dec 2023 14:48:11 GMT
via
1.1 18cb903dd2c9ff38a33d79715104de0a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
CMH68-P4
x-cache
Miss from cloudfront
location
/internal-cs/27053452/beacon.js
content-length
0
x-amz-cf-id
wdSGmX1Ah8K2g4e3mqA95UjQGcJ7jGo69HkEKNZZ3s_foWasgt8k2A==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/afterScroll/b5d7668c3846664e07f1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:48:30 GMT
content-encoding
gzip
age
2516381
x-guploader-uploadid
ABPtcPrC-6N0WNjzkM5qAh9JaWJNUVWmAuT0EUNe79SUUOq5-JbFZ2q1o6Moq1ulXJNw4mtxq8o8E0tUjSpY48-eCIAGww
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 30 Nov 2024 11:48:30 GMT
pandg-sdk.js
pghub.io/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/afterScroll/b5d7668c3846664e07f1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 13:50:40 GMT
content-encoding
gzip
age
3451
x-guploader-uploadid
ABPtcPp39g2S25Ki0nFV5xOf5WvNqOTB-IvQC8r1FTdC1yfbsPe1VO0vBBSY-A18iSQOcC_M0gLaYQ0i73rZAi_Ap-03DA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5009
last-modified
Mon, 05 Jun 2023 16:36:50 GMT
server
UploadServer
etag
"47a886353056caf33a998c6041e20896"
vary
Accept-Encoding
x-goog-generation
1685983010517890
x-goog-hash
crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
5009
accept-ranges
bytes
content-type
application/javascript
ope-dmplite.js
cdn.opecloud.com/ 		61 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.opecloud.com/ope-dmplite.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-23.cmh68.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
58cc196d11d355db996638034106778ef7c5cb20a7122783ae9b85f1ccda8e90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:37:13 GMT
content-encoding
gzip
via
1.1 a325baefc1f21c1691e3e84bbf7b8906.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 10:28:34 GMT
server
nginx/1.24.0
x-amz-cf-pop
CMH68-P1
age
658
etag
W/"65817052-f46a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800, public
x-amz-cf-id
KYlirrNAvRtp1TiFbAPATNZvpR_uusKBdecsPrhseSkF_XWHgDdSHQ==
expires
Sat, 06 Jan 2024 14:37:13 GMT
sync
exchange.mediavine.com/usersync/ Frame 2560 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.mediavine.com/usersync/sync?origin=https://cnz.to&src=//exchange.mediavine.com&s2sVersion=production&gdpr=0&us_privacy=1---&gppString=DBABzw~1---~BqgAAAAAAgA&p=%7B%22appnexus%22%3Atrue%2C%22centro%22%3Atrue%2C%22emx_digital%22%3Atrue%2C%22gumgum%22%3Atrue%2C%22huddled_masses%22%3Atrue%2C%22indexExchange%22%3Atrue%2C%22kargo%22%3Atrue%2C%22mediadotnet%22%3Atrue%2C%22mediagrid%22%3Atrue%2C%22openx%22%3Atrue%2C%22pubmatic%22%3Atrue%2C%22pulsepoint%22%3Atrue%2C%22rubicon%22%3Atrue%2C%22sharethrough%22%3Atrue%2C%22smartmedia%22%3Atrue%2C%22sovrn%22%3Atrue%2C%22triplelift%22%3Atrue%2C%22verizon%22%3Atrue%2C%22yieldmo%22%3Atrue%7D
Requested by
Host: exchange.mediavine.com
URL: https://exchange.mediavine.com/usersync.min.js?s2sVersion=production
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.254.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-254-189.compute-1.amazonaws.com
Software
/
Resource Hash
1159e43303c4a7a8257ee78b056cd107c83eeef074f5a15878c3fc7ba758a74c

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 30 Dec 2023 14:48:11 GMT
vary
Origin, Accept-Encoding
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ Frame 74C4 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://choczuc.os.tc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
36
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83db150f6c4c4bb8-YUL
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Tue, 02 Jan 2024 14:48:11 GMT
38918095-8e45-4332-88bf-226b3514cb64
config.aps.amazon-adsystem.com/configs/ 		603 B
878 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/38918095-8e45-4332-88bf-226b3514cb64
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.25.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-25-98.cmh68.r.cloudfront.net
Software
CloudFront /
Resource Hash
e7ccf008248b90ffa7c0e9cdca06f9fd7afd39d291c1327f23dc96b8b0a8aad1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:21:07 GMT
via
1.1 192ddb149ecb1751bd671d09f051050a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
CMH68-P5
age
1624
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
603
x-amz-cf-id
3IiWMfqiDzm67oZLro79JeudCF0TPRASGs67KIrIUJtr0eWiia8WOA==
config
c.amazon-adsystem.com/cdn/prod/ 		471 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fcnz.to&pubid=38918095-8e45-4332-88bf-226b3514cb64
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.3.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-3-135.cmh68.r.cloudfront.net
Software
Server /
Resource Hash
46bf2987c83e22bd6bb782658762840e43c3389176ab927ff6da4029f567a7a7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:31:00 GMT
via
1.1 13da95a9986b650e208a13e3d3754a9e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
CMH68-P4
age
1030
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://cnz.to
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
471
x-amz-cf-id
DIp0LI34E7y3hC6zzYG_4cTpa5_L54rRdd0WXF3wVzy3bA6OQPksNA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.3.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-3-135.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 13:40:27 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 b3f79c7629585fd4818d306efdc55e44.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P4
age
4065
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
EYVawKeMdtbWcwxvSuL4ad5K7KUQnqw1Z9TyDT47mBB_faE-jwhpjg==
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 493E 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f10.1e100.net
Software
ESF /
Resource Hash
19cc066eaee5ba8344d103d2271579e045f1206b59593a5b2acd4564de288fc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 30 Dec 2023 14:48:11 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 493E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 30 Dec 2023 14:48:11 GMT
generate_204
www.youtube.com/ Frame 493E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?aRORiA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TfcsN2nBDyU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/TfcsN2nBDyU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E290 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Requested by
Host: exchange.mediavine.com
URL: https://exchange.mediavine.com/usersync.min.js?s2sVersion=production
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-57-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=74432
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 30 Dec 2023 14:48:20 GMT
expires
Sun, 31 Dec 2023 11:28:52 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
redirect
exchange.mediavine.com/usersync/ Frame 9D20
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562036&ev=7427dc00-a722-11ee-9bd0-e5d8c377681f&rurl=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpulsepoint%26uuid%3D7427dc00-a722-1...
  • https://exchange.mediavine.com/usersync/redirect?partner=pulsepoint&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=tXCG8tgaSK9D&ev=7427dc00-a722-11ee-9bd0-e5d8c377681f&pi...
0
185 B 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=pulsepoint&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=tXCG8tgaSK9D&ev=7427dc00-a722-11ee-9bd0-e5d8c377681f&pid=562036
Requested by
Host: exchange.mediavine.com
URL: https://exchange.mediavine.com/usersync.min.js?s2sVersion=production
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.254.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-254-189.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 30 Dec 2023 14:48:22 GMT
vary
Origin, Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
cw-server
bh-deployment-db744d8c7-dzpt8
expires
-1
location
https://exchange.mediavine.com/usersync/redirect?partner=pulsepoint&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=tXCG8tgaSK9D&ev=7427dc00-a722-11ee-9bd0-e5d8c377681f&pid=562036
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=12343702
Requested by
Host: exchange.mediavine.com
URL: https://exchange.mediavine.com/usersync.min.js?s2sVersion=production
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
nginx /
Resource Hash
b4208c430fb204fc4903653c1c36f9832e2c3bfb742a6828e96878e328d8e26e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 14:48:11 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Jul 2023 16:20:24 GMT
Server
nginx
ETag
W/"64c7df48-22bf"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2dca1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Sat, 30 Dec 2023 15:48:11 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame B86A 		0
0
cm
u.openx.net/w/1.0/ Frame 9C43
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.mediavine.com/usersync/redirect?partner=openx&uuid=7427dc00-a722-11ee...
  • https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.mediavine.com/usersync/redirect?partner=openx&uuid=7427dc00-a722...
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.mediavine.com/usersync/redirect?partner=openx&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=
Requested by
Host: exchange.mediavine.com
URL: https://exchange.mediavine.com/usersync.min.js?s2sVersion=production
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
019f58a048456fd2482af43617819c9c0066d1d61f853483e12eb0237c69c0ca

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
832
content-type
text/html
date
Sat, 30 Dec 2023 14:48:11 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 30 Dec 2023 14:48:11 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.mediavine.com/usersync/redirect?partner=openx&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame A7AA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17404&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17404&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17404&endpoint=us-east
Requested by
Host: exchange.mediavine.com
URL: https://exchange.mediavine.com/usersync.min.js?s2sVersion=production
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 30 Dec 2023 14:48:12 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 30 Dec 2023 14:48:11 GMT
location
https://eus.rubiconproject.com/usync.html?p=17404&endpoint=us-east
server
AkamaiGHost
9534
rtb.gumgum.com/usync/ Frame B410 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Requested by
Host: exchange.mediavine.com
URL: https://exchange.mediavine.com/usersync.min.js?s2sVersion=production
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.253.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-253-159.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b9d12fd3a53413ed7ec99fb4e090fcf3c316566b649334822df8a4aae2f414d4

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 30 Dec 2023 14:48:17 GMT
etag
W/"0185a3dbe35a07e773a78f174bc9fdd2d"
server
nginx
timing-allow-origin
*
pbsync
ads.yieldmo.com/ Frame 0FBF 		0
0
redirect
exchange.mediavine.com/usersync/ Frame A3E9
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dtriplelift%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2...
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dtriplelift%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681...
  • https://exchange.mediavine.com/usersync/redirect?partner=triplelift&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=3610331112224181422439
0
185 B 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=triplelift&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=3610331112224181422439
Requested by
Host: exchange.mediavine.com
URL: https://exchange.mediavine.com/usersync.min.js?s2sVersion=production
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.254.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-254-189.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 30 Dec 2023 14:48:19 GMT
vary
Origin, Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sat, 30 Dec 2023 14:48:19 GMT
location
https://exchange.mediavine.com/usersync/redirect?partner=triplelift&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=3610331112224181422439
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
redirect
exchange.mediavine.com/usersync/ Frame 6EBE
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193478&cb=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3DindexExchange%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sV...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3DindexExchange%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3D...
  • https://exchange.mediavine.com/usersync/redirect?partner=indexExchange&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=ZZAtsDWU3MR7QbQeOCmP9AAA%261420
0
185 B 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=indexExchange&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=ZZAtsDWU3MR7QbQeOCmP9AAA%261420
Requested by
Host: exchange.mediavine.com
URL: https://exchange.mediavine.com/usersync.min.js?s2sVersion=production
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.254.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-254-189.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 30 Dec 2023 14:48:16 GMT
vary
Origin, Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83db152efa5d711c-YYZ
content-length
0
date
Sat, 30 Dec 2023 14:48:16 GMT
expires
0
location
https://exchange.mediavine.com/usersync/redirect?partner=indexExchange&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=ZZAtsDWU3MR7QbQeOCmP9AAA%261420
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRpa8lrbB9W3weObgmi7rqZXw8Rf0i5A25Lmfdb%2FtsLnolrxct%2BRNe94KmvHAgvgbnkSgp466RVzMac1Sep8m2rv7iXUdb90aZPMklzfh4L3lrv%2FmUiHfvu58vXVldYg60Ot1Mk85SjOxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sync
ssbsync.smartadserver.com/api/ Frame 1A3E 		843 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=8
Requested by
Host: exchange.mediavine.com
URL: https://exchange.mediavine.com/usersync.min.js?s2sVersion=production
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.83.76.39 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
106339c42b1e49713a1d6d9ed26ed4b6d52fbe4267c9aba5f0bfe289bdbda199

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
843
content-type
text/html
date
Sat, 30 Dec 2023 14:48:11 GMT
redirect
exchange.mediavine.com/usersync/ Frame 2365
Redirect Chain
  • https://contextual.media.net/cksync.php?cs=19&type=mdv&ovsid=7427dc00-a722-11ee-9bd0-e5d8c377681f&us_privacy=1---&redirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dmed...
  • https://exchange.mediavine.com/usersync/redirect?partner=mediadotnet&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=3469492926465194000V10
0
185 B 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=mediadotnet&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=3469492926465194000V10
Requested by
Host: exchange.mediavine.com
URL: https://exchange.mediavine.com/usersync.min.js?s2sVersion=production
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.254.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-254-189.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 30 Dec 2023 14:48:12 GMT
vary
Origin, Accept-Encoding

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Sat, 30 Dec 2023 14:48:12 GMT
expires
Sat, 30 Dec 2023 14:48:12 GMT
location
https://exchange.mediavine.com/usersync/redirect?partner=mediadotnet&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=3469492926465194000V10
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
redirect
exchange.mediavine.com/usersync/ Frame DB34
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=47b99924&us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dsharethrough%26uuid%3D7427dc00-a722-11ee-9bd0...
  • https://exchange.mediavine.com/usersync/redirect?partnerId=5b730dc2-93d3-4f06-9265-105364495611&partner=sharethrough
0
185 B 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.mediavine.com/usersync/redirect?partnerId=5b730dc2-93d3-4f06-9265-105364495611&partner=sharethrough
Requested by
Host: exchange.mediavine.com
URL: https://exchange.mediavine.com/usersync.min.js?s2sVersion=production
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.254.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-254-189.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 30 Dec 2023 14:48:20 GMT
vary
Origin, Accept-Encoding

Redirect headers

content-length
0
date
Sat, 30 Dec 2023 14:48:20 GMT
location
https://exchange.mediavine.com/usersync/redirect?partnerId=5b730dc2-93d3-4f06-9265-105364495611&partner=sharethrough
redirect
exchange.mediavine.com/usersync/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dsovrn%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D%...
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dsovrn%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D%...
  • https://exchange.mediavine.com/usersync/redirect?partner=sovrn&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=H6HYiLZHd5pThMccSmegS3gY
0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=sovrn&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=H6HYiLZHd5pThMccSmegS3gY
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Server
52.203.254.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-254-189.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

Date
Sat, 30 Dec 2023 14:48:11 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://exchange.mediavine.com/usersync/redirect?partner=sovrn&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=H6HYiLZHd5pThMccSmegS3gY
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
redirect
exchange.mediavine.com/usersync/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://exchange.mediavine.com/usersync/redirect?partner=appnexus&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dappnexus%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%2...
  • https://exchange.mediavine.com/usersync/redirect?partner=appnexus&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=2963816996209011993
0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=appnexus&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=2963816996209011993
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Server
52.203.254.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-254-189.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:17 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
an-x-request-uuid
65f49a90-209c-47a7-96e1-f614c8e49096
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://exchange.mediavine.com/usersync/redirect?partner=appnexus&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=2963816996209011993
x-proxy-origin
185.213.80.43; 185.213.80.43; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
redirect
exchange.mediavine.com/usersync/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dmediagrid%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partner...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dmediagrid%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26p...
  • https://exchange.mediavine.com/usersync/redirect?partner=mediagrid&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=1b5adac0-e56f-4876-8fdb-b83d18162df4
0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=mediagrid&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=1b5adac0-e56f-4876-8fdb-b83d18162df4
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Server
52.203.254.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-254-189.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:12 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

Location
https://exchange.mediavine.com/usersync/redirect?partner=mediagrid&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=1b5adac0-e56f-4876-8fdb-b83d18162df4
Date
Sat, 30 Dec 2023 14:48:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0&gdpr_consent=&us_privacy=1---&user_id=7427dc00-a722-11ee-9bd0-e5d8c377681f
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 14:48:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
ups.analytics.yahoo.com/ups/58749/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58749/sync?redir=true&gpp_sid=-1&gpp=DBABzw~1---~BqgAAAAAAgA
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
redirect
exchange.mediavine.com/usersync/
Redirect Chain
  • https://ice.360yield.com/server_match?&partner_id=1625&r=https://exchange.mediavine.com/usersync/redirect?partner=improvedigital&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&part...
  • https://ice.360yield.com/ul_cb/server_match?&partner_id=1625&r=https://exchange.mediavine.com/usersync/redirect?partner=improvedigital&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=productio...
  • https://exchange.mediavine.com/usersync/redirect?partner=improvedigital&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=669f73d2-b4d0-43df-9fbc-0799d95effcd
0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=improvedigital&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=669f73d2-b4d0-43df-9fbc-0799d95effcd
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Server
52.203.254.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-254-189.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:12 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

location
https://exchange.mediavine.com/usersync/redirect?partner=improvedigital&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=669f73d2-b4d0-43df-9fbc-0799d95effcd
access-control-allow-origin
*
date
Sat, 30 Dec 2023 14:48:12 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel.gif
exchange.mediavine.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1mahn14&ttd_puid=7427dc00-a722-11ee-9bd0-e5d8c377681f&ttd_tpi=1&rurl=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dthe_tr...
  • https://exchange.mediavine.com/usersync/redirect?partner=the_trade_desk&type=pixel&partnerId=ae9fa611-1916-4d55-ab82-f7eea3328191
  • https://exchange.mediavine.com/pixel.gif
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/pixel.gif
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Server
52.203.254.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-254-189.compute-1.amazonaws.com
Software
/
Resource Hash
784a81d7abbd8e4670546720eb51f5c55607597aa5189f7674558148c08dea21

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
last-modified
Thu, 21 Dec 2023 16:52:33 GMT
etag
W/"619-18c8d4b0468"
vary
Origin
content-type
image/gif
cache-control
no-cache, private
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1561

Redirect headers

location
https://exchange.mediavine.com/pixel.gif
date
Sat, 30 Dec 2023 14:48:11 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
mediavine
crb.kargo.com/api/v1/dsync/ 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/mediavine?exid=7427dc00-a722-11ee-9bd0-e5d8c377681fus_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dkargo%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D%24UID
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.28.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-28-76.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:19 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
exchange.mediavine.com/bidRequest/ 		141 KB
53 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://exchange.mediavine.com/bidRequest/?s2sVersion=production
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.254.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-254-189.compute-1.amazonaws.com
Software
/
Resource Hash
af1c051c3908dc4161c2a908444b469d8931560e3d09e8533a475ef6b7ff595e

Request headers

Referer
https://cnz.to/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://cnz.to
date
Sat, 30 Dec 2023 14:48:12 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
auction
tlx.3lift.com/header/ 		0
0
bid
aax.amazon-adsystem.com/e/dtb/ 		104 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fcnz.to%2F&pid=TJSybjjDNSby3&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22sidebar_atf%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A23%7D%2C%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A100%2C%22id%22%3A%22sticky_outstream_desktop%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22300x169%22%5D%7D%2C%7B%22sd%22%3A%22adhesion_desktop%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A23%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22name%22%3A%22Chocolate%20and%20Zucchini%22%2C%22domain%22%3A%22cnz.to%22%2C%22cat%22%3A%5B%22IAB8%22%5D%2C%22sectioncat%22%3A%5B%22IAB8%22%5D%2C%22pagecat%22%3A%5B%22IAB8%22%5D%2C%22page%22%3A%22https%3A%2F%2Fcnz.to%2F%22%2C%22ref%22%3A%22%22%2C%22keywords%22%3A%22paris%20kitchen%2Cchocolate%2Czucchini%2Csimple%20recipes%2Cblack%20sesame%2Ckind%2Csabl%C3%A9s%2Cbutter%2Cissue%2Ctoasty%20flavor%2Crecipe%2Cfrench%20man%2Ceasy%20meal%2Ccoconut%2Cshatter-prone%22%2C%22privacypolicy%22%3A1%2C%22mobile%22%3A1%2C%22content%22%3A%7B%22language%22%3A%22en%22%2C%22cat%22%3A%5B%22IAB8%22%5D%2C%22data%22%3A%5B%7B%22name%22%3A%22gumgum.com%22%2C%22ext%22%3A%7B%22segtax%22%3A2%7D%2C%22segment%22%3A%5B%7B%22id%22%3A%22210%22%7D%2C%7B%22id%22%3A%22211%22%7D%2C%7B%22id%22%3A%22216%22%7D%2C%7B%22id%22%3A%22217%22%7D%5D%7D%5D%7D%2C%22ext%22%3A%7B%7D%7D%2C%22user%22%3A%7B%22geo%22%3A%7B%22region%22%3A%22QC%22%2C%22country%22%3A%22CA%22%7D%2C%22ext%22%3A%7B%22eids%22%3A%5B%5D%7D%7D%7D%7D&schain=1.0%2C1!mediavine.com%2C1f277cd5df52f199bf29610999d7dfb6%2C1%2C%2C%2C&gpp=DBABzw~1---~BqgAAAAAAgA&pubid=38918095-8e45-4332-88bf-226b3514cb64&gdpre=0&gdprl=%7B%22status%22%3A%22explicit-no-gdpr%22%2C%22enabled%22%3Afalse%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.23.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-23-31.cmh68.r.cloudfront.net
Software
Server /
Resource Hash
9c26d98737a773d4e29c2b539e05cce37eb8aa92b6026b8a1e6d1db6062ff10f
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:15 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 b7a454c5d7e9ad8ba2aca6a02bb25f14.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
CMH68-P3
x-amz-rid
6BRC69J0RCKT79W3CF45
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://cnz.to
access-control-allow-credentials
true
timing-allow-origin
*
content-length
104
x-amz-cf-id
YVbl0VFHUjGvunbC9qEJOl-aqoPJKthelTuS2umXgyLqEWSQDeNk1w==
pbjs
htlb.casalemedia.com/openrtb/ 		0
0
pbjs
htlb.casalemedia.com/openrtb/ 		0
0
translator
hbopenbid.pubmatic.com/ 		21 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
24d5bc29cf8d5021fdeaafafd4c9871fc124163ea2d72adfb994aba8c883abe7

Request headers

Referer
https://cnz.to/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://cnz.to
date
Sat, 30 Dec 2023 14:48:10 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
observe-browsing-topics
?1
content-type
application/json
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
463 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c9d8d3dbe63b469a0ac002502475465742ce4c2f7cc60beb1d5d4a69c63c0b85

Request headers

Referer
https://cnz.to/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.5.0
Content-Type
application/json
access-control-allow-origin
https://cnz.to
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
web
onesignal.com/api/v1/sync/7fd31114-8467-11e5-8b4f-a0369f2d9328/ Frame 74C4 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/7fd31114-8467-11e5-8b4f-a0369f2d9328/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f880e65695685e810257bdbecabb72b9d6d198cd251b2bbed82ffab7f31c3761
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://choczuc.os.tc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
cf-polished
origSize=3131
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
8d136613-ab29-4b9c-be1b-dca193ec8559
x-runtime
0.029241
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"5fd8d82240d3e26d9172cbb614fc678c"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
83db15113f334bb8-YUL
access-control-allow-headers
SDK-Version
expires
Sat, 30 Dec 2023 15:48:11 GMT
pixel.gif
pdmp.tagger.opecloud.com/pdmp/b4/v2/ 		35 B
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pdmp.tagger.opecloud.com/pdmp/b4/v2/pixel.gif?url=https%3A%2F%2Fcnz.to%2F&ref=&tref=&tz=8&screen=1600x1200x24&dcRegion=us-east-1&cmpstatus=notrequired&e=%5B%5D&fpid=e9746a6e-a8ed-4579-9b0e-7b61ef3e03ee
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.123.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-123-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:12 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
content-length
51
expires
0
cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame 493E 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/120/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f3.1e100.net
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 20:58:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 15:04:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 30 Dec 2023 20:58:53 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=27053452&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1703947691763&ns_c=UTF-8&c7=https%3A%2F%2Fcnz.to%2F&c8=Chocolate%20%26%20Zucchini%20%7C%20Simple%20Recipes%2...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=27053452&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1703947691763&ns_c=UTF-8&c7=https%3A%2F%2Fcnz.to%2F&c8=Chocolate%20%26%20Zucchini%20%7C%20Simple%20Recipes%...
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=27053452&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1703947691763&ns_c=UTF-8&c7=https%3A%2F%2Fcnz.to%2F&c8=Chocolate%20%26%20Zucchini%20%7C%20Simple%20Recipes%20from%20my%20Paris%20Kitchen&c9=
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Server
3.160.5.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-5-46.cmh68.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
via
1.1 18cb903dd2c9ff38a33d79715104de0a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
CMH68-P4
x-amz-cf-id
GUHS9Z05n6Dn1OC152Gfzmn9CGHF_qKCLFuf9pUZDRLYSB1Tm-3KHQ==
x-cache
Miss from cloudfront

Redirect headers

date
Sat, 30 Dec 2023 14:48:11 GMT
via
1.1 18cb903dd2c9ff38a33d79715104de0a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
CMH68-P4
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=27053452&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1703947691763&ns_c=UTF-8&c7=https%3A%2F%2Fcnz.to%2F&c8=Chocolate%20%26%20Zucchini%20%7C%20Simple%20Recipes%20from%20my%20Paris%20Kitchen&c9=
content-length
0
x-amz-cf-id
Dlq8ZiBlIHbgVdRmwELgw_civPhsFfWNDpsr9Ej7VZVdSiTYxleKvg==
bframe
www.google.com/recaptcha/api2/ Frame F89E 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en-GB&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LdJXgwUAAAAAET-Yr7diyD-TIsfvfnRt0rkjgu8
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en_gb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
GSE /
Resource Hash
5898643489601e99b69677cf21487205b3c0357bc4803b7ee7a392ea1bcab2d4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-i-wH7iijfzlqyppQLCRfSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-i-wH7iijfzlqyppQLCRfSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 14:48:11 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
redirect
exchange.mediavine.com/usersync/ Frame 9C43 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=openx&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=7a6cb72d-e167-0cbc-2c1d-ab0b978d224c
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.mediavine.com/usersync/redirect?partner=openx&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.254.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-254-189.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:11 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
sync
ups.analytics.yahoo.com/ups/58294/ Frame 9C43 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=9ae1a4c1-8fde-0199-1f25-8c22b27abb98
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.mediavine.com/usersync/redirect?partner=openx&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
458249.gif
idsync.rlcdn.com/ Frame 9C43
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=e1e3582e-9af3-0db0-137b-cddb1c422e29
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokZTFlMzU4MmUtOWFmMy0wZGIwLTEzN2ItY2RkYjFjNDIyZTI5EAAaDQir28CsBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=41c73c5780330c1b6d98a3df183dea6e9523d8e5b5340bdbff93e513d736f370791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA0MWM3M2M1NzgwMzMwYzFiNmQ5OGEzZGYxODNkZWE2ZTk1MjNkOGU1YjUzNDBiZGJmZjkzZTUxM2Q3MzZmMzcwNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA0MWM3M2M1NzgwMzMwYzFiNmQ5OGEzZGYxODNkZWE2ZTk1MjNkOGU1YjUzNDBiZGJmZjkzZTUxM2Q3MzZmMzcwNzkxNDI2YjU0MTdkY2UyMRAAGgwIrNvArAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=0b61be16-f575-498c-bd89-0fdf40e6b9ce
42 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=0b61be16-f575-498c-bd89-0fdf40e6b9ce
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.mediavine.com/usersync/redirect?partner=openx&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=
Protocol
H2
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:12 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 30 Dec 2023 14:48:12 GMT
via
1.1 google
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/458249.gif?partner_uid=0b61be16-f575-498c-bd89-0fdf40e6b9ce
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
sd
us-u.openx.net/w/1.0/ Frame 9C43
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=5659502509214791558
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=5659502509214791558
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.mediavine.com/usersync/redirect?partner=openx&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:18 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:18 GMT
an-x-request-uuid
5fdf0e93-a23e-4ba0-a0e4-86f7af9bb59c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=5659502509214791558
x-proxy-origin
185.213.80.43; 185.213.80.43; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9C43
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4241110474002595656&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4241110474002595656&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.mediavine.com/usersync/redirect?partner=openx&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4241110474002595656&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 30 Dec 2023 14:48:14 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 9C43
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZZAtrgAKzRwSbwBd
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZAtrgAKzRwSbwBd&_test=ZZAtrgAKzRwSbwBd
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZAtrgAKzRwSbwBd&_test=ZZAtrgAKzRwSbwBd
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.mediavine.com/usersync/redirect?partner=openx&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yul12822-YUL
pragma
no-cache
date
Sat, 30 Dec 2023 14:48:14 GMT
via
1.1 varnish
server
Varnish
x-timer
S1703947695.978311,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZAtrgAKzRwSbwBd&_test=ZZAtrgAKzRwSbwBd
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
20e2410c-c718-a999-7dd5-5bddda8e82b8
pr-bh.ybp.yahoo.com/sync/openx/ Frame 9C43 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/20e2410c-c718-a999-7dd5-5bddda8e82b8?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.mediavine.com/usersync/redirect?partner=openx&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.225.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-225-85.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 9C43
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ecf35b35-4b1e-802a-8c0c-cfbf4dea8411
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ecf35b35-4b1e-802a-8c0c-cfbf4dea8411&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ecf35b35-4b1e-802a-8c0c-cfbf4dea8411&dcc=t
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.mediavine.com/usersync/redirect?partner=openx&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0BERV35XJGV33YC53H8B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MKCMB9W406MBBVJ5XPN6
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ecf35b35-4b1e-802a-8c0c-cfbf4dea8411&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9C43
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=b4252748-57b4-3bd0-4c02-4d2825d94ff1&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=ae9fa611-1916-4d55-ab82-f7eea3328191&ttd_puid=b4252748-57b4-3bd0-4c02-4d2825d94ff1&gdpr=0&gdpr_consent=
43 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ae9fa611-1916-4d55-ab82-f7eea3328191&ttd_puid=b4252748-57b4-3bd0-4c02-4d2825d94ff1&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.mediavine.com/usersync/redirect?partner=openx&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:11 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ae9fa611-1916-4d55-ab82-f7eea3328191&ttd_puid=b4252748-57b4-3bd0-4c02-4d2825d94ff1&gdpr=0&gdpr_consent=
date
Sat, 30 Dec 2023 14:48:11 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 9C43
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTg0YWY0ODItOWVjMy02NTc0LTU5ZTItMTc5MWVmM2I4MTkx
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTg0YWY0ODItOWVjMy02NTc0LTU5ZTItMTc5MWVmM2I4MTkx&google_tc=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTg0YWY0ODItOWVjMy02NTc0LTU5ZTItMTc5MWVmM2I4MTkx&google_tc=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.mediavine.com/usersync/redirect?partner=openx&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=
Protocol
H2
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTg0YWY0ODItOWVjMy02NTc0LTU5ZTItMTc5MWVmM2I4MTkx&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9C43
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIijdUGW6EtTDa17g4l0x4o&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIijdUGW6EtTDa17g4l0x4o&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.mediavine.com/usersync/redirect?partner=openx&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIijdUGW6EtTDa17g4l0x4o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
log.pinterest.com/ 		0
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame F89E 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en-GB&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LdJXgwUAAAAAET-Yr7diyD-TIsfvfnRt0rkjgu8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 10:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Dec 2024 10:07:46 GMT
recaptcha__en_gb.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame F89E 		503 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en_gb.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en-GB&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LdJXgwUAAAAAET-Yr7diyD-TIsfvfnRt0rkjgu8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f3.1e100.net
Software
sffe /
Resource Hash
6ec0a341e8e985e726de0f08c522271523761ec352f1b07adb5129da7225c20c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 23:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205984
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Dec 2024 23:25:31 GMT
redirect
exchange.mediavine.com/usersync/ Frame 1A3E 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=smartmedia&partnerId=2833654250881570906&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.254.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-254-189.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:12 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
/
rtb-csync.smartadserver.com/redir/ Frame 1A3E
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=b88e34e8-ef93-4d51-afac-7b807bd1ac74&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=b88e34e8-ef93-4d51-afac-7b807bd1ac74&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=8
Protocol
HTTP/1.1
Server
23.105.12.136 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 30 Dec 2023 14:48:11 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:11 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=b88e34e8-ef93-4d51-afac-7b807bd1ac74&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
785117
content-length
0
expires
Sat, 30 Dec 2023 00:00:00 GMT
/
wt.rqtrk.eu/ Frame 1A3E
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26...
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=2833654250881570906&gdpr_pd=0&gdpr=0&gdpr_consent=
43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=2833654250881570906&gdpr_pd=0&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=8
Protocol
H2
Server
15.235.42.104 Terrebonne, Canada, ASN16276 (OVH, FR),
Reverse DNS
haproxy-ca-003.roqad.pl
Software
istio-envoy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:12 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type
image/gif
cache-control
no-cache,private
x-envoy-upstream-service-time
1
content-length
43
expires
Sat, 30 Dec 2023 14:48:11 GMT

Redirect headers

location
https://wt.rqtrk.eu?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=2833654250881570906&gdpr_pd=0&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 30 Dec 2023 14:48:11 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 1A3E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=td36KrGMon6u3vB_u97uIrWO9Syu2KEt5Y7vG0Xr
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=td36KrGMon6u3vB_u97uIrWO9Syu2KEt5Y7vG0Xr
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=8
Protocol
HTTP/1.1
Server
23.105.12.136 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 30 Dec 2023 14:48:13 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=td36KrGMon6u3vB_u97uIrWO9Syu2KEt5Y7vG0Xr
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
redir
rtb-csync.smartadserver.com/ Frame 1A3E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACVt07LIFsAABOibw3ZwQ&partnerid=127&gdpr=0
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partneruserid=AACVt07LIFsAABOibw3ZwQ&partnerid=127&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=8
Protocol
HTTP/1.1
Server
23.105.12.136 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 30 Dec 2023 14:48:11 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partneruserid=AACVt07LIFsAABOibw3ZwQ&partnerid=127&gdpr=0
Date
Sat, 30 Dec 2023 14:48:12 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame A7AA 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17404&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d749a992f0eb365b9a7f569f47bce5d5a4bbfbf0f977d3e9eef2c51bd990d1f0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17404&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 14:48:12 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Dec 2023 19:15:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=16030
Connection
keep-alive
Content-Length
13174
Expires
Sat, 30 Dec 2023 19:15:22 GMT
khaos.json
token.rubiconproject.com/ Frame A7AA 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
Expires
0
targeting
pdmp.profiles.tagger.opecloud.com/v1/ 		130 B
311 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pdmp.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Fcnz.to%2F&fpid=e9746a6e-a8ed-4579-9b0e-7b61ef3e03ee&tenant=b4
Requested by
Host: cdn.opecloud.com
URL: https://cdn.opecloud.com/ope-dmplite.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.123.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-123-191.compute-1.amazonaws.com
Software
/
Resource Hash
36e8d658af8b6f2725da4523cadb36d0b79ccdbb4b8bf73bb0231be0a41d2acc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://cnz.to
date
Sat, 30 Dec 2023 14:48:13 GMT
content-encoding
gzip
access-control-allow-credentials
true
cache-control
no-cache
content-type
application/json
log_event
www.youtube.com/youtubei/v1/ Frame 493E 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
X-Goog-Request-Time
1703947693253
Content-Type
application/json
X-YouTube-Utc-Offset
-480
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/TfcsN2nBDyU
X-YouTube-Client-Version
1.20231217.00.00
X-YouTube-Time-Zone
America/Vancouver
X-Goog-Visitor-Id
CgtJdE9SQm5kUmtkYyiq28CsBjIKCgJDQRIEGgAgIw%3D%3D
X-YouTube-Ad-Signals
dt=1703947691012&flash=0&frm=2&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C640%2C360&vis=1&wgl=true&ca_type=image

Response headers

date
Sat, 30 Dec 2023 14:48:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
redirect
exchange.mediavine.com/usersync/ Frame A7AA
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17404&khaos=LQS6GMOO-13-GYA2
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQS6GMOO-13-GYA2
0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQS6GMOO-13-GYA2
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Server
52.203.254.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-254-189.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:13 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQS6GMOO-13-GYA2
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
ecm3
s.amazon-adsystem.com/ Frame A7AA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TAnSfcCYQ9aS1DMIlVaorg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TAnSfcCYQ9aS1DMIlVaorg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TAnSfcCYQ9aS1DMIlVaorg
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Q8PK5KJYVNQYWV6ZK2AP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TAnSfcCYQ9aS1DMIlVaorg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8bab65602db075726861004da5629947
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A7AA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJNKj4fIIFWvBbzKQbMzAFM&google_cver=1
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJNKj4fIIFWvBbzKQbMzAFM&google_cver=1
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1df09169f58a071f2a391dff1b3307b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJNKj4fIIFWvBbzKQbMzAFM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame A7AA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQS6GMOO-13-GYA2
0
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQS6GMOO-13-GYA2
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:13 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 3D4CFC89DB944F81AD34CD1985EA3E8D Ref B: EWR311000104021 Ref C: 2023-12-30T14:48:13Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNuzz9FkBCZzE2pW8HEg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQS6GMOO-13-GYA2
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A7AA
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=J63BxSwXT9aRir_xvmXpnQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=J63BxSwXT9aRir_xvmXpnQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=J63BxSwXT9aRir_xvmXpnQ
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
HTTP/1.1
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NPC2CP5X9ACBFQMR67B0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=J63BxSwXT9aRir_xvmXpnQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A7AA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODhiM2UzMzhmZmNhMjNhZjZjMWM4MDMzOWZjM2JlN2ZkYzE1NTdhNQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODhiM2UzMzhmZmNhMjNhZjZjMWM4MDMzOWZjM2JlN2ZkYzE1NTdhNQ
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODhiM2UzMzhmZmNhMjNhZjZjMWM4MDMzOWZjM2JlN2ZkYzE1NTdhNQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
314e432eb2d967cf733b82bdbbe35231
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A7AA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFTNkdNT08tMTMtR1lBMg==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFJOd_QGoi7F_IwehtGeAhM&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFTNkdNT08tMTMtR1lBMg==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFTNkdNT08tMTMtR1lBMg==&google_push=
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFTNkdNT08tMTMtR1lBMg==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
574abe46412f7df61ec8713ff1a5b646
Expires
0
ecm3
s.amazon-adsystem.com/ Frame A7AA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LQS6GMOO-13-GYA2&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQS6GMOO-13-GYA2&ex=d-rubiconproject.com&status=ok
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FSMHQ4VCZYCHYKKP1VBV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQS6GMOO-13-GYA2&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
eea754ae2ea80a3b4eb2fcf35349058a
Expires
0
tap.php
pixel.rubiconproject.com/ Frame A7AA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ae9fa611-1916-4d55-ab82-f7eea3328191&gdpr=0&gdpr_consent=&expires=30
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ae9fa611-1916-4d55-ab82-f7eea3328191&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ae9fa611-1916-4d55-ab82-f7eea3328191&gdpr=0&gdpr_consent=&expires=30
date
Sat, 30 Dec 2023 14:48:13 GMT
server
Kestrel
content-length
289
tap.php
pixel.rubiconproject.com/ Frame A7AA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/MBAcc9pNvoCKoJaj04xSssn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WXvS7MFE2oKQEIVt5WNju9Qwaz4UnTt8_5XwNw--~A
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WXvS7MFE2oKQEIVt5WNju9Qwaz4UnTt8_5XwNw--~A
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
44e748b6247b033344ab4f6b8c0f8cbb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 30 Dec 2023 14:48:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WXvS7MFE2oKQEIVt5WNju9Qwaz4UnTt8_5XwNw--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame A7AA
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACVt07LIFsAABOibw3ZwQ&expires=30
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACVt07LIFsAABOibw3ZwQ&expires=30
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
44e748b6247b033344ab4f6b8c0f8cbb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACVt07LIFsAABOibw3ZwQ&expires=30
Date
Sat, 30 Dec 2023 14:48:13 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
pixel
capi.connatix.com/us/ Frame A7AA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LQS6GMOO-13-GYA2&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LQS6GMOO-13-GYA2&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LQS6GMOO-13-GYA2&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
83db15264edf7154-YUL
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 30 Dec 2023 14:48:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LQS6GMOO-13-GYA2&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
83db1525ddda7154-YUL
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
sync
ups.analytics.yahoo.com/ups/58160/ Frame A7AA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQS6GMOO-13-GYA2&redir=true
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQS6GMOO-13-GYA2&redir=true
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Location
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQS6GMOO-13-GYA2&redir=true
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b08c627b67f10e75995ce6908d3f9f7b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
magnite
prebid.a-mo.net/setuid/ Frame A7AA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LQS6GMOO-13-GYA2
0
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LQS6GMOO-13-GYA2
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:21 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
5
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LQS6GMOO-13-GYA2
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
Expires
0
setuid
ib.adnxs.com/prebid/ Frame A7AA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQS6GMOO-13-GYA2
43 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQS6GMOO-13-GYA2
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:18 GMT
an-x-request-uuid
56613967-cb15-4747-92b3-e2eb0ff0d1c2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
185.213.80.43; 185.213.80.43; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQS6GMOO-13-GYA2
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f69a50991384d09413b97a37bb74928b
Expires
0
tap.php
pixel.rubiconproject.com/ Frame A7AA
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5424119b-601b-4303-9302-c674017cde11&expires=30
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5424119b-601b-4303-9302-c674017cde11&expires=30
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5424119b-601b-4303-9302-c674017cde11&expires=30
Date
Sat, 30 Dec 2023 14:48:15 GMT
Connection
keep-alive
X-CI-RTID
3d63ce2a-9b3f-4a34-b42b-1100b6ed15e2
Content-Length
144
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/ Frame A7AA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQS6GMOO-13-GYA2
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQS6GMOO-13-GYA2
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Server
107.23.135.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-135-200.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:20 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQS6GMOO-13-GYA2
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
Expires
0
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:40 GMT
server
cloudflare
age
240172
etag
W/"65833ec4-2d18"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83db15230d1ea1ea-YYZ
expires
Tue, 02 Jan 2024 14:48:14 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:14 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
062df9ea3bb16552a87c2384f1e2f7bf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
30fe2b25061c04e45888d4eccbe63e113ad09715a8ee40d87485f188a526aa2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 21 Dec 2023 07:50:16 GMT
server
nginx
etag
W/"6583ee38-a9b8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 14:48:14 GMT
connectId-gpt.js
connectid.analytics.yahoo.com/ 		0
0
esp
oajs.openx.net/ 		85 B
308 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fcnz.to%2F&rid=esp
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
60aae95b9cd589ab6c83454739147be1fe481b9ea71d14f3b1a6b509d02a6e36

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:14 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-NFzhoX0N3t/RyqcvMzGElsXeKWo"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cnz.to
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85
ads
securepubads.g.doubleclick.net/gampad/ 		129 KB
49 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3698468271802399&correlator=2266627097298623&eid=31077978%2C31080121%2C31080056&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1030006%3A22697653334%2Cchocolateandzucchini%2Csidebar%2Cadhesion&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=300x250%7C300x600%7C160x600%7C120x600%2C728x90%7C970x90%7C468x60%7C320x100&ifi=1&sfv=1-0-40&fsbs=1%2C1&eri=5&sc=1&cookie_enabled=1&abxe=1&dt=1703947694487&adxs=1100%2C-12245933&adys=817%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcnz.to%2F&vis=1&psz=300x0%7C728x-1&msz=300x0%7C0x-1&fws=0%2C640&ohw=0%2C0&ga_vid=88848028.1703947691&ga_sid=1703947694&ga_hid=1019701129&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRiU48nZyzFIAFICCGQSGQoKYW1hem9uLmNvbRiU48nZyzFIAFICCGQSGAoJeWFob28uY29tGJTjydnLMUgAUgIIZBIXCghydGJob3VzZRiU48nZyzFIAFICCGQSFAoFb3BlbngYlOPJ2csxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJTjydnLMUgAUgIIZA..&dlt=1703947689969&idt=1380&prev_scp=hb_bidder%3Dsovrn_s2s%26hb_adid%3D37fecff2636c6e1%26hb_pb%3D0.51%26hb_sdef_set%3D0.961024%26hb_bid%3D0.51%26hb_bsbid%3D0.5065603021236335%26hb_safeframe%3D1%26hb_s2sBidder%3Dsovrn%26hb_liv%3D4%26hb_ub%3D0.51%26hb_size%3D160x600%26hb_pb_pubmatic%3D0.38%26hb_pb_indexExcha_s2s%3D0.34%26hb_pb_sovrn_s2s%3D0.51%26hb_pb_openx_s2s%3D0.30%26sales_cat%3D210%252C211%252C216%252C217%26sales_safety%3DGGT0%26sales_kw%3Dparis%2520kitchen%252Cchocolate%252Czucchini%252Csimple%2520recipes%252Cblack%2520sesame%252Ckind%252Csabl%25C3%25A9s%252Cbutter%252Cissue%252Ctoasty%2520flavor%252Crecipe%252Cfrench%2520man%252Ceasy%2520meal%252Ccoconut%252Cshatter-prone%26sales_segment%3DGumGum%2520Verity%2520Seasonal%2520-%2520Fathers%2520Day%252CGumGum%2520Verity%2520Seasonal%2520-%2520Memorial%2520Day%252CGumGum%2520Verity%2520Seasonal%2520-%2520Thanksgiving%252FBl%252CGumGum%2520Verity%2520Seasonal%2520-%2520Christmas%252CGumGum%2520Verity%2520Seasonal%2520-%2520The%2520Big%2520Game%2520(A%26partnerLift%3DrubiconE4M3%26slot_id%3Dsidebar_atf%26hb_count%3D6%26hb_pool%3D0%26hb_pmp%3D0%26UR%3D51%26URP%3D138%26OE%3D0%26google%3D1%26native%3D1%26slot_number%3D1%26slot%3Dsidebar_atf%26arrival%3D0%26refresh%3D0%26sspm%3D0%26bidFloor%3D0.23%26ccpa%3D1---%26timeout%3Dsidebar_atf_d_2301%26gid%3D0%26inview%3D0%26adomain%3Dvrbo.com%26grow_state%3D1%26dsp_id%3D23%263pc%3D1%26illr%3D0%26gpp%3D0-0-0%7Chb_bidder%3DindexExchange_s2s%26hb_adid%3D3117a156e21b85e%26hb_pb%3D1.02%26hb_sdef_set%3D0.961024%26hb_bid%3D1.02%26hb_bsbid%3D1.02382515%26hb_safeframe%3D1%26hb_s2sBidder%3DindexExchange%26hb_liv%3D4%26hb_ub%3D1.02%26hb_size%3D320x100%26hb_pb_indexExcha_s2s%3D1.02%26hb_pb_sharethrou_s2s%3D0.42%26hb_pb_openx_s2s%3D0.65%26sales_cat%3D210%252C211%252C216%252C217%26sales_safety%3DGGT0%26sales_kw%3Dparis%2520kitchen%252Cchocolate%252Czucchini%252Csimple%2520recipes%252Cblack%2520sesame%252Ckind%252Csabl%25C3%25A9s%252Cbutter%252Cissue%252Ctoasty%2520flavor%252Crecipe%252Cfrench%2520man%252Ceasy%2520meal%252Ccoconut%252Cshatter-prone%26sales_segment%3DGumGum%2520Verity%2520Seasonal%2520-%2520Fathers%2520Day%252CGumGum%2520Verity%2520Seasonal%2520-%2520Memorial%2520Day%252CGumGum%2520Verity%2520Seasonal%2520-%2520Thanksgiving%252FBl%252CGumGum%2520Verity%2520Seasonal%2520-%2520Christmas%252CGumGum%2520Verity%2520Seasonal%2520-%2520The%2520Big%2520Game%2520(A%26partnerLift%3DrubiconE4M3%26slot_id%3Dadhesion_desktop%26hb_count%3D3%26hb_pool%3D0%26hb_pmp%3D0%26UR%3D102%26URP%3D138%26OE%3D0%26google%3D1%26native%3D1%26slot_number%3D1%26slot%3Dadhesion_desktop%26arrival%3D0%26refresh%3D0%26sspm%3D0%26bidFloor%3D0.23%26ccpa%3D1---%26timeout%3Dadhesion_atf_d_2801%26gid%3D0%26inview%3D0%26adomain%3Dadidas.ca%26grow_state%3D1%26dsp_id%3D85%263pc%3D1%26illr%3D0%26gpp%3D0-0-0&cust_params=site%3Dchocolate-and-zucchini%26path%3D%252F%26secure%3D1%26sessiondepth%3D1%26optout%3Dcpbm%252Cwl%26categories%3Dfood-and-drink%26generator%3Dweb%26bucket%3D42%26referrer_url%3DDIRECT%26utm_source%3D%26utm_campaign%3D%26dow%3D6%26day%3D30%26month%3D12%26hour%3D14%26wrapper_group%3D2.94.31%26wswy%3D8%26sessionId%3D88848028%26groupm%3D1%26browser%3DChrome%26os%3DWindows%26s2sVersion%3Dproduction&adks=3656871219%2C536790681&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
cb932d07aec8805e7181ebd8548c37bf60d29ba139ddb8ddc80165cbdde0368a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50553
x-xss-protection
0
google-lineitem-id
-1,5219357454
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138293932970
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cnz.to
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FE20 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 14:48:14 GMT
expires
Sun, 29 Dec 2024 14:48:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
esp
oajs.openx.net/ 		85 B
138 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fcnz.to%2F&rid=esp
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
60aae95b9cd589ab6c83454739147be1fe481b9ea71d14f3b1a6b509d02a6e36

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:14 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-NFzhoX0N3t/RyqcvMzGElsXeKWo"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cnz.to
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85
/
exchange.mediavine.com/bidRequest/ 		168 KB
68 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://exchange.mediavine.com/bidRequest/?s2sVersion=production
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.254.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-254-189.compute-1.amazonaws.com
Software
/
Resource Hash
40ec67865cc9c65f0ce39a8eb9e7d35f06c544d85b7f2b13607962abaa2c7078

Request headers

Referer
https://cnz.to/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://cnz.to
date
Sat, 30 Dec 2023 14:48:15 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
bid
aax.amazon-adsystem.com/e/dtb/ 		104 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fcnz.to%2F&pid=TJSybjjDNSby3&cb=1&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22sidebar_btf%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A23%7D%2C%7B%22sd%22%3A%22content_btf%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A23%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22name%22%3A%22Chocolate%20and%20Zucchini%22%2C%22domain%22%3A%22cnz.to%22%2C%22cat%22%3A%5B%22IAB8%22%5D%2C%22sectioncat%22%3A%5B%22IAB8%22%5D%2C%22pagecat%22%3A%5B%22IAB8%22%5D%2C%22page%22%3A%22https%3A%2F%2Fcnz.to%2F%22%2C%22ref%22%3A%22%22%2C%22keywords%22%3A%22paris%20kitchen%2Cchocolate%2Czucchini%2Csimple%20recipes%2Cblack%20sesame%2Ckind%2Csabl%C3%A9s%2Cbutter%2Cissue%2Ctoasty%20flavor%2Crecipe%2Cfrench%20man%2Ceasy%20meal%2Ccoconut%2Cshatter-prone%22%2C%22privacypolicy%22%3A1%2C%22mobile%22%3A1%2C%22content%22%3A%7B%22language%22%3A%22en%22%2C%22cat%22%3A%5B%22IAB8%22%5D%2C%22data%22%3A%5B%7B%22name%22%3A%22gumgum.com%22%2C%22ext%22%3A%7B%22segtax%22%3A2%7D%2C%22segment%22%3A%5B%7B%22id%22%3A%22210%22%7D%2C%7B%22id%22%3A%22211%22%7D%2C%7B%22id%22%3A%22216%22%7D%2C%7B%22id%22%3A%22217%22%7D%5D%7D%5D%7D%2C%22ext%22%3A%7B%7D%7D%2C%22user%22%3A%7B%22geo%22%3A%7B%22region%22%3A%22QC%22%2C%22country%22%3A%22CA%22%7D%2C%22ext%22%3A%7B%22eids%22%3A%5B%5D%7D%7D%7D%7D&schain=1.0%2C1!mediavine.com%2C1f277cd5df52f199bf29610999d7dfb6%2C1%2C%2C%2C&gpp=DBABzw~1---~BqgAAAAAAgA&pubid=38918095-8e45-4332-88bf-226b3514cb64&gdpre=0&gdprl=%7B%22status%22%3A%22explicit-no-gdpr%22%2C%22enabled%22%3Afalse%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.23.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-23-31.cmh68.r.cloudfront.net
Software
Server /
Resource Hash
5e922f7175050613517b8944534ba4dd68837aa690e9fb12e6513d8465e84cc4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:15 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 b7a454c5d7e9ad8ba2aca6a02bb25f14.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
CMH68-P3
x-amz-rid
K3A41WGXBM49JTT4CBSJ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://cnz.to
access-control-allow-credentials
true
timing-allow-origin
*
content-length
104
x-amz-cf-id
f_0YbuiDNMZdSHSGwgIJnqY7sHQj5umIa8-rbdM2HJZTTzCtmmDdfw==
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
486 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=179872
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34f76b8ec6ecba4e4fc556dd3b237f117577201af369ec620da6176ef8f9e79e

Request headers

Referer
https://cnz.to/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5JxroP7vc2Ee3TOldGhPdaQKLKz2Of7P%2FqCJSUgzlop2Xj25l0Hg4JhYPXP9tE6QTtX%2FX%2FGYwzuxv9ctEoKsQxo%2B8v1mm76XqPuyomGRVDrX0%2FOx1MZBdN5gNuhNObyCeOR0KPo"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://cnz.to
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
83db1529ec1136ae-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ 		0
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cnz.to/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://cnz.to
date
Sat, 30 Dec 2023 14:48:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		13 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17404&site_id=168624&zone_id=812698&size_id=15&alt_size_ids=9%2C8%2C10&us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&rp_schain=1.0,1!mediavine.com,1f277cd5df52f199bf29610999d7dfb6,1,,,&tpid_tdid=ae9fa611-1916-4d55-ab82-f7eea3328191&eid_adserver.org=ae9fa611-1916-4d55-ab82-f7eea3328191&eid_pubcid.org=7f2885e3-7ba9-45c0-92d2-70ce1033e4f0%5E1&eid_criteo.com=8sch3V9jeU5Yd2RrVk5TeE9EeXNZVlBhcTE2djBucVozMHhxN3kxUWs3eGt1Nms4cVViTm1PJTJGRkw5RlNFd3QxMFRvT1E1ZmMlMkJTaGtjS0VvR1FTaFY1YUt6eXclM0QlM0Q%5E1&rf=https%3A%2F%2Fcnz.to%2F&kw=paris%20kitchen%2Cchocolate%2Czucchini%2Csimple%20recipes%2Cblack%20sesame%2Ckind%2Csabl%C3%A9s%2Cbutter%2Cissue%2Ctoasty%20flavor%2Crecipe%2Cfrench%20man%2Ceasy%20meal%2Ccoconut%2Cshatter-prone&tg_i.domain=cnz.to&tg_i.page=https%3A%2F%2Fcnz.to%2F&tg_i.name=Chocolate%20and%20Zucchini&tg_i.cat=IAB8&tg_i.sectioncat=IAB8&tg_i.pagecat=IAB8&tg_i.privacypolicy=1&tg_i.mobile=1&tg_i.iab=210%2C211%2C216%2C217&tg_i.category=food-and-drink&tg_i.pbadslot=%2F1030006%2C22697653334%2Fchocolateandzucchini%2Fsticky_sidebar&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=6157370d3c92bac&p_screen_res=1600x1200&rp_floor=0.27&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8380433044443762
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1d0cfc1e6b72899045e718452c438fb6a9c913ac42813910397834edfed3e10d

Request headers

Referer
https://cnz.to/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://cnz.to
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		13 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17404&site_id=168624&zone_id=812704&size_id=15&alt_size_ids=2%2C1%2C14%2C16&us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&rp_schain=1.0,1!mediavine.com,1f277cd5df52f199bf29610999d7dfb6,1,,,&tpid_tdid=ae9fa611-1916-4d55-ab82-f7eea3328191&eid_adserver.org=ae9fa611-1916-4d55-ab82-f7eea3328191&eid_pubcid.org=7f2885e3-7ba9-45c0-92d2-70ce1033e4f0%5E1&eid_criteo.com=8sch3V9jeU5Yd2RrVk5TeE9EeXNZVlBhcTE2djBucVozMHhxN3kxUWs3eGt1Nms4cVViTm1PJTJGRkw5RlNFd3QxMFRvT1E1ZmMlMkJTaGtjS0VvR1FTaFY1YUt6eXclM0QlM0Q%5E1&rf=https%3A%2F%2Fcnz.to%2F&kw=paris%20kitchen%2Cchocolate%2Czucchini%2Csimple%20recipes%2Cblack%20sesame%2Ckind%2Csabl%C3%A9s%2Cbutter%2Cissue%2Ctoasty%20flavor%2Crecipe%2Cfrench%20man%2Ceasy%20meal%2Ccoconut%2Cshatter-prone&tg_i.domain=cnz.to&tg_i.page=https%3A%2F%2Fcnz.to%2F&tg_i.name=Chocolate%20and%20Zucchini&tg_i.cat=IAB8&tg_i.sectioncat=IAB8&tg_i.pagecat=IAB8&tg_i.privacypolicy=1&tg_i.mobile=1&tg_i.iab=210%2C211%2C216%2C217&tg_i.category=food-and-drink&tg_i.pbadslot=%2F1030006%2C22697653334%2Fchocolateandzucchini%2Fcontent&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=62ea8f98144993b&p_screen_res=1600x1200&rp_floor=0.27&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5837319402345233
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
be62c9b9abdbc021fab50fc3f4cb88c6bdd1e0a3c17a88fa73e638071b6b543d

Request headers

Referer
https://cnz.to/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://cnz.to
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
751 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.20.0&referrer=https%3A%2F%2Fcnz.to%2F&tmax=2801&us_privacy=1---
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.222.229.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-229-145.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://cnz.to/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:14 GMT
accept-ch
sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform
x-auction-status
29
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://cnz.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame F0B0 		749 B
775 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
87afaa444ea097b755eade6b34d1a5afc16531244d4081f8e3d33079d71a21a3

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
466
content-type
text/html
date
Sat, 30 Dec 2023 14:48:14 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pd
google-bidout-d.openx.net/w/1.0/ Frame 5090 		749 B
779 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
87afaa444ea097b755eade6b34d1a5afc16531244d4081f8e3d33079d71a21a3

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
466
content-type
text/html
date
Sat, 30 Dec 2023 14:48:14 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
envelope
lexicon.33across.com/v1/ 		42 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000000xvEfwAAE&src=esp&ver=1.3.0&us_privacy=1---
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ob.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://cnz.to/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 30 Dec 2023 14:48:13 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://cnz.to
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
encrypt
esp.rtbhouse.com/ 		201 B
474 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
6fd805002127e4de71701b6023ded3ec0843559d89a92bd206ef5562690a9e65

Request headers

Referer
https://cnz.to/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 30 Dec 2023 14:48:14 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
ac03e5c754b09517a4079d0421190890
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
201
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
us-u.openx.net/w/1.0/ Frame 5090
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=abab13ad-05ce-079e-3a97-d669c1eb41c0&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:d315bb6d79becfd911c66fcbff551b2d
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:d315bb6d79becfd911c66fcbff551b2d
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 30 Dec 2023 14:48:21 GMT
server
Aorta/20231219.0f0182a99
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:d315bb6d79becfd911c66fcbff551b2d
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
c71a6e46d04c
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame 5090
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=a3OtdP4ygv6qdgGf9sB1Sw==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5090
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=7546a3af-2181-4724-952e-e7e8c84f055b
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=7546a3af-2181-4724-952e-e7e8c84f055b
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=7546a3af-2181-4724-952e-e7e8c84f055b
Date
Sat, 30 Dec 2023 14:48:15 GMT
Connection
keep-alive
X-CI-RTID
c82879cf-f21b-447c-86af-83f5ff4ac094
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 5090
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=ea0cb69f-fd08-4957-b853-f508bc735d02-65902db0-5553&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=ea0cb69f-fd08-4957-b853-f508bc735d02-65902db0-5553&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=ea0cb69f-fd08-4957-b853-f508bc735d02-65902db0-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 5090
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=b25b54b4-0cb3-0657-06e3-d5fe16558efd
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=b25b54b4-0cb3-0657-06e3-d5fe16558efd
95 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=b25b54b4-0cb3-0657-06e3-d5fe16558efd
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:18 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sat, 30 Dec 2023 14:48:18 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=b25b54b4-0cb3-0657-06e3-d5fe16558efd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sd
us-u.openx.net/w/1.0/ Frame F0B0
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=abab13ad-05ce-079e-3a97-d669c1eb41c0&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:d315bb6d79becfd911c66fcbff551b2d
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:d315bb6d79becfd911c66fcbff551b2d
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 30 Dec 2023 14:48:21 GMT
server
Aorta/20231219.0f0182a99
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:d315bb6d79becfd911c66fcbff551b2d
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
03c3b1a2d2e0
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame F0B0
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=a3OtdP4ygv6qdgGf9sB1Sw==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F0B0
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=1f2ab506-7b61-4110-9343-c48701588d22
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=1f2ab506-7b61-4110-9343-c48701588d22
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=1f2ab506-7b61-4110-9343-c48701588d22
Date
Sat, 30 Dec 2023 14:48:15 GMT
Connection
keep-alive
X-CI-RTID
6f547fcb-1e57-4e27-acdf-795a5a7b66d9
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame F0B0
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=ea0cb69f-fd08-4957-b853-f508bc735d02-65902db0-5553&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=ea0cb69f-fd08-4957-b853-f508bc735d02-65902db0-5553&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=ea0cb69f-fd08-4957-b853-f508bc735d02-65902db0-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame F0B0
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=b25b54b4-0cb3-0657-06e3-d5fe16558efd
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=b25b54b4-0cb3-0657-06e3-d5fe16558efd
95 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=b25b54b4-0cb3-0657-06e3-d5fe16558efd
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:18 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sat, 30 Dec 2023 14:48:18 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=b25b54b4-0cb3-0657-06e3-d5fe16558efd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tag
pandg.tapad.com/ Frame 14AC
Redirect Chain
  • https://feed.pghub.io/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fcnz.to%2F&owner=P%26G&bp_id=mediavine&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22...
  • https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fcnz.to%2F&owner=P%26G&bp_id=mediavine&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%...
13 B
261 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fcnz.to%2F&owner=P%26G&bp_id=mediavine&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22Food%20%26%20Drink%22%2C%22subcategory%22%3A%22Food%20%26%20Drink%22%7D
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-security-policy
default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
content-type
text/html;charset=utf-8
date
Sat, 30 Dec 2023 14:48:21 GMT
server
Jetty(11.0.13)
strict-transport-security
max-age=31536000
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-length
0
date
Sat, 30 Dec 2023 14:48:21 GMT
location
https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fcnz.to%2F&owner=P%26G&bp_id=mediavine&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22Food%20%26%20Drink%22%2C%22subcategory%22%3A%22Food%20%26%20Drink%22%7D
server
Jetty(11.0.13)
strict-transport-security
max-age=31536000
via
1.1 google
container.html
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FCD9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 14:48:14 GMT
expires
Sun, 29 Dec 2024 14:48:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EA5B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 14:48:14 GMT
expires
Sun, 29 Dec 2024 14:48:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame AFB8 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiHRhDRp0cYkrGY3QEwAQ&v=APEucNUXKHlZQZ95SLvEeTPuKnYzGczvrMLXxCT1ZTqxClHqXU-e_DXBuSOWxotsP8Pm-7W1iE-MA0aepKMAf7TK0IZmVaHzXg
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 14:48:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1298974/68196513/ Frame FCD9 		255 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1298974/68196513/skeleton.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.90.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-90-71.compute-1.amazonaws.com
Software
/
Resource Hash
fd1b926388e49250150b716e263b13df666c3757c4430210b5d9b0861667b797

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FCD9 		0
58 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=88&version=r20231207&sample=0.01
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame FCD9 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 01:12:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
48967
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 01:12:08 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame FCD9 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 17:51:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
75396
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 17:51:39 GMT
view
ad.doubleclick.net/pcs/ Frame FCD9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssfuM2f0HDqg9TEDOwOY0yLcnApODJPCoyfCtNAVC7rkE8U62A53AuU3x8fk5WgfwwfyV-GGpYmYoDyuvraLr7vBgqQ2QIhHUJyAx3vUIXazRbTm0paliMRiRBVdsPsE6BL6QBEXhe31EAMgSde5qGtLVvnBgSiuvdHirlZY1mbpnvT9fUXIiDhto09Lmq-2_x6lb-Vt0zbrz6zab2dYyyzNFnMPJD8VrFKFzkS5rsGlgboWDh9ld_lGUTyNX9PMNctoAMenbULyCVoaKgxIqnAFgMoSBT134LCG_eO0So7e8LD8q1LxMC7ptjEt1-yNWTOkTiDhrE6Dknu2sxIQiKITLH5gS14KJhlo4pwguitx5uQ3IlwJJhvHw-ljMszgjvRdDmPfyDYOrwWcHu5RQHgem_LIfZgz54yJ3PNvQG1S-x6WbkkKPMaZv_P_w_I3e5Daj9v0x4WP1k0dozmHRbrHMJxRvJm856frk7gVM7ygloyQw3E68m_H_c-WfxO06UDyCivmTJA2BP3P9VVizBcN0rimfDQck4cfu9TgE35GDTnWIAF88Af9E_oTS2WEYOGEnWbyXsZonXhaYKs65RSTS-i4A5XgAnVcscIpJTdlWG0nTvLkjg274m4tDiKNrh6aSA202rSrV40goj4ra1A18DKd_3kMxZi-2N3kwCfaPwa9s2VTVkaP2o5fGNGSVavFS8iOtJA00QMf50dGYSpNaEioRgudAx8C3qcDpwcM1kPk8lrMMEwfMwkGgxv6Dw_OX0RAjXPAEt6915vDwl9dKuwlu5pcBkkj3Xocf_78agn2yu86RshVaZY20kYHghKTfUc1gNVaJpInOeofGlvpTe17TxAuqQz9Bh9Pr1_nOgVJtvMQpK3zZWvMSU3G8_Xs24WFU0fy6NP0hoj0lk18Wvk0DdEX1IJq4yZVXfbAEFk1DU9uDDkTXvMNyAH4y9hAKJ_kSyZV_PMqx-CwywOW2uDgoPa2tQsRh2sePEGK1dD9beW2GypvxtnExreGHqmqweyZBQdNy3u9uCWZGjag4zaG1g3L3rKlICqkpFEG6T3-ivgA14YFI5DgGFjPfEX-sOjo-VrBbDGAT8ReM0Tr2x5rvH7_TmCTADFayr1aaNUnnyq3Gx43Tm5awUQqYyPW7XKAacVC4eopoBntDeKtK3ueb9DiuM_h_GYZwrnM_q3J2niknACssdGVFaJ9BgoG7XBIPLC85qi7LxBnwxZFinkEsPaKqqN9XgHVI1nr4JL3-D3xjE4eElUFBIO9mbUsPz3ec39luNzL8pFvZjX4CVdXd9tf9Q1fEOYyxpVd-FEa7VQ-qu_T-XC-HW8nNVqDJTrlOkxc8YWplp9D1KgDABs6tx2BsPPpyuKs6XwnddsP03Oc5mhs-K5mXM85zg-8KzysJgT039VdsEpuYs_5XIvRXmnjjupiCqWD3YggMQ_QChba0VqHH0bfTQYcX1Ga9DzXBnU6BnskJPSVJxS6m-pvwPOIgAr6TH6lz6xj5Z6KrOMHj07JJND2ond&sai=AMfl-YT3P1thlpo5Cmd4Tg2OOMQK5QTkNe3YuU44T9ElgqHGa-U79IlbXO4j25xM2hX7N_68fSiZSPbjbdhEc0_oJ55ZPC_cQJtnQ6IR0ebnQ9_ddUlB9-pZKEX_27eryj9WBbEetRkXqPzAFqdJhjuLpTwwXg0-JrP8icT5AwkE2q3vnvxNGrJfZCrFbm7YZ9y3ChqF6TLdjUhs5lE_MCig-70HkXbuqMxcGEglS3_4wECPzJm42l3N6lqLhv67SYlO6JoJvabwfh9IouJUMkOGRebQLYzcDQ4BR9wnCXVahowVgY6rP9na3ld6kA0yehsp3op_6EYr4di4wu69lk8-5D41Bnno19lWbTnFPAecQ-WbRIkv1KCE7VqKIZj69LEkj5XAoezRC3zcWroggIXcSd-D2jBc12mwid-hsKG9ww&sig=Cg0ArKJSzP34ly7kGJFwEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYWRpbGxhY2NhbmFkYS5jYQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231207.54104&arae=0&ftch=1&adurl=
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 30 Dec 2023 14:48:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame FCD9 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 13:17:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
5465
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Dec 2024 13:17:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FCD9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 00:27:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
51626
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 00:27:49 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3D17 		1 KB
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
19067
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 09:30:28 GMT
etag
48472445140208031
expires
Sun, 31 Dec 2023 09:30:28 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FCD9 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 00:24:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
51799
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 00:24:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FCD9 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bp_UtCqobd2pVJIrvf1L6Hmy0hooAvRfz5cENvgzKChQCl5u6LeeUVp5Ma7Qssq2vV9kXjz1C8quHlAIJKGIVdbpaJ9eHJroFbv_GPFacoipNOrW8
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame FCD9 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:48:15 GMT
13988323583570501184
s0.2mdn.net/simgad/ Frame FCD9 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13988323583570501184
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
39fd587b0089a6a25a4742cb7c98043bb9a375ccb1b178545742e78b5f1e0b9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 29 Dec 2024 04:02:35 GMT
date
Sat, 30 Dec 2023 04:02:35 GMT
x-content-type-options
nosniff
age
38741
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
150309
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 20:20:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EA5B 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 00:00:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
53260
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 29 Dec 2024 00:00:35 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame EA5B 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:48:15 GMT
rum
dsum-sec.casalemedia.com/ Frame AFB8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENG20CJtEDcDIZCzwdp8ht4&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENG20CJtEDcDIZCzwdp8ht4&google_cver=1&C=1
43 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENG20CJtEDcDIZCzwdp8ht4&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiHRhDRp0cYkrGY3QEwAQ&v=APEucNUXKHlZQZ95SLvEeTPuKnYzGczvrMLXxCT1ZTqxClHqXU-e_DXBuSOWxotsP8Pm-7W1iE-MA0aepKMAf7TK0IZmVaHzXg
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OP6lNsg8UG%2FZlsJr%2B%2F%2FVo9jSy3E54UOeNoDMOQCgRqRvJ4MdDseOneBoKcoOsVvfvsMsCmEXWl9rJ4dUtFSILi1%2BeiEIrmdCn3tqjVIoOD7zPTXq418q%2BlIl3tX3MzcvlRojywKlEi9zuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83db152a8d5b36ae-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNN1TJ%2Fs0%2BzBaDFVIRuH0QRsSiQuEBxgpi8Xsxaeqq8gTBodMU38ptMWK%2F9x2aHaEw3YYe82hKLxJ2LqiEEXpd%2FLkMXjc03bEQCU7gmWDcUrHC0qNja9Cu9ARWPAC4TqInH08Xojo4kw0w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESENG20CJtEDcDIZCzwdp8ht4&google_cver=1&C=1
cache-control
no-cache
cf-ray
83db152a2c8536ae-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame AFB8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZAtr6yzX0QvgfmWsP6.BAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENG20CJtEDcDIZCzwdp8ht4&google_cver=1&google_hm=2
43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENG20CJtEDcDIZCzwdp8ht4&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiHRhDRp0cYkrGY3QEwAQ&v=APEucNUXKHlZQZ95SLvEeTPuKnYzGczvrMLXxCT1ZTqxClHqXU-e_DXBuSOWxotsP8Pm-7W1iE-MA0aepKMAf7TK0IZmVaHzXg
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fh9mjrqVc8Iw6z0F%2Bmm0VVm3x6WjWtDFLpOECkKwAfIblAbrtYkmnyEzUcOwMG4CKWDdgh1CEt9ryWuTdJOL4AgSXA4nw90%2BgOlZoCUNRSHZqpr1YUibNh8SCl0BT5klctMr%2BmKQNd9x2A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83db152b6d45711c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENG20CJtEDcDIZCzwdp8ht4&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame AFB8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPdie72k4OaklV4hHJXd4y0&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPdie72k4OaklV4hHJXd4y0%26google_cver%3D1
43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPdie72k4OaklV4hHJXd4y0%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiHRhDRp0cYkrGY3QEwAQ&v=APEucNUXKHlZQZ95SLvEeTPuKnYzGczvrMLXxCT1ZTqxClHqXU-e_DXBuSOWxotsP8Pm-7W1iE-MA0aepKMAf7TK0IZmVaHzXg
Protocol
H2
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:18 GMT
an-x-request-uuid
c58eadc1-da3b-495b-91f3-c58a7880ae42
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.80.43; 185.213.80.43; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:18 GMT
an-x-request-uuid
c9fb8715-be8a-4aa1-a5f3-3fa848e75b96
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPdie72k4OaklV4hHJXd4y0%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
185.213.80.43; 185.213.80.43; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AFB8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1OTUwMjUwOTIxNDc5MTU1OA%3D%3D
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1OTUwMjUwOTIxNDc5MTU1OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiHRhDRp0cYkrGY3QEwAQ&v=APEucNUXKHlZQZ95SLvEeTPuKnYzGczvrMLXxCT1ZTqxClHqXU-e_DXBuSOWxotsP8Pm-7W1iE-MA0aepKMAf7TK0IZmVaHzXg
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:18 GMT
an-x-request-uuid
d388ab18-b717-4610-a62c-1979e9074b68
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1OTUwMjUwOTIxNDc5MTU1OA%3D%3D
x-proxy-origin
185.213.80.43; 185.213.80.43; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3D17
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECLyhz_rf4jBrO89J9HLXX4&google_cver=1&google_push=AXcoOmTt3_Can6Dm2q1_ejm5V9lmpUJC9OPAtxpAWIYU_tYFj1dOI2L...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=75ebd1b971e1055&is_secure=true&networkId=14000&version=1&google_gid=CAESECLyhz_rf4jBrO89J9HLXX4&google_cver=1&google_push=AXcoOmTt3_Can...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGV0LWNX6jXQMhqzMqAAAAAAA&expiration=1704034099&google_cver=1&is_secure=true&google_gid=CAESECLyhz_rf4jBrO89J9HLX...
170 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGV0LWNX6jXQMhqzMqAAAAAAA&expiration=1704034099&google_cver=1&is_secure=true&google_gid=CAESECLyhz_rf4jBrO89J9HLXX4&google_push=AXcoOmTt3_Can6Dm2q1_ejm5V9lmpUJC9OPAtxpAWIYU_tYFj1dOI2LmBd-WuhXESbzGB59SWkP5jOO1RAaA1-FfdaEWpOK3GZ_9
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:19 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGV0LWNX6jXQMhqzMqAAAAAAA&expiration=1704034099&google_cver=1&is_secure=true&google_gid=CAESECLyhz_rf4jBrO89J9HLXX4&google_push=AXcoOmTt3_Can6Dm2q1_ejm5V9lmpUJC9OPAtxpAWIYU_tYFj1dOI2LmBd-WuhXESbzGB59SWkP5jOO1RAaA1-FfdaEWpOK3GZ_9
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 3D17
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEFuSgjO-vd8na0_DotWdNV4&google_cver=1&google_push=AXcoOmSedpAEQ5-7YyrghXf7o9B2Ey7rdw_8-TrZLw3KcqwleYRczk8ulkEa_w3DjyQ-lw8dEKnjyZOhVdww7kkBbtvSvI3F_6E
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bHZEWjZtaE5BV0NHakJ0dnNTMlFaUQ%3D%3D&google_push=AXcoOmSedpAEQ5-7YyrghXf7o9B2Ey7rdw_8-TrZLw3KcqwleYRczk8ulkEa_w3DjyQ-lw8dEKnjyZOhVdww7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bHZEWjZtaE5BV0NHakJ0dnNTMlFaUQ%3D%3D&google_push=AXcoOmSedpAEQ5-7YyrghXf7o9B2Ey7rdw_8-TrZLw3KcqwleYRczk8ulkEa_w3DjyQ-lw8dEKnjyZOhVdww7kkBbtvSvI3F_6E
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bHZEWjZtaE5BV0NHakJ0dnNTMlFaUQ%3D%3D&google_push=AXcoOmSedpAEQ5-7YyrghXf7o9B2Ey7rdw_8-TrZLw3KcqwleYRczk8ulkEa_w3DjyQ-lw8dEKnjyZOhVdww7kkBbtvSvI3F_6E
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
242
pixel
cm.g.doubleclick.net/ Frame 3D17
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPWGlfBHd2Se2S4Q0HmuFT8&google_cver=1&google_push=AXcoOmRW8p-NfmVcC39tNQtchVQt23Nq1O_R5Kur-xj_P-0sFM-vZxB-mcpI2ezxlFPBezRT9_8bGji8U7bihtrOXZJn...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRW8p-NfmVcC39tNQtchVQt23Nq1O_R5Kur-xj_P-0sFM-vZxB-mcpI2ezxlFPBezRT9_8bGji8U7bihtrOXZJnOYhvgeA&google_hm=G1rawOVvSHaP27g9GBYt9A==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRW8p-NfmVcC39tNQtchVQt23Nq1O_R5Kur-xj_P-0sFM-vZxB-mcpI2ezxlFPBezRT9_8bGji8U7bihtrOXZJnOYhvgeA&google_hm=G1rawOVvSHaP27g9GBYt9A==
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRW8p-NfmVcC39tNQtchVQt23Nq1O_R5Kur-xj_P-0sFM-vZxB-mcpI2ezxlFPBezRT9_8bGji8U7bihtrOXZJnOYhvgeA&google_hm=G1rawOVvSHaP27g9GBYt9A==
Date
Sat, 30 Dec 2023 14:48:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 3D17
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEEdxo049SNh3xNGuaqiULc8&c_param1=AXcoOmQTehY_o9qUG9fB_VKwFM4d1b9SP287zDLV9uJfraE9HvKSUvcmVSehkiNoweslzJCsugUIzRdWmymp4_oKECqT2j7VmN_R&gdpr=%%GDPR%%&...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQTehY_o9qUG9fB_VKwFM4d1b9SP287zDLV9uJfraE9HvKSUvcmVSehkiNoweslzJCsugUIzRdWmymp4_oKECqT2j7VmN_R
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQTehY_o9qUG9fB_VKwFM4d1b9SP287zDLV9uJfraE9HvKSUvcmVSehkiNoweslzJCsugUIzRdWmymp4_oKECqT2j7VmN_R
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQTehY_o9qUG9fB_VKwFM4d1b9SP287zDLV9uJfraE9HvKSUvcmVSehkiNoweslzJCsugUIzRdWmymp4_oKECqT2j7VmN_R
date
Sat, 30 Dec 2023 14:48:23 GMT
server
nginx/1.23.2
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3D17
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESENqahe8Fd3bkYR8jZrhyGfM&google_cver=1&google_push=AXcoOmR3jaydBzSJ9qVyXPJeEOu9glj5Ap-GKgEH1y4P3afdoX82U3x7CqPQupJsK2pUfDPrHITvv...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmR3jaydBzSJ9qVyXPJeEOu9glj5Ap-GKgEH1y4P3afdoX82U3x7CqPQupJsK2pUfDPrHITvvANCqz3vtkWT5wEuCMctltQ&google_hm=WlpBdHM4Q284...
170 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmR3jaydBzSJ9qVyXPJeEOu9glj5Ap-GKgEH1y4P3afdoX82U3x7CqPQupJsK2pUfDPrHITvvANCqz3vtkWT5wEuCMctltQ&google_hm=WlpBdHM4Q284WDBBQUthLVFNd0FBQUFB
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Sat, 30 Dec 2023 14:48:19 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESENqahe8Fd3bkYR8jZrhyGfM&google_cver=1&google_push=AXcoOmR3jaydBzSJ9qVyXPJeEOu9glj5Ap-GKgEH1y4P3afdoX82U3x7CqPQupJsK2pUfDPrHITvvANCqz3vtkWT5wEuCMctltQ","cluster_id":0,"gdpr":false,"ipv4":"185.213.80.43","key":"ZZAts8Co8X0AAKa-QMwAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40053"}
X-SO-Key
ZZAts8Co8X0AAKa-QMwAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40053
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmR3jaydBzSJ9qVyXPJeEOu9glj5Ap-GKgEH1y4P3afdoX82U3x7CqPQupJsK2pUfDPrHITvvANCqz3vtkWT5wEuCMctltQ&google_hm=WlpBdHM4Q284WDBBQUthLVFNd0FBQUFB
Cache-Control
private
X-SO-HostName
a-ad40053.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
4
Content-Length
0
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
X-SO-IP
185.213.80.43
/
onetag-sys.com/match/ Frame 3D17
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECuieq6WbBOlXga96NunhTQ&google_cver=1&google_push=AXcoOmRVEqzKU7QrfB_cnaaXaRb3qPyT8gK2ueNLCF0r126HZiQVBblsoJk3h8x4sPSsTgqcRyh4lP0-e_d...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRVEqzKU7QrfB_cnaaXaRb3qPyT8gK2ueNLCF0r126HZiQVBblsoJk3h8x4sPSsTgqcRyh4lP0-e_daVd9I5zSEI4M9wxx40Q
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3D17
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEBmMhRvIPBzMaGDvHjxFyK0&google_cver=1&google_push=AXcoOmRUeQmdNz_6rEyLEhOWh-XO9obw3ghG6Cm3OTXGy-we0v_aC5-S6vl-RYftULX...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRUeQmdNz_6rEyLEhOWh-XO9obw3ghG6Cm3OTXGy-we0v_aC5-S6vl-RYftULXtXnBU94Pt_xStcEFg2y2Y-h2DCrRzEhL23A
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRUeQmdNz_6rEyLEhOWh-XO9obw3ghG6Cm3OTXGy-we0v_aC5-S6vl-RYftULXtXnBU94Pt_xStcEFg2y2Y-h2DCrRzEhL23A
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
2497a71f
date
Sat, 30 Dec 2023 14:48:15 GMT
x-bytefaas-request-id
2023123014481509D0DC1A1250413C905C
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-23123014481509D0DC1A1250413C905C-006DD0ED2EDFD1BB-00
x-cache
TCP_MISS from a23-44-200-105.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
server-timing
inner; dur=57, cdn-cache; desc=MISS, edge; dur=0, origin; dur=66
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023123014481509D0DC1A1250413C905C
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRUeQmdNz_6rEyLEhOWh-XO9obw3ghG6Cm3OTXGy-we0v_aC5-S6vl-RYftULXtXnBU94Pt_xStcEFg2y2Y-h2DCrRzEhL23A
x-bytefaas-execution-duration
51.76
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
01a2a304f3913210a1379270ca8566b26b7d408fc102178d0465e25795079829972e0c9e9a608de6991f51f20ff0408aa2bb5d58a9eb4bd1cca8b695fe8402745dbace66e1ef6c42d9ef943b8ac4ea8635d1fd8c3113cd03e855a51a6430b20382
x-origin-response-time
66,23.44.200.105
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Sat, 30 Dec 2023 14:48:15 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3D17 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JrhuExtFor0yc9W9WJOmUTSM5savTfFBN-fnyB2X_GmY6dEP8_huVf5ch8e3yLGXQaPSiRIaY
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
syncframe
gum.criteo.com/ Frame 84CD 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=cnz.to&us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 14:48:15 GMT
server
Kestrel
server-processing-duration-in-ticks
1208286
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
truncated
/ Frame FCD9 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c2173ff480baef3a5c004be30f1c9a0b5698e36af666606e926f813e9a5e968

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
/
exchange.mediavine.com/bidRequest/ 		121 KB
49 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://exchange.mediavine.com/bidRequest/?s2sVersion=production
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.254.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-254-189.compute-1.amazonaws.com
Software
/
Resource Hash
44b4e03f46cee6ae80b1e79f40466589b6e442712d1addc14044584adbbb5f7b

Request headers

Referer
https://cnz.to/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://cnz.to
date
Sat, 30 Dec 2023 14:48:16 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
auction
tlx.3lift.com/header/ 		19 B
750 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.20.0&referrer=https%3A%2F%2Fcnz.to%2F&tmax=2300&us_privacy=1---
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.222.229.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-229-145.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://cnz.to/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
accept-ch
sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt
x-auction-status
29
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://cnz.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
317 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=502649
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c2c98824751be38ca3cba68e63a9210ceb5e79dfce50f35c6f4eb791b30e19d

Request headers

Referer
https://cnz.to/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqFYA0%2BG4NNPrM2oGNLOZE3W5n5fOcfWpP3qDM2PHperjXj0%2BJVedoiwTAt7hIJkmXlR%2F%2Fx2oPs7x7eokNacxnKOJpOLwXy5%2BsrUlHUEhdaKfCPgOhv5%2FjS3%2ByfoAFmHxlxB%2B5kZ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://cnz.to
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
83db152a4ccc36ae-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
321 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=502649
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c2c98824751be38ca3cba68e63a9210ceb5e79dfce50f35c6f4eb791b30e19d

Request headers

Referer
https://cnz.to/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcVSm7kRNdHNu4TxdUfJzXxjGh5UxNvTwSEnAYvR%2Fd8DEFsFBLJCkmdVEJXrpq5s8P%2F%2F%2BGw%2BdmmTuyye2%2FG8tdDDBz4UYg0HmX3lG1fH2L6%2BwXBswpDXmMapEW%2BpvDTSaJMlLKv%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://cnz.to
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
83db152a4cd036ae-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
bid
aax.amazon-adsystem.com/e/dtb/ 		104 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fcnz.to%2F&pid=TJSybjjDNSby3&cb=2&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22content_2_btf%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A23%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22name%22%3A%22Chocolate%20and%20Zucchini%22%2C%22domain%22%3A%22cnz.to%22%2C%22cat%22%3A%5B%22IAB8%22%5D%2C%22sectioncat%22%3A%5B%22IAB8%22%5D%2C%22pagecat%22%3A%5B%22IAB8%22%5D%2C%22page%22%3A%22https%3A%2F%2Fcnz.to%2F%22%2C%22ref%22%3A%22%22%2C%22keywords%22%3A%22paris%20kitchen%2Cchocolate%2Czucchini%2Csimple%20recipes%2Cblack%20sesame%2Ckind%2Csabl%C3%A9s%2Cbutter%2Cissue%2Ctoasty%20flavor%2Crecipe%2Cfrench%20man%2Ceasy%20meal%2Ccoconut%2Cshatter-prone%22%2C%22privacypolicy%22%3A1%2C%22mobile%22%3A1%2C%22content%22%3A%7B%22language%22%3A%22en%22%2C%22cat%22%3A%5B%22IAB8%22%5D%2C%22data%22%3A%5B%7B%22name%22%3A%22gumgum.com%22%2C%22ext%22%3A%7B%22segtax%22%3A2%7D%2C%22segment%22%3A%5B%7B%22id%22%3A%22210%22%7D%2C%7B%22id%22%3A%22211%22%7D%2C%7B%22id%22%3A%22216%22%7D%2C%7B%22id%22%3A%22217%22%7D%5D%7D%5D%7D%2C%22ext%22%3A%7B%7D%7D%2C%22user%22%3A%7B%22geo%22%3A%7B%22region%22%3A%22QC%22%2C%22country%22%3A%22CA%22%7D%2C%22ext%22%3A%7B%22eids%22%3A%5B%5D%7D%7D%7D%7D&schain=1.0%2C1!mediavine.com%2C1f277cd5df52f199bf29610999d7dfb6%2C1%2C%2C%2C&gpp=DBABzw~1---~BqgAAAAAAgA&pubid=38918095-8e45-4332-88bf-226b3514cb64&gdpre=0&gdprl=%7B%22status%22%3A%22explicit-no-gdpr%22%2C%22enabled%22%3Afalse%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.23.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-23-31.cmh68.r.cloudfront.net
Software
Server /
Resource Hash
77d2b97f29e5d9705d421bd772d651459a1dec3c0dc1b44bdedfb062872cfd05
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:15 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 b7a454c5d7e9ad8ba2aca6a02bb25f14.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
CMH68-P3
x-amz-rid
FGCNBC962S7NCE77ZQKV
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://cnz.to
access-control-allow-credentials
true
timing-allow-origin
*
content-length
104
x-amz-cf-id
oR7JmCGA-efqt710hCckulLb2HlaSyTUoiRF-GB6kOe7hrFlFfdnmw==
translator
hbopenbid.pubmatic.com/ 		21 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3f6dc6b11e17942888dd37430886bdd58f39fb8847b231b5cdc820a16e3c3695

Request headers

Referer
https://cnz.to/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://cnz.to
date
Sat, 30 Dec 2023 14:48:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
observe-browsing-topics
?1
content-type
application/json
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
462 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
bfb4556940bda97e7ce78b9561c74bbfa59f22a1e449f9cdc634d9fcb9e4254a

Request headers

Referer
https://cnz.to/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.5.0
Content-Type
application/json
access-control-allow-origin
https://cnz.to
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		13 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17404&site_id=168624&zone_id=812704&size_id=15&alt_size_ids=2%2C1%2C14%2C16&us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&rp_schain=1.0,1!mediavine.com,1f277cd5df52f199bf29610999d7dfb6,1,,,&tpid_tdid=ae9fa611-1916-4d55-ab82-f7eea3328191&eid_adserver.org=ae9fa611-1916-4d55-ab82-f7eea3328191&eid_pubcid.org=7f2885e3-7ba9-45c0-92d2-70ce1033e4f0%5E1&eid_criteo.com=8sch3V9jeU5Yd2RrVk5TeE9EeXNZVlBhcTE2djBucVozMHhxN3kxUWs3eGt1Nms4cVViTm1PJTJGRkw5RlNFd3QxMFRvT1E1ZmMlMkJTaGtjS0VvR1FTaFY1YUt6eXclM0QlM0Q%5E1&rf=https%3A%2F%2Fcnz.to%2F&kw=paris%20kitchen%2Cchocolate%2Czucchini%2Csimple%20recipes%2Cblack%20sesame%2Ckind%2Csabl%C3%A9s%2Cbutter%2Cissue%2Ctoasty%20flavor%2Crecipe%2Cfrench%20man%2Ceasy%20meal%2Ccoconut%2Cshatter-prone&tg_i.domain=cnz.to&tg_i.page=https%3A%2F%2Fcnz.to%2F&tg_i.name=Chocolate%20and%20Zucchini&tg_i.cat=IAB8&tg_i.sectioncat=IAB8&tg_i.pagecat=IAB8&tg_i.privacypolicy=1&tg_i.mobile=1&tg_i.iab=210%2C211%2C216%2C217&tg_i.category=food-and-drink&tg_i.pbadslot=%2F1030006%2C22697653334%2Fchocolateandzucchini%2Fcontent&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=981c13260b7747c&p_screen_res=1600x1200&rp_floor=0.27&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9612134929162415
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1e33c3ad92a20349f5226b53176be4a3af25a42fd78f5e4f593f74361132c34f

Request headers

Referer
https://cnz.to/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://cnz.to
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EA5B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZIwDbCNWpyKAcbOv1FaqdZOfeE7kJHFRTtDlL8jBr8xd3mMj8oOvr6Uy_TA4GkGASTm-33UnOzRJvnVC2WsIHDJY35fKo-gDGYFRAue7nBPgViwcNJnOv3-UIYji4gwto8kHAP1v613aMFTn8SMYy8OYtffrUevb55KonO94gO0ULhmvgd7DEatvcamzwbEyn65_zoCd2mC1zGasU_2Y0YZ_nc8J17pMDakiZYZBVSxnUJ1H7QTA6ca6IzO__y8hLcnUFLUoemM4uuRJewKB7JKnmB-ltYw_yVCBsqg8W2rZm8I3bAg1b055Fl0p6ffNeGEUQ0qCQmtIrSqVUk4Nw-cU3wwb1yPO_x2XyLSJkAm8t3m1TXDuc04WlXGwU4MNT&sai=AMfl-YS0P9NzG1JD6KmHWnSJpe5YqQLrsl-WJfLC1ptHZwahc3qXoVMqkL0Gn98NwTdiUyCE0n90W_0n0NsnY3HjEkDJr2s8T79fykc_Mf5tckOt8FAXI_W6lD7nE8H9i8I&sig=Cg0ArKJSzCmKrMzYP0DJEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
json
gum.criteo.com/sid/ Frame 84CD 		449 B
563 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=cnz.to&sn=ChromeSyncframe&so=3&topUrl=cnz.to&bundle=Y4TqlV9PJTJCeTFKSzhza09iVjJLMks2VmpqVnolMkZiNzZVZlZCd2F0S0tWWmklMkZhV0RnTTJvODRDTmhZRWIzVEs4eVlPTkhIbEJ4c1dGTDJoN2s2JTJCN2tOQVdDMWRQWHZZcmV3MjhLY2FMJTJGZ3JCaFlrb1ElM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=cnz.to&us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
fdc69bf1c222971ec2ceeba6ad162aeb0433e842ee0d6d1e0b685194c3185e7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=cnz.to&us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:14 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1681799
expires
0
truncated
/ Frame EA5B 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ac2f7828b4078bff5327ba88354499450401f01d669d03fb02d0e6ef102aea7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame EA5B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0uMEIC0r5KYI64bUxURyrUwls7c9-OO83mSo8p1bJJvrW6HGXZAAOSFQSjBDdCUeHzo4cczta5PHGl0QmmS73ZbYgXFryOMnvnGhwZbtLN5wYpYZjga2deR1p1QJdPnig07kvGVCBsueSNgfInUUu_l5A43d7CCDzvefzvzBoqJSo4B1yETfeiBI4Ny4cFeb2AARzH5yVViaTPra90xvOXToygOrUeSekX1gPfxPrKzkbJ1YwgLCgWnAGgeiSJYLDx8QGJATPk5-Y2najGozjq8KI_VK_-XymWHcaXY92eJd_gGeXqkQ3nwkwIevJtoW6a3VvWCr1LVIebLl2-nT8Wivt3ZUs07vxRNIQmYtZ6Q0U-Jrq18qXHSdIQP9r7ww0pfo&sai=AMfl-YTVCwftU7_YamP_i3Q6FG_XnW_T6ZvLa-aX3sM0NqnfYF0n8vuqEO_LcJKGk3dVX-mjXURRT_Slngaoag9j-JKxOpUgV0834MvhBLk9RlaOJSEAftKs7vsow0vpfrE&sig=Cg0ArKJSzFbHjfnrFlmYEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 30 Dec 2023 14:48:15 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 24E9 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
86649
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 14:44:06 GMT
expires
Sat, 28 Dec 2024 14:44:06 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 19D2 		529 B
226 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQqI3GARi6i7T7ATAB&v=APEucNUS1KqHxA1PFfBcPtxyDJSlDaJC-G0wjC2E9RBtFBm8eoaFW8DyjCLbSK3gM2S9RLmnQU0EVvTCOnUXvvFcsUcasZ_X3w
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
388a1ecf6a0486415083da26b9e5bb4c5550201a8d1a8a79667a9fd9d8933b0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
206
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 14:48:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame AA3C 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:48:15 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1552256/76024099/xbbe/creative/ Frame AA3C 		261 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1552256/76024099/xbbe/creative/adj?p=APEucNU94AhH1VI5SjcCs-l8VmeMAUHybXvi-gFWwJKtswzisY_-ZP8&d=CokBAKAmf-BUeYD0aNTygpasvcodkacXP8civ4kd6_i6BGb7JHj79IA_f0jHWADCT7R9X2cPw_G-s28u84mVWV-LFtXADDA5RCCKMQS2ENfgSIJhnSFURVBLrYX2H9K13Y-V3nc-D0zb0VtoC-fTshY8FZ9_lhHIFTPJATnB0wNcdEwMnPBJalGV_goSiQ4AoCZ_4OMvo8tmbuHbxJDTHmZjszBni024kbZYIpLP8UZONmuUU53vZUgHvyR_fTElkGT3ePB3iApICflv009mRL_bPzeZ6X4zxC6bgG7YRoRHsW5TRljepPx8h_OxrVhHRbr67ngzcVlf41YhzNpChDzzfqAVP-xLVnu3_wbOnC9aiDbydreLdYV-bYyyqmdLX_G2SqcdC-IQkVwerGgAcXKYaxdkgWO00wbTv_x_KPlwPpr94RMXAe1KDYu5jQQcBmEAFbngkCzniilhp9yu-zluXcgZGCjB62qusjdPIDpSzl9i7xKKNa2D3EzBoniiGoz8IMqiBKJ1wSBvUHgxrfrlUKc9hIz8-8AqsQcYMdeRFNXl9BZzRFN28S05DyrajO7Dq1tu8fn-Kq8E7eUwF8SNZfPYvzxKq8v6PBmrjL_xj5xY_czSj8GPOpRdAUtAfqN5C0DtmjOQKM9LHtazYbUYCKS11ySc8Df8LQXbjknFEa2zrWK8d0yJ2g4a6vzY4aLY9YvrOgtdIk5SQo_2n5moMP-JnmmSdRrwweL6rzirVDt4WnOJ6E5YkFQkdWjkhaYMFhJNCYWEdmwkaL-bjz_-YYIemrdWFQXPfgQoZU6Q_FBGYDMBTD6WsZMOEXPXeW4AC-z9nOyJh_bYvA0OXSVZ0D0h9TdrGOHC_J5Z5LTiBkq2RNhUyTfin_7J-iXf9edgYJ3uU3Lc-E5G9_hAv8QtiqC17BINUtEDBWncVHReUra8d1fUZtbraOVztfDcqxh5o9msom7bnwIQ9joXMddImc8emlTlyV2d_V1229yDXfSt1qiIuKa3T2x-eANBO54mz0rUC1GohkKJwgEc4zGjsvt0e1-yDpk12WWgeu6wbErm85LKh5t7rRtliJl_vWuJCvovqCoilJn1Zjuw8a9YRSKv_y-b_aoxe6Y-QkSs0sXe1JABEOO0fDz5nCikneU16nSc4ari2s7qnW78MPMonn0Bu2zmx5EA-1mxPo5p55uqUX9hO2KGZrETjMXc1_mNXGYv-FMc5OEWRetvhcl0CzoF5Ci1DG1j5GYKKcnEiNm0YH0qrM0XIJxWs5Sil3yklzj8Xu25BRE7q4-kEqQ02g3LbWUdvm-E8fNxDlZvr07nWZs136IXaO1nmUwkKwazTimYoT5VGEg8CJcJByAgPxwVa1qpMqQMgqzhF0v09d_sOopD9G6KU1tr6PzNC_YDkzhseb0GSLwMZ9A8n-J-x6jpGIiANxD1oC60yb3Pt_sVjPR5B2rdLFIxzWQIdNfdjeQJXX85RvcQGT82FprtuxSFF9L0MZwUSqE_Mm4EFltzst4Z1iBg-b9mhCboBSC2w3xSgF_IzuJz0tUsfNyokHaI_fW3n6hJxjp53n5OXfHhfRi5icEu3nSxEvu7rPC6oFaH286d9WNUKCbklyVXYmk_O6Pxf2hZvgJxQ6adsC34Z61Dse1U9Rb9T0tPx81gOR-Rn9NJOCiwU_VmsFhwzBuDHnR1H5pk03lPItcxzoBlHYF7iuCqSmEHsxJfzRheCcKYpHupkOulEVjGbxhtCPar8hD-6T02T6WU81elEymtF3p3rTahh9uIq0U4k4mDDiU6pwnZaIteMLqL4PQvZ-TBZTcMz5fk0N2UDPpt0XPV0wfCHYMfmydr13ndkw_Of0N6pElh8xqkCDmrNFH1FWIMRQqDUZPuhgKiNYMdtl3QmO2Jd8ep30S4slZMnHjWgkFpw3UEWtuJLMkXohWDrvfNg4NtoZJdJLRlw1VJRDM-6M7UXzb-bvWsISw_gr3nqoFzfHzK_P0eZUimiTtUGvt5V_QaB3NpFHPyBslQQ89BsFU0LvrpWpViJadpUpODsJTqkO3Hq8-R8lRw194Wv7C97HomzirA2Jgq5yik1I2qpmIGSwvFtsePdBnqmS3wK5Pj8b0kVDg00MRAqptfNANLxYOesbROZWESX2vniP47lwHknM-jc2RQilyDWrRftu2verKBplTpjEeFtm1tvaqBflNnaYvocAFF1qmo0ic2zntv2VVow5fmoibW-qclI60V75e9Xc-qT8HXHRl8RR7x1GWIHQqjBkgE2-Z1HV4sQfNGQ_ZIuj5hcEyJ78m-s6-_U-9DDHnH0jIple57I78cWs0OHFrt1cG7PlG4AZc8PWNe5IOnFRwaI2sQ55RHwGKe414bHrFUlaJe87jhF7NirCPLMABaJM0pVKByosoAEmD4_Yw5w_HM6s3e0TdDCqg-La7AcYdULBLzNloyqKah0UH64knmibMwFprazD4_rynXcnezEVyvjc8yw5qUilV4lJANkYGQyzFowbI1fWpNwp-cWUBomLTx0UVsf8Wp_w8qqdPTbsrMZHLjRrBOXUU0VHvbszQKaTEVINv_xDK57GZyGk8IBBJJAC8eF_-vCPauUU4pko1djivWY0xsMm8o6BBbVy5yhYuaRBQmGasfkdfzp94vbaVwUNoxNr5qdDkejQpYQTdpIck84obtOOXPShgBYAE&bundleId=&ias_dspID=3&ias_campId=1013483123&ias_pubId=193478&ias_chanId=13&ias_placementId=20367901655&bidurl=https://cnz.to/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iTp2dZ0dGdFygba4gkfklQ
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.90.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-90-71.compute-1.amazonaws.com
Software
/
Resource Hash
335400ab47dfcc9e87d9e3a0749118070f2be6fb4d5f58e9aa2b52fcb1f265e0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
01b74fb8-bafd-4953-a431-511b6889ac69
a938.casalemedia.com/impression/v2/630993/85/cm82rarkiumphc20bt80/ Frame AA3C 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a938.casalemedia.com/impression/v2/630993/85/cm82rarkiumphc20bt80/01b74fb8-bafd-4953-a431-511b6889ac69?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1703948291&profileIDs=&creativeID=17271db&pubID=193478&format=banner&channel=site&ap=1.03
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.204.227.110 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:16 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA3C 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AmuKHpOWFFaAGqDhf-TS4NVKximNz0lUnep8JcG42nUFCyQI5PQOfo2UJzUQEHJYXUVPV8t95oGL0xSH_8UGAHZeTgaYF0-V0-LR4_iNc9dypdKpQ
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		129 KB
49 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3698468271802399&correlator=1882210113266596&eid=31077978%2C31080121%2C31080056&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1030006%3A22697653334%2Cchocolateandzucchini%2Csticky_sidebar%2Ccontent&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=300x250%7C300x600%7C160x600%7C120x600%2C320x50%7C300x250%7C728x90%7C336x280%7C468x60%7C250x250%7C320x50&fluid=0%2Cheight&ifi=3&sfv=1-0-40&fsbs=1%2C1&eri=5&sc=1&cookie=ID%3D8eb997a522143a69%3AT%3D1703947694%3ART%3D1703947694%3AS%3DALNI_MY-d_AijHSgCYvANmWi6-7bKf94VQ&gpic=UID%3D00000a057286812f%3AT%3D1703947694%3ART%3D1703947694%3AS%3DALNI_MaoHc7xFpwnaf_Wjxdy1ZcIunRTZA&abxe=1&dt=1703947695817&adxs=1100%2C330&adys=1996%2C4254&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2&ucis=3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcnz.to%2F&vis=1&psz=300x0%7C300x0&msz=300x0%7C300x0&fws=0%2C0&ohw=0%2C0&psts=AOrYGskRYsPhxZJGLCFGsC5q19Hz5np5hwQNmeswh6Fhn-mxFnX_0nIjycTQLEUTimRSVj2cVqJ0FIo99IIDo9E_Hjo&ga_vid=88848028.1703947691&ga_sid=1703947694&ga_hid=1019701129&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRjw5MnZyzFIAFICCG8SLwoKYW1hem9uLmNvbRIYN2JvRFJnaUpGRHlHWUVTbk5mTTJ0djIyGLHjydnLMUgAEhgKCXlhaG9vLmNvbRiU48nZyzFIAFICCGQSrgEKCHJ0YmhvdXNlEpgBcnRoclJCSmhTZ0NIQ3A4d1NRTXpvTmhKTmw4aTBsK2hGV1dhaHVkUjA2bEhBM2pFL0RDU3Y3eENRZVRqN2ZhZS85VzVLOStQOTIxUm5OWWIxRWtBaFNEOHpJMllsL0szL1ZtUWZOVVZaMmE0cUpjc0JYYi9ET0UzUUxGSVhqbkdVU1BHS2lLNEVzTGxGcVlKV3hnQUtRPT0Y9OXJ2csxSAASPgoFb3BlbngSLGV5SnBJam9pV2pScldVVm1OSHBDUTJOWE1VbFlRVkZtTlRoRVFUMDlJbjA9GKfkydnLMUgAEsMBCg5lc3AuY3JpdGVvLmNvbRKnAVk0VHFsVjlQSlRKQ2VURktTemh6YTA5aVZqSkxNa3MyVm1wcVZub2xNa1ppTnpaVlpsWkNkMkYwUzB0V1dta2xNa1poVjBSblRUSnZPRFJEVG1oWlJXSXpWRXM0ZVZsUFRraEliRUo0YzFkR1RESm9OMnMySlRKQ04ydE9RVmRETVdSUVdIWlpjbVYzTWpoTFkyRk1KVEpHWjNKQ2FGbHJiMUVsTTBRGKDsydnLMUgA&dlt=1703947689969&idt=1380&prev_scp=maxVelocity%3D801%26hb_bidder%3Dsharethrough_s2s%26hb_adid%3D71048e809383c3a%26hb_pb%3D1.32%26hb_sdef_set%3D0.961024%26hb_bid%3D1.32%26hb_bsbid%3D1.31937995%26hb_safeframe%3D1%26hb_s2sBidder%3Dsharethrough%26hb_liv%3D4%26hb_ub%3D1.32%26hb_size%3D300x600%26hb_pb_sovrn_s2s%3D0.51%26hb_pb_sharethrou_s2s%3D1.32%26hb_pb_rubicon_s2s%3D0.41%26hb_pb_openx_s2s%3D0.38%26hb_pb_rubicon%3D0.44%26sales_cat%3D210%252C211%252C216%252C217%26sales_safety%3DGGT0%26sales_kw%3Dparis%2520kitchen%252Cchocolate%252Czucchini%252Csimple%2520recipes%252Cblack%2520sesame%252Ckind%252Csabl%25C3%25A9s%252Cbutter%252Cissue%252Ctoasty%2520flavor%252Crecipe%252Cfrench%2520man%252Ceasy%2520meal%252Ccoconut%252Cshatter-prone%26sales_segment%3DGumGum%2520Verity%2520Seasonal%2520-%2520Fathers%2520Day%252CGumGum%2520Verity%2520Seasonal%2520-%2520Memorial%2520Day%252CGumGum%2520Verity%2520Seasonal%2520-%2520Thanksgiving%252FBl%252CGumGum%2520Verity%2520Seasonal%2520-%2520Christmas%252CGumGum%2520Verity%2520Seasonal%2520-%2520The%2520Big%2520Game%2520(A%26partnerLift%3DrubiconE4M3%26slot_id%3Dsidebar_btf%26hb_count%3D6%26hb_pool%3D0%26hb_pmp%3D0%26UR%3D132%26URP%3D165%26OE%3D0%26google%3D1%26native%3D1%26slot_number%3D1%26slot%3Dsidebar_btf%26arrival%3D0%26refresh%3D0%26sspm%3D0%26bidFloor%3D0.23%26ccpa%3D1---%26timeout%3Dsticky_sidebar_lazy_d_1701%26gid%3D0%26inview%3D0%26adomain%3Dvrbo.com%26grow_state%3D1%26dsp_id%3D17CzF5ktQoN1vCLa3wP58vYU%263pc%3D1%26illr%3D0%26gpp%3D0-0-0%7CmaxVelocity%3D801%26hb_bidder%3Dopenx_s2s%26hb_adid%3D70c1fc2c0d0b856%26hb_pb%3D0.49%26hb_sdef_set%3D0.961024%26hb_bid%3D0.49%26hb_bsbid%3D0.49103846999999995%26hb_safeframe%3D1%26hb_s2sBidder%3Dopenx%26hb_liv%3D4%26hb_ub%3D0.49%26hb_size%3D300x250%26hb_pb_sharethrou_s2s%3D0.30%26hb_pb_rubicon_s2s%3D0.30%26hb_pb_openx_s2s%3D0.49%26hb_pb_appnexus_s2s%3D0.25%26hb_pb_rubicon%3D0.36%26sales_cat%3D210%252C211%252C216%252C217%26sales_safety%3DGGT0%26sales_kw%3Dparis%2520kitchen%252Cchocolate%252Czucchini%252Csimple%2520recipes%252Cblack%2520sesame%252Ckind%252Csabl%25C3%25A9s%252Cbutter%252Cissue%252Ctoasty%2520flavor%252Crecipe%252Cfrench%2520man%252Ceasy%2520meal%252Ccoconut%252Cshatter-prone%26sales_segment%3DGumGum%2520Verity%2520Seasonal%2520-%2520Fathers%2520Day%252CGumGum%2520Verity%2520Seasonal%2520-%2520Memorial%2520Day%252CGumGum%2520Verity%2520Seasonal%2520-%2520Thanksgiving%252FBl%252CGumGum%2520Verity%2520Seasonal%2520-%2520Christmas%252CGumGum%2520Verity%2520Seasonal%2520-%2520The%2520Big%2520Game%2520(A%26partnerLift%3DrubiconE4M3%26slot_id%3Dcontent_btf%26hb_count%3D5%26hb_pool%3D0%26hb_pmp%3D0%26UR%3D49%26URP%3D138%26OE%3D0%26google%3D1%26native%3D1%26slot_number%3D1%26slot%3Dcontent_btf%26arrival%3D0%26refresh%3D0%26sspm%3D1%26bidFloor%3D0.23%26ccpa%3D1---%26timeout%3Dcontent_lazy_d_2801%26gid%3D0%26inview%3D0%26adomain%3Dcadillac.ca%26grow_state%3D1%26dsp_id%3D537073246%263pc%3D1%26illr%3D0%26gpp%3D0-0-0&cust_params=site%3Dchocolate-and-zucchini%26path%3D%252F%26secure%3D1%26sessiondepth%3D1%26optout%3Dcpbm%252Cwl%26categories%3Dfood-and-drink%26generator%3Dweb%26bucket%3D42%26referrer_url%3DDIRECT%26utm_source%3D%26utm_campaign%3D%26dow%3D6%26day%3D30%26month%3D12%26hour%3D14%26wrapper_group%3D2.94.31%26wswy%3D8%26sessionId%3D88848028%26groupm%3D1%26browser%3DChrome%26os%3DWindows%26s2sVersion%3Dproduction&adks=1507118676%2C1780626971&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
b26bbd8c396b7a212573cf763b1365a5ca0216be246d24d3a35e398a008bd71e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50308
x-xss-protection
0
google-lineitem-id
5755273391,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138358834870,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cnz.to
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 24E9 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 00:06:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
52891
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Dec 2024 00:06:44 GMT
cs
cs.lkqd.net/ Frame 19D2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESECh4cNY4aUpNyOH72Dl7M0w&google_cver=1
43 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESECh4cNY4aUpNyOH72Dl7M0w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQqI3GARi6i7T7ATAB&v=APEucNUS1KqHxA1PFfBcPtxyDJSlDaJC-G0wjC2E9RBtFBm8eoaFW8DyjCLbSK3gM2S9RLmnQU0EVvTCOnUXvvFcsUcasZ_X3w
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESECh4cNY4aUpNyOH72Dl7M0w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 19D2
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=U2QzUVlTNDJwNVk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=U2QzUVlTNDJwNVk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQqI3GARi6i7T7ATAB&v=APEucNUS1KqHxA1PFfBcPtxyDJSlDaJC-G0wjC2E9RBtFBm8eoaFW8DyjCLbSK3gM2S9RLmnQU0EVvTCOnUXvvFcsUcasZ_X3w
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=U2QzUVlTNDJwNVk
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 19D2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJNKj4fIIFWvBbzKQbMzAFM&google_cver=1
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJNKj4fIIFWvBbzKQbMzAFM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQqI3GARi6i7T7ATAB&v=APEucNUS1KqHxA1PFfBcPtxyDJSlDaJC-G0wjC2E9RBtFBm8eoaFW8DyjCLbSK3gM2S9RLmnQU0EVvTCOnUXvvFcsUcasZ_X3w
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJNKj4fIIFWvBbzKQbMzAFM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 19D2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODhiM2UzMzhmZmNhMjNhZjZjMWM4MDMzOWZjM2JlN2ZkYzE1NTdhNQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODhiM2UzMzhmZmNhMjNhZjZjMWM4MDMzOWZjM2JlN2ZkYzE1NTdhNQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQqI3GARi6i7T7ATAB&v=APEucNUS1KqHxA1PFfBcPtxyDJSlDaJC-G0wjC2E9RBtFBm8eoaFW8DyjCLbSK3gM2S9RLmnQU0EVvTCOnUXvvFcsUcasZ_X3w
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODhiM2UzMzhmZmNhMjNhZjZjMWM4MDMzOWZjM2JlN2ZkYzE1NTdhNQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA3C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3009248525403&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA3C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3009248525403&version=m202309260101&ct=76&x=13&cor=1803497362811815700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame AA3C 		19 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cu-DYFdPKH9qTtwjudzNuqlE-JUlCgziTplCnQCM4tBs8Kld7nlOtwDyX-RylIxlcwfmuvkan3MhogLPTNAbwLxDEuYYef6V-bAm00lpd6g4G308Gd_sT_A936-zq3-rvqwGOGKDqd7ERsTiMlhlipwUmmogLkr6kXFrhrRN6w-mFl47M&cry=1&dbm_d=AKAmf-BVSI2P-P0pEFrs4jb3NrFDyOx_XdScZs0Davxnbf0WwarSgv8DtnMfUo3Kk9VwnNlFfpUL-Oihs0WOYZqR8ut0pL10AKRXIfyT_TG4EA35ebgBWERc7eGfRdhb27INfbyJ0YqXLSKqHe7nmDeYhKng3mlghuOYx2QwWAHQZ71TvkmsFbdIEK4up3RLXs77SiqbnZiJVW7YXhH92JlGimznru_h7fALk8virSCGrcsPJ9AIO1ZndmPboJ4UZk-BKbFy3cbBUc02c6ELPCjYPljfOsQsttUgGOdzjdTefXGPeTO0eG5HNt_h4eNhuUsRg_RxsXplE-_50LV2vmo8FvKPECieR9ogcJZi3BI9Fedck3krGfyHe8GGwD74LdI70jVzk73PrnEJ-PpWQY3uezI_7hqhVvyu1Ch4WWyAMt3fszJUOn2h4mUefX6VPqzn7374tK4oc2vfFcgvm1pg25Kv9FuPCSyr6EMdaspr-XT_EjcJFGh73AEM_-VCZGGvtQX78T4YoXS5QESp6QsFeon7AnmZzgGBoV7SagflyKR9V_Ov3nPWAKyjf6LjpdcozZblOXd2NclpqPZOUeQ2gcjArQqtH-SQi62K4AiSWl8da1h3YMrhb8epuckfTdSaq9RIqR2eBsQnej5mMl9kwZdrncHy-UWeirmzCQxMnFc60vKv1x6RAYMpXlywD9Bb6ARFeybUYAESOs9y_jxN7m_wxZgXwkAYaQJjxjxuKPKFOgyqBNJU4qOTUK7Yu6eTEvNGYKfYV-ryKwwjFVFK8cloJO_Kjxa8VAe65UJMgkpyrovMGk30xaS9uyCgcsPGB77O4k04Un-PkhDHgny8V8RA-K1L3UwZGhkcX2pAeuc-zgtoVeZxzgFwU9h9RVlVoriFGjX4DQz6XdAaAG0v_QGV1gfKPjNdnpy3TJVPy19LUQW_6hjUjaQ9cowjqr_7VzkgRHG4Lfns0uF4lopCGGaug56ysJgK14wRG0FFMW4ZJ6tavXPv5Y0ReAFSBz_b99CxQeBHSQHLLse-loQlvDOONtiVmbSXpsBgCMTFEAf5BkawmDqkNLSGQbtLQX1UqjRL6XKuYr_GbdSV-d63cR9xwjc0rl5qYLYXDyc9Cn0FPBq4-R_KemSYYOday7l55tCjhtmtIqOjEMXOGp2yqXVMGlCaZDIovqkXtI0RQqpgNypEzahXHGUn48lY-vL0g-TJT2JQTnsSLgZGmdUYIShHx08edkQ-0bI4Mjrkztz0roIMaKdQaztKIiUSc4IcSTvZyuT5RouNOTQxwT4uwYTqkaYr5LSj45kjgfsHd5_Cg-8MQf1COz4gMXDDuSpeLspojuLu5zJHH4ONirNK1cIcSKuI8EtT5C6SNlYlxQj2i-xMuvFNRqTcNR3iQG0YEzX1I__VXROfctf0XdCT0vkwNc9i2T6oxaXrHyZ7JIIKcWpkwRoQwpivweYj9MGIgE1uQnF6BNfQNqnTq__vhnUrSDC0tnXvBzbz6GXuqiGXRdouBmTqxoqhgy5OUFK0AsslKwbMTfUUZdxAhJPi0323BIht8akSLmz2TH97RwC2kG52Zr9LIssYK6x2eXn8ATfZVCr0OH6_UmZYvoZAfdHy0YuBq74ValoR6pOrlr3Bo38SXfzmu4BANVTSfe-LNMm2VYq-F8SWBEIPGhdavg6-DmlH_4bWGTODmTUoGKLJVggWLIFayFNwCG8FERaPzRcylQEXSDSRUTFfn4C07FOb-LYXVUdYKc2Ot8ZSsSx9FqjlVisjJ6gw8Wt6yxCfdwyckzn33CAEC_GI2lonzBYrQ4vgaTNSTyRRyyc3Iuor-5aR3CXxxfeeaqYyf_BQQC-wtUMyiXuDJhHcA3GO2sfWqwQOo187xuyI6Xn8vSTKaRbclNYuragRgHwkmFFKaRRGVxVOI7J5z1bLlSwmrwCE934svLVgLbQtCLT0zEY_6-_EkRtacxe05GEDZfrZGQGcsNab3jZx7Wz1P30wB42sLMkmR45yh7MjRVize74dMOOdeFpxaydILFN4SwgrIStXiYIYp-D1hSQgckhc1qEz8upmhMkm0dWHQ1fDtCmWJCdgTyeo4HzTAEmeXMdNe_v17WG29hHre-HGNPrbfZo29mZAFNGC1e9QVeu1QV_MfkgBUPZLu-AsVjrn-YkE6Vpet7d-SjbIMzPcAVr0NYSTKZNjudSdKdh2z-y2izmxT70RgcXrY7IkSVIKHmsRlKsRTqAjhd0ZrT24IjdPZa6utv1pYpNTrFsWR-wA9JDm0QLMzDMj3QBMzuw7RHDaacaHc7q1jWeH41Ieu5edly9bTwcs5u52ithAqb_B3dLGSeqon_4v5e3a2pvugSfUVCWXOnQEDcCkVtAYDWETtg8idvWUlX_TtwdvCUoCFIXR-NgCQM5waZEWbYuZBklS_hHv2Ub45xVHudUBCa4XHx52gPJsrDkYyogCSAn0McUt1oTOUwZHHIFT7zGf1_Hi7NYSFts5vKKoaOyOa-h4DngYIkoP4XPpmxtp6vLIO2giM2HmisoaAq27cPlHZ_8c4PaRofvnW9UUkDihCV9qQb1-R6skDIgBUaXbERyAIvsy7Ur3UbzDP9b5UbuorVyt54kXJMCaynnHdkF8VZjJSnWDzQqgtXf1SAoRxYofgXUsAFtsXNydVlTiiwPTfu4WEWUQFP6fasahfYro5g0NCqw_ADTbQpz_C2-zpnraqDScufgdyxpDEWwPxBc4p4w35gnC--wtNJfW47ri1YKiJJLkcO-2GgaLe-V4JtJjrOINZHco8y9DmKUpdaKWu1nevrMJKS2xBAfJNTXK76PHovvrJA-SbRNaKfidGkvbITMaXxAaltMswLtgSfCtw2cCGzmqsaRq6EpFowHLey8mm_hIVcs3oW9wkblGvxAFBWJpsPVtx5cJqVWNYxHiAdwxNQljFHYmhedNOR7MO0DB8DKwrVQHzcB-7zfsvyMoENrQ4QQ-mMCYz9Re90I0cGIQ7PAuHgx4Xxq34ubD4HH-MY7DmUApdohD-VF-uV8dRdq3WOArkV0&pr=13%3AZZAtqwAAAADlroWqiGvKE_vBWwYkYoFRIytQJQ&cid=CAQSSQAvHhf_rwj2rlFOKZKNXY4r1mNMbDJvKOgQW1cucoWLmkQUJhmrH5HX86feL22lcFDaMTa-anQ5Ho0KWEE3aSHJPOKG7Tjlz0oYAQ&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcnz.to%2F&ds=l&xdt=1&iif=1&cor=1803497362811815700&adk=2107871143&idt=90&cac=0&dtd=65
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
2a2b0017348eefd0a334362250a1a98451892763dde21be398a4e3c371e97b77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13669
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame EE1A 		274 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
66fe1de06cac20055aaa94e4a901262f203082f38b97a0495e32138ce91a0a2a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
274
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 30 Dec 2023 14:48:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
CT8CSCHWNV4VJAD2WJX2
4.js
static.adsafeprotected.com/ Frame FCD9
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1298974/68196513/4.js?adContainerId=gcc_ri2QZbOdJOLD6toPoJKUwAo&cbFunctionName=goog_wrapCb_ri2QZbOdJOLD6toPoJKUwAo&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsa...
  • https://static.adsafeprotected.com/4.js?adContainerId=gcc_ri2QZbOdJOLD6toPoJKUwAo&cbFunctionName=goog_wrapCb_ri2QZbOdJOLD6toPoJKUwAo&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=gcc_ri2QZbOdJOLD6toPoJKUwAo&cbFunctionName=goog_wrapCb_ri2QZbOdJOLD6toPoJKUwAo&true_pb=
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
3.160.22.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-80.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:02:30 GMT
x-amz-version-id
vKEhI2DDF7x4y1d6KCleNAEq1uB6J8K1
content-encoding
gzip
via
1.1 0f798c5dc07bf9546ee3d4bc341d91a4.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P3
age
456346
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 13 Dec 2023 19:37:39 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
qm2Zn_boKmY3AZRVM_TMaEJK_hwdGyWpqjVT9rSSFLAZUNlzxmo7Jg==

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
server
nginx
x-server-name
app22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=gcc_ri2QZbOdJOLD6toPoJKUwAo&cbFunctionName=goog_wrapCb_ri2QZbOdJOLD6toPoJKUwAo&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame F3AF 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.22.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-80.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 08:06:12 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 0f798c5dc07bf9546ee3d4bc341d91a4.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P3
age
7886525
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
QpC4mggjOc1Rlfu3NWLwq9wJDS2ctxSwCAWCRVfzJFHi20vi7mtpbQ==
dt
dt.adsafeprotected.com/ Frame FCD9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1298974&asId=408a6d4a-259f-badd-b9cc-791dd0d5ea17&tv=%7Bc:ygbzAj,pingTime:-3,time:70,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:70,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B62~0%5D,as:%5B62~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZVYSKJ+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o*.1298974-68196513%7C1o1%7C1o2%7C1o31%7C1p11%7C1q%7C1r,idMap:1o*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:29%7D&br=c
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame FCD9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1298974&asId=408a6d4a-259f-badd-b9cc-791dd0d5ea17&tv=%7Bc:ygbzAm,pingTime:-6,time:73,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:73,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B65~0%5D,as:%5B65~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZVYSKJ+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o*.1298974-68196513%7C1o1%7C1o2%7C1o31%7C1p11%7C1q%7C1r,idMap:1o*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:29%7D&tpiLookup=ao:cnz.to*&br=c
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
x-server-name
dt21.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame FCD9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1298974&asId=408a6d4a-259f-badd-b9cc-791dd0d5ea17&tv=%7Bc:ygbzAy,pingTime:-2,time:85,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:51,mdZ:464,beA:519,beZ:520,mfA:524,cmA:525,inA:525,inZ:529,prA:529,prZ:541,si:547,poA:548,poZ:571,cmZ:571,mfZ:571,loA:591,loZ:594,ltA:603,ltZ:603%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:85,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZVYSKJ+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o*.1298974-68196513%7C1o1%7C1o2%7C1o31%7C1p11%7C1q%7C1r,idMap:1o*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:29,sinceFw:55,readyFired:true%7D&br=c
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pr
s.amazon-adsystem.com/v3/ Frame B231 		438 B
894 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
1a4c38810f1e5fb61b5f027e2d01b3de3d6c6351ff8f35c28fb7d32bc4d5d685
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
438
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 30 Dec 2023 14:48:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
N7E91258GMD7625DWSKS
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame AA3C 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cu-DYFdPKH9qTtwjudzNuqlE-JUlCgziTplCnQCM4tBs8Kld7nlOtwDyX-RylIxlcwfmuvkan3MhogLPTNAbwLxDEuYYef6V-bAm00lpd6g4G308Gd_sT_A936-zq3-rvqwGOGKDqd7ERsTiMlhlipwUmmogLkr6kXFrhrRN6w-mFl47M&cry=1&dbm_d=AKAmf-BVSI2P-P0pEFrs4jb3NrFDyOx_XdScZs0Davxnbf0WwarSgv8DtnMfUo3Kk9VwnNlFfpUL-Oihs0WOYZqR8ut0pL10AKRXIfyT_TG4EA35ebgBWERc7eGfRdhb27INfbyJ0YqXLSKqHe7nmDeYhKng3mlghuOYx2QwWAHQZ71TvkmsFbdIEK4up3RLXs77SiqbnZiJVW7YXhH92JlGimznru_h7fALk8virSCGrcsPJ9AIO1ZndmPboJ4UZk-BKbFy3cbBUc02c6ELPCjYPljfOsQsttUgGOdzjdTefXGPeTO0eG5HNt_h4eNhuUsRg_RxsXplE-_50LV2vmo8FvKPECieR9ogcJZi3BI9Fedck3krGfyHe8GGwD74LdI70jVzk73PrnEJ-PpWQY3uezI_7hqhVvyu1Ch4WWyAMt3fszJUOn2h4mUefX6VPqzn7374tK4oc2vfFcgvm1pg25Kv9FuPCSyr6EMdaspr-XT_EjcJFGh73AEM_-VCZGGvtQX78T4YoXS5QESp6QsFeon7AnmZzgGBoV7SagflyKR9V_Ov3nPWAKyjf6LjpdcozZblOXd2NclpqPZOUeQ2gcjArQqtH-SQi62K4AiSWl8da1h3YMrhb8epuckfTdSaq9RIqR2eBsQnej5mMl9kwZdrncHy-UWeirmzCQxMnFc60vKv1x6RAYMpXlywD9Bb6ARFeybUYAESOs9y_jxN7m_wxZgXwkAYaQJjxjxuKPKFOgyqBNJU4qOTUK7Yu6eTEvNGYKfYV-ryKwwjFVFK8cloJO_Kjxa8VAe65UJMgkpyrovMGk30xaS9uyCgcsPGB77O4k04Un-PkhDHgny8V8RA-K1L3UwZGhkcX2pAeuc-zgtoVeZxzgFwU9h9RVlVoriFGjX4DQz6XdAaAG0v_QGV1gfKPjNdnpy3TJVPy19LUQW_6hjUjaQ9cowjqr_7VzkgRHG4Lfns0uF4lopCGGaug56ysJgK14wRG0FFMW4ZJ6tavXPv5Y0ReAFSBz_b99CxQeBHSQHLLse-loQlvDOONtiVmbSXpsBgCMTFEAf5BkawmDqkNLSGQbtLQX1UqjRL6XKuYr_GbdSV-d63cR9xwjc0rl5qYLYXDyc9Cn0FPBq4-R_KemSYYOday7l55tCjhtmtIqOjEMXOGp2yqXVMGlCaZDIovqkXtI0RQqpgNypEzahXHGUn48lY-vL0g-TJT2JQTnsSLgZGmdUYIShHx08edkQ-0bI4Mjrkztz0roIMaKdQaztKIiUSc4IcSTvZyuT5RouNOTQxwT4uwYTqkaYr5LSj45kjgfsHd5_Cg-8MQf1COz4gMXDDuSpeLspojuLu5zJHH4ONirNK1cIcSKuI8EtT5C6SNlYlxQj2i-xMuvFNRqTcNR3iQG0YEzX1I__VXROfctf0XdCT0vkwNc9i2T6oxaXrHyZ7JIIKcWpkwRoQwpivweYj9MGIgE1uQnF6BNfQNqnTq__vhnUrSDC0tnXvBzbz6GXuqiGXRdouBmTqxoqhgy5OUFK0AsslKwbMTfUUZdxAhJPi0323BIht8akSLmz2TH97RwC2kG52Zr9LIssYK6x2eXn8ATfZVCr0OH6_UmZYvoZAfdHy0YuBq74ValoR6pOrlr3Bo38SXfzmu4BANVTSfe-LNMm2VYq-F8SWBEIPGhdavg6-DmlH_4bWGTODmTUoGKLJVggWLIFayFNwCG8FERaPzRcylQEXSDSRUTFfn4C07FOb-LYXVUdYKc2Ot8ZSsSx9FqjlVisjJ6gw8Wt6yxCfdwyckzn33CAEC_GI2lonzBYrQ4vgaTNSTyRRyyc3Iuor-5aR3CXxxfeeaqYyf_BQQC-wtUMyiXuDJhHcA3GO2sfWqwQOo187xuyI6Xn8vSTKaRbclNYuragRgHwkmFFKaRRGVxVOI7J5z1bLlSwmrwCE934svLVgLbQtCLT0zEY_6-_EkRtacxe05GEDZfrZGQGcsNab3jZx7Wz1P30wB42sLMkmR45yh7MjRVize74dMOOdeFpxaydILFN4SwgrIStXiYIYp-D1hSQgckhc1qEz8upmhMkm0dWHQ1fDtCmWJCdgTyeo4HzTAEmeXMdNe_v17WG29hHre-HGNPrbfZo29mZAFNGC1e9QVeu1QV_MfkgBUPZLu-AsVjrn-YkE6Vpet7d-SjbIMzPcAVr0NYSTKZNjudSdKdh2z-y2izmxT70RgcXrY7IkSVIKHmsRlKsRTqAjhd0ZrT24IjdPZa6utv1pYpNTrFsWR-wA9JDm0QLMzDMj3QBMzuw7RHDaacaHc7q1jWeH41Ieu5edly9bTwcs5u52ithAqb_B3dLGSeqon_4v5e3a2pvugSfUVCWXOnQEDcCkVtAYDWETtg8idvWUlX_TtwdvCUoCFIXR-NgCQM5waZEWbYuZBklS_hHv2Ub45xVHudUBCa4XHx52gPJsrDkYyogCSAn0McUt1oTOUwZHHIFT7zGf1_Hi7NYSFts5vKKoaOyOa-h4DngYIkoP4XPpmxtp6vLIO2giM2HmisoaAq27cPlHZ_8c4PaRofvnW9UUkDihCV9qQb1-R6skDIgBUaXbERyAIvsy7Ur3UbzDP9b5UbuorVyt54kXJMCaynnHdkF8VZjJSnWDzQqgtXf1SAoRxYofgXUsAFtsXNydVlTiiwPTfu4WEWUQFP6fasahfYro5g0NCqw_ADTbQpz_C2-zpnraqDScufgdyxpDEWwPxBc4p4w35gnC--wtNJfW47ri1YKiJJLkcO-2GgaLe-V4JtJjrOINZHco8y9DmKUpdaKWu1nevrMJKS2xBAfJNTXK76PHovvrJA-SbRNaKfidGkvbITMaXxAaltMswLtgSfCtw2cCGzmqsaRq6EpFowHLey8mm_hIVcs3oW9wkblGvxAFBWJpsPVtx5cJqVWNYxHiAdwxNQljFHYmhedNOR7MO0DB8DKwrVQHzcB-7zfsvyMoENrQ4QQ-mMCYz9Re90I0cGIQ7PAuHgx4Xxq34ubD4HH-MY7DmUApdohD-VF-uV8dRdq3WOArkV0&pr=13%3AZZAtqwAAAADlroWqiGvKE_vBWwYkYoFRIytQJQ&cid=CAQSSQAvHhf_rwj2rlFOKZKNXY4r1mNMbDJvKOgQW1cucoWLmkQUJhmrH5HX86feL22lcFDaMTa-anQ5Ho0KWEE3aSHJPOKG7Tjlz0oYAQ&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcnz.to%2F&ds=l&xdt=1&iif=1&cor=1803497362811815700&adk=2107871143&idt=90&cac=0&dtd=65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:48:16 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame AA3C 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cu-DYFdPKH9qTtwjudzNuqlE-JUlCgziTplCnQCM4tBs8Kld7nlOtwDyX-RylIxlcwfmuvkan3MhogLPTNAbwLxDEuYYef6V-bAm00lpd6g4G308Gd_sT_A936-zq3-rvqwGOGKDqd7ERsTiMlhlipwUmmogLkr6kXFrhrRN6w-mFl47M&cry=1&dbm_d=AKAmf-BVSI2P-P0pEFrs4jb3NrFDyOx_XdScZs0Davxnbf0WwarSgv8DtnMfUo3Kk9VwnNlFfpUL-Oihs0WOYZqR8ut0pL10AKRXIfyT_TG4EA35ebgBWERc7eGfRdhb27INfbyJ0YqXLSKqHe7nmDeYhKng3mlghuOYx2QwWAHQZ71TvkmsFbdIEK4up3RLXs77SiqbnZiJVW7YXhH92JlGimznru_h7fALk8virSCGrcsPJ9AIO1ZndmPboJ4UZk-BKbFy3cbBUc02c6ELPCjYPljfOsQsttUgGOdzjdTefXGPeTO0eG5HNt_h4eNhuUsRg_RxsXplE-_50LV2vmo8FvKPECieR9ogcJZi3BI9Fedck3krGfyHe8GGwD74LdI70jVzk73PrnEJ-PpWQY3uezI_7hqhVvyu1Ch4WWyAMt3fszJUOn2h4mUefX6VPqzn7374tK4oc2vfFcgvm1pg25Kv9FuPCSyr6EMdaspr-XT_EjcJFGh73AEM_-VCZGGvtQX78T4YoXS5QESp6QsFeon7AnmZzgGBoV7SagflyKR9V_Ov3nPWAKyjf6LjpdcozZblOXd2NclpqPZOUeQ2gcjArQqtH-SQi62K4AiSWl8da1h3YMrhb8epuckfTdSaq9RIqR2eBsQnej5mMl9kwZdrncHy-UWeirmzCQxMnFc60vKv1x6RAYMpXlywD9Bb6ARFeybUYAESOs9y_jxN7m_wxZgXwkAYaQJjxjxuKPKFOgyqBNJU4qOTUK7Yu6eTEvNGYKfYV-ryKwwjFVFK8cloJO_Kjxa8VAe65UJMgkpyrovMGk30xaS9uyCgcsPGB77O4k04Un-PkhDHgny8V8RA-K1L3UwZGhkcX2pAeuc-zgtoVeZxzgFwU9h9RVlVoriFGjX4DQz6XdAaAG0v_QGV1gfKPjNdnpy3TJVPy19LUQW_6hjUjaQ9cowjqr_7VzkgRHG4Lfns0uF4lopCGGaug56ysJgK14wRG0FFMW4ZJ6tavXPv5Y0ReAFSBz_b99CxQeBHSQHLLse-loQlvDOONtiVmbSXpsBgCMTFEAf5BkawmDqkNLSGQbtLQX1UqjRL6XKuYr_GbdSV-d63cR9xwjc0rl5qYLYXDyc9Cn0FPBq4-R_KemSYYOday7l55tCjhtmtIqOjEMXOGp2yqXVMGlCaZDIovqkXtI0RQqpgNypEzahXHGUn48lY-vL0g-TJT2JQTnsSLgZGmdUYIShHx08edkQ-0bI4Mjrkztz0roIMaKdQaztKIiUSc4IcSTvZyuT5RouNOTQxwT4uwYTqkaYr5LSj45kjgfsHd5_Cg-8MQf1COz4gMXDDuSpeLspojuLu5zJHH4ONirNK1cIcSKuI8EtT5C6SNlYlxQj2i-xMuvFNRqTcNR3iQG0YEzX1I__VXROfctf0XdCT0vkwNc9i2T6oxaXrHyZ7JIIKcWpkwRoQwpivweYj9MGIgE1uQnF6BNfQNqnTq__vhnUrSDC0tnXvBzbz6GXuqiGXRdouBmTqxoqhgy5OUFK0AsslKwbMTfUUZdxAhJPi0323BIht8akSLmz2TH97RwC2kG52Zr9LIssYK6x2eXn8ATfZVCr0OH6_UmZYvoZAfdHy0YuBq74ValoR6pOrlr3Bo38SXfzmu4BANVTSfe-LNMm2VYq-F8SWBEIPGhdavg6-DmlH_4bWGTODmTUoGKLJVggWLIFayFNwCG8FERaPzRcylQEXSDSRUTFfn4C07FOb-LYXVUdYKc2Ot8ZSsSx9FqjlVisjJ6gw8Wt6yxCfdwyckzn33CAEC_GI2lonzBYrQ4vgaTNSTyRRyyc3Iuor-5aR3CXxxfeeaqYyf_BQQC-wtUMyiXuDJhHcA3GO2sfWqwQOo187xuyI6Xn8vSTKaRbclNYuragRgHwkmFFKaRRGVxVOI7J5z1bLlSwmrwCE934svLVgLbQtCLT0zEY_6-_EkRtacxe05GEDZfrZGQGcsNab3jZx7Wz1P30wB42sLMkmR45yh7MjRVize74dMOOdeFpxaydILFN4SwgrIStXiYIYp-D1hSQgckhc1qEz8upmhMkm0dWHQ1fDtCmWJCdgTyeo4HzTAEmeXMdNe_v17WG29hHre-HGNPrbfZo29mZAFNGC1e9QVeu1QV_MfkgBUPZLu-AsVjrn-YkE6Vpet7d-SjbIMzPcAVr0NYSTKZNjudSdKdh2z-y2izmxT70RgcXrY7IkSVIKHmsRlKsRTqAjhd0ZrT24IjdPZa6utv1pYpNTrFsWR-wA9JDm0QLMzDMj3QBMzuw7RHDaacaHc7q1jWeH41Ieu5edly9bTwcs5u52ithAqb_B3dLGSeqon_4v5e3a2pvugSfUVCWXOnQEDcCkVtAYDWETtg8idvWUlX_TtwdvCUoCFIXR-NgCQM5waZEWbYuZBklS_hHv2Ub45xVHudUBCa4XHx52gPJsrDkYyogCSAn0McUt1oTOUwZHHIFT7zGf1_Hi7NYSFts5vKKoaOyOa-h4DngYIkoP4XPpmxtp6vLIO2giM2HmisoaAq27cPlHZ_8c4PaRofvnW9UUkDihCV9qQb1-R6skDIgBUaXbERyAIvsy7Ur3UbzDP9b5UbuorVyt54kXJMCaynnHdkF8VZjJSnWDzQqgtXf1SAoRxYofgXUsAFtsXNydVlTiiwPTfu4WEWUQFP6fasahfYro5g0NCqw_ADTbQpz_C2-zpnraqDScufgdyxpDEWwPxBc4p4w35gnC--wtNJfW47ri1YKiJJLkcO-2GgaLe-V4JtJjrOINZHco8y9DmKUpdaKWu1nevrMJKS2xBAfJNTXK76PHovvrJA-SbRNaKfidGkvbITMaXxAaltMswLtgSfCtw2cCGzmqsaRq6EpFowHLey8mm_hIVcs3oW9wkblGvxAFBWJpsPVtx5cJqVWNYxHiAdwxNQljFHYmhedNOR7MO0DB8DKwrVQHzcB-7zfsvyMoENrQ4QQ-mMCYz9Re90I0cGIQ7PAuHgx4Xxq34ubD4HH-MY7DmUApdohD-VF-uV8dRdq3WOArkV0&pr=13%3AZZAtqwAAAADlroWqiGvKE_vBWwYkYoFRIytQJQ&cid=CAQSSQAvHhf_rwj2rlFOKZKNXY4r1mNMbDJvKOgQW1cucoWLmkQUJhmrH5HX86feL22lcFDaMTa-anQ5Ho0KWEE3aSHJPOKG7Tjlz0oYAQ&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcnz.to%2F&ds=l&xdt=1&iif=1&cor=1803497362811815700&adk=2107871143&idt=90&cac=0&dtd=65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 13:17:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
5466
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Dec 2024 13:17:10 GMT
adj
bid.g.doubleclick.net/xbbe/creative/ Frame AA3C
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1552256/76024099/xbbe/creative/adj?p=APEucNU94AhH1VI5SjcCs-l8VmeMAUHybXvi-gFWwJKtswzisY_-ZP8&d=CokBAKAmf-BUeYD0aNTygpasvcodkacXP8civ4kd6_i6BGb7JHj79IA_f0jHWAD...
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNU94AhH1VI5SjcCs-l8VmeMAUHybXvi-gFWwJKtswzisY_-ZP8&d=CokBAKAmf-BUeYD0aNTygpasvcodkacXP8civ4kd6_i6BGb7JHj79IA_f0jHWADCT7R9X2cPw_G-s28u84mVWV-LF...
72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNU94AhH1VI5SjcCs-l8VmeMAUHybXvi-gFWwJKtswzisY_-ZP8&d=CokBAKAmf-BUeYD0aNTygpasvcodkacXP8civ4kd6_i6BGb7JHj79IA_f0jHWADCT7R9X2cPw_G-s28u84mVWV-LFtXADDA5RCCKMQS2ENfgSIJhnSFURVBLrYX2H9K13Y-V3nc-D0zb0VtoC-fTshY8FZ9_lhHIFTPJATnB0wNcdEwMnPBJalGV_goSiQ4AoCZ_4OMvo8tmbuHbxJDTHmZjszBni024kbZYIpLP8UZONmuUU53vZUgHvyR_fTElkGT3ePB3iApICflv009mRL_bPzeZ6X4zxC6bgG7YRoRHsW5TRljepPx8h_OxrVhHRbr67ngzcVlf41YhzNpChDzzfqAVP-xLVnu3_wbOnC9aiDbydreLdYV-bYyyqmdLX_G2SqcdC-IQkVwerGgAcXKYaxdkgWO00wbTv_x_KPlwPpr94RMXAe1KDYu5jQQcBmEAFbngkCzniilhp9yu-zluXcgZGCjB62qusjdPIDpSzl9i7xKKNa2D3EzBoniiGoz8IMqiBKJ1wSBvUHgxrfrlUKc9hIz8-8AqsQcYMdeRFNXl9BZzRFN28S05DyrajO7Dq1tu8fn-Kq8E7eUwF8SNZfPYvzxKq8v6PBmrjL_xj5xY_czSj8GPOpRdAUtAfqN5C0DtmjOQKM9LHtazYbUYCKS11ySc8Df8LQXbjknFEa2zrWK8d0yJ2g4a6vzY4aLY9YvrOgtdIk5SQo_2n5moMP-JnmmSdRrwweL6rzirVDt4WnOJ6E5YkFQkdWjkhaYMFhJNCYWEdmwkaL-bjz_-YYIemrdWFQXPfgQoZU6Q_FBGYDMBTD6WsZMOEXPXeW4AC-z9nOyJh_bYvA0OXSVZ0D0h9TdrGOHC_J5Z5LTiBkq2RNhUyTfin_7J-iXf9edgYJ3uU3Lc-E5G9_hAv8QtiqC17BINUtEDBWncVHReUra8d1fUZtbraOVztfDcqxh5o9msom7bnwIQ9joXMddImc8emlTlyV2d_V1229yDXfSt1qiIuKa3T2x-eANBO54mz0rUC1GohkKJwgEc4zGjsvt0e1-yDpk12WWgeu6wbErm85LKh5t7rRtliJl_vWuJCvovqCoilJn1Zjuw8a9YRSKv_y-b_aoxe6Y-QkSs0sXe1JABEOO0fDz5nCikneU16nSc4ari2s7qnW78MPMonn0Bu2zmx5EA-1mxPo5p55uqUX9hO2KGZrETjMXc1_mNXGYv-FMc5OEWRetvhcl0CzoF5Ci1DG1j5GYKKcnEiNm0YH0qrM0XIJxWs5Sil3yklzj8Xu25BRE7q4-kEqQ02g3LbWUdvm-E8fNxDlZvr07nWZs136IXaO1nmUwkKwazTimYoT5VGEg8CJcJByAgPxwVa1qpMqQMgqzhF0v09d_sOopD9G6KU1tr6PzNC_YDkzhseb0GSLwMZ9A8n-J-x6jpGIiANxD1oC60yb3Pt_sVjPR5B2rdLFIxzWQIdNfdjeQJXX85RvcQGT82FprtuxSFF9L0MZwUSqE_Mm4EFltzst4Z1iBg-b9mhCboBSC2w3xSgF_IzuJz0tUsfNyokHaI_fW3n6hJxjp53n5OXfHhfRi5icEu3nSxEvu7rPC6oFaH286d9WNUKCbklyVXYmk_O6Pxf2hZvgJxQ6adsC34Z61Dse1U9Rb9T0tPx81gOR-Rn9NJOCiwU_VmsFhwzBuDHnR1H5pk03lPItcxzoBlHYF7iuCqSmEHsxJfzRheCcKYpHupkOulEVjGbxhtCPar8hD-6T02T6WU81elEymtF3p3rTahh9uIq0U4k4mDDiU6pwnZaIteMLqL4PQvZ-TBZTcMz5fk0N2UDPpt0XPV0wfCHYMfmydr13ndkw_Of0N6pElh8xqkCDmrNFH1FWIMRQqDUZPuhgKiNYMdtl3QmO2Jd8ep30S4slZMnHjWgkFpw3UEWtuJLMkXohWDrvfNg4NtoZJdJLRlw1VJRDM-6M7UXzb-bvWsISw_gr3nqoFzfHzK_P0eZUimiTtUGvt5V_QaB3NpFHPyBslQQ89BsFU0LvrpWpViJadpUpODsJTqkO3Hq8-R8lRw194Wv7C97HomzirA2Jgq5yik1I2qpmIGSwvFtsePdBnqmS3wK5Pj8b0kVDg00MRAqptfNANLxYOesbROZWESX2vniP47lwHknM-jc2RQilyDWrRftu2verKBplTpjEeFtm1tvaqBflNnaYvocAFF1qmo0ic2zntv2VVow5fmoibW-qclI60V75e9Xc-qT8HXHRl8RR7x1GWIHQqjBkgE2-Z1HV4sQfNGQ_ZIuj5hcEyJ78m-s6-_U-9DDHnH0jIple57I78cWs0OHFrt1cG7PlG4AZc8PWNe5IOnFRwaI2sQ55RHwGKe414bHrFUlaJe87jhF7NirCPLMABaJM0pVKByosoAEmD4_Yw5w_HM6s3e0TdDCqg-La7AcYdULBLzNloyqKah0UH64knmibMwFprazD4_rynXcnezEVyvjc8yw5qUilV4lJANkYGQyzFowbI1fWpNwp-cWUBomLTx0UVsf8Wp_w8qqdPTbsrMZHLjRrBOXUU0VHvbszQKaTEVINv_xDK57GZyGk8IBBJJAC8eF_-vCPauUU4pko1djivWY0xsMm8o6BBbVy5yhYuaRBQmGasfkdfzp94vbaVwUNoxNr5qdDkejQpYQTdpIck84obtOOXPShgBYAE&bundleId=&ias_xappb=
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
b4de15b69acb58d5a5907d860d610dfd8941b0b54ff9b1ff6f65a1cff4805e59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25500
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
server
nginx
x-server-name
app21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNU94AhH1VI5SjcCs-l8VmeMAUHybXvi-gFWwJKtswzisY_-ZP8&d=CokBAKAmf-BUeYD0aNTygpasvcodkacXP8civ4kd6_i6BGb7JHj79IA_f0jHWADCT7R9X2cPw_G-s28u84mVWV-LFtXADDA5RCCKMQS2ENfgSIJhnSFURVBLrYX2H9K13Y-V3nc-D0zb0VtoC-fTshY8FZ9_lhHIFTPJATnB0wNcdEwMnPBJalGV_goSiQ4AoCZ_4OMvo8tmbuHbxJDTHmZjszBni024kbZYIpLP8UZONmuUU53vZUgHvyR_fTElkGT3ePB3iApICflv009mRL_bPzeZ6X4zxC6bgG7YRoRHsW5TRljepPx8h_OxrVhHRbr67ngzcVlf41YhzNpChDzzfqAVP-xLVnu3_wbOnC9aiDbydreLdYV-bYyyqmdLX_G2SqcdC-IQkVwerGgAcXKYaxdkgWO00wbTv_x_KPlwPpr94RMXAe1KDYu5jQQcBmEAFbngkCzniilhp9yu-zluXcgZGCjB62qusjdPIDpSzl9i7xKKNa2D3EzBoniiGoz8IMqiBKJ1wSBvUHgxrfrlUKc9hIz8-8AqsQcYMdeRFNXl9BZzRFN28S05DyrajO7Dq1tu8fn-Kq8E7eUwF8SNZfPYvzxKq8v6PBmrjL_xj5xY_czSj8GPOpRdAUtAfqN5C0DtmjOQKM9LHtazYbUYCKS11ySc8Df8LQXbjknFEa2zrWK8d0yJ2g4a6vzY4aLY9YvrOgtdIk5SQo_2n5moMP-JnmmSdRrwweL6rzirVDt4WnOJ6E5YkFQkdWjkhaYMFhJNCYWEdmwkaL-bjz_-YYIemrdWFQXPfgQoZU6Q_FBGYDMBTD6WsZMOEXPXeW4AC-z9nOyJh_bYvA0OXSVZ0D0h9TdrGOHC_J5Z5LTiBkq2RNhUyTfin_7J-iXf9edgYJ3uU3Lc-E5G9_hAv8QtiqC17BINUtEDBWncVHReUra8d1fUZtbraOVztfDcqxh5o9msom7bnwIQ9joXMddImc8emlTlyV2d_V1229yDXfSt1qiIuKa3T2x-eANBO54mz0rUC1GohkKJwgEc4zGjsvt0e1-yDpk12WWgeu6wbErm85LKh5t7rRtliJl_vWuJCvovqCoilJn1Zjuw8a9YRSKv_y-b_aoxe6Y-QkSs0sXe1JABEOO0fDz5nCikneU16nSc4ari2s7qnW78MPMonn0Bu2zmx5EA-1mxPo5p55uqUX9hO2KGZrETjMXc1_mNXGYv-FMc5OEWRetvhcl0CzoF5Ci1DG1j5GYKKcnEiNm0YH0qrM0XIJxWs5Sil3yklzj8Xu25BRE7q4-kEqQ02g3LbWUdvm-E8fNxDlZvr07nWZs136IXaO1nmUwkKwazTimYoT5VGEg8CJcJByAgPxwVa1qpMqQMgqzhF0v09d_sOopD9G6KU1tr6PzNC_YDkzhseb0GSLwMZ9A8n-J-x6jpGIiANxD1oC60yb3Pt_sVjPR5B2rdLFIxzWQIdNfdjeQJXX85RvcQGT82FprtuxSFF9L0MZwUSqE_Mm4EFltzst4Z1iBg-b9mhCboBSC2w3xSgF_IzuJz0tUsfNyokHaI_fW3n6hJxjp53n5OXfHhfRi5icEu3nSxEvu7rPC6oFaH286d9WNUKCbklyVXYmk_O6Pxf2hZvgJxQ6adsC34Z61Dse1U9Rb9T0tPx81gOR-Rn9NJOCiwU_VmsFhwzBuDHnR1H5pk03lPItcxzoBlHYF7iuCqSmEHsxJfzRheCcKYpHupkOulEVjGbxhtCPar8hD-6T02T6WU81elEymtF3p3rTahh9uIq0U4k4mDDiU6pwnZaIteMLqL4PQvZ-TBZTcMz5fk0N2UDPpt0XPV0wfCHYMfmydr13ndkw_Of0N6pElh8xqkCDmrNFH1FWIMRQqDUZPuhgKiNYMdtl3QmO2Jd8ep30S4slZMnHjWgkFpw3UEWtuJLMkXohWDrvfNg4NtoZJdJLRlw1VJRDM-6M7UXzb-bvWsISw_gr3nqoFzfHzK_P0eZUimiTtUGvt5V_QaB3NpFHPyBslQQ89BsFU0LvrpWpViJadpUpODsJTqkO3Hq8-R8lRw194Wv7C97HomzirA2Jgq5yik1I2qpmIGSwvFtsePdBnqmS3wK5Pj8b0kVDg00MRAqptfNANLxYOesbROZWESX2vniP47lwHknM-jc2RQilyDWrRftu2verKBplTpjEeFtm1tvaqBflNnaYvocAFF1qmo0ic2zntv2VVow5fmoibW-qclI60V75e9Xc-qT8HXHRl8RR7x1GWIHQqjBkgE2-Z1HV4sQfNGQ_ZIuj5hcEyJ78m-s6-_U-9DDHnH0jIple57I78cWs0OHFrt1cG7PlG4AZc8PWNe5IOnFRwaI2sQ55RHwGKe414bHrFUlaJe87jhF7NirCPLMABaJM0pVKByosoAEmD4_Yw5w_HM6s3e0TdDCqg-La7AcYdULBLzNloyqKah0UH64knmibMwFprazD4_rynXcnezEVyvjc8yw5qUilV4lJANkYGQyzFowbI1fWpNwp-cWUBomLTx0UVsf8Wp_w8qqdPTbsrMZHLjRrBOXUU0VHvbszQKaTEVINv_xDK57GZyGk8IBBJJAC8eF_-vCPauUU4pko1djivWY0xsMm8o6BBbVy5yhYuaRBQmGasfkdfzp94vbaVwUNoxNr5qdDkejQpYQTdpIck84obtOOXPShgBYAE&bundleId=&ias_xappb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 48AF 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.22.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-80.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 08:06:12 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 0f798c5dc07bf9546ee3d4bc341d91a4.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P3
age
7886525
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
7_QVcJIQhkT_8nxRaVdysMxQ-l_vBDdA-XBeQQmtTt9QSziMFIScXw==
dt
dt.adsafeprotected.com/ Frame AA3C 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1552256&asId=871837eb-91dc-86a4-fc86-9c9b3d1bbaf0&tv=%7Bc:ygbzBJ,pingTime:0,time:69,type:c,env:%7Bnr_rHRbA1:0%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:320,h:100,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:69,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.320.100,am:i,cc:NaN.NaN.320.100,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B62~0%5D,as:%5B62~320.100%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZVYSMa+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o31%7C1o4%7C1p1*.1552256-76024099%7C1p11%7C1q%7C1r1,idMap:1p1*,rmeas:1,rend:0,renddet:IMG.us.bi,siq:27,metricId:rHRbA1,cmr:t%7D&br=c
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame AA3C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1552256&asId=871837eb-91dc-86a4-fc86-9c9b3d1bbaf0&tv=%7Bc:ygbzBK,pingTime:-3,time:70,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:320,h:100,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:70,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.320.100,am:i,cc:NaN.NaN.320.100,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B63~0%5D,as:%5B63~320.100%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZVYSMa+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o31%7C1o4%7C1p1*.1552256-76024099%7C1p11%7C1q%7C1r1,idMap:1p1*,rmeas:1,rend:0,renddet:IMG.us.bi,siq:27%7D&br=c
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame AA3C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1552256&asId=871837eb-91dc-86a4-fc86-9c9b3d1bbaf0&tv=%7Bc:ygbzBL,pingTime:-6,time:72,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:72,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.320.100,am:i,cc:NaN.NaN.320.100,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B65~0%5D,as:%5B65~320.100%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZVYSMa+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o31%7C1o4%7C1p1*.1552256-76024099%7C1p11%7C1q%7C1r1,idMap:1p1*,rmeas:1,rend:0,renddet:IMG.us.bi,siq:27%7D&tpiLookup=ao:cnz.to*%2C8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com*&br=c
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
x-server-name
dt25.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame AA3C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1552256&asId=871837eb-91dc-86a4-fc86-9c9b3d1bbaf0&tv=%7Bc:ygbzC1,pingTime:-2,time:87,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:298,beZ:299,mfA:302,cmA:303,inA:304,inZ:307,prA:307,prZ:320,si:325,poA:326,poZ:351,cmZ:351,mfZ:351,loA:369,loZ:372,ltA:384,ltZ:384%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:320,h:100,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:87,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.320.100,am:i,cc:NaN.NaN.320.100,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B80~0%5D,as:%5B80~320.100%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZVYSKJ+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o.1298974-68196513%7C1o1%7C1o2%7C1o31%7C1o4%7C1p1*.1552256-76024099%7C1p11%7C1q%7C1r1,idMap:1p1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us.bi,siq:27,sinceFw:57,readyFired:false%7D&br=c
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
x-server-name
dt24.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
amzns2s
rtb.gumgum.com/usync/ Frame 9FF2 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.253.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-253-159.compute-1.amazonaws.com
Software
nginx /
Resource Hash
69886dddae62f719eb04d328159de91fc414dc015c770fd3dd5afe8ef4f0d35f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 30 Dec 2023 14:48:17 GMT
etag
W/"0a1c836c26d4c685063c4c1cf8fc33201"
server
nginx
timing-allow-origin
*
ads
securepubads.g.doubleclick.net/gampad/ 		98 KB
43 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3698468271802399&correlator=3119246904988642&eid=31077978%2C31080121%2C31080056&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1030006%3A22697653334%2Cchocolateandzucchini%2Ccontent&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C728x90%7C336x280%7C468x60%7C250x250%7C320x50&fluid=height&ifi=5&sfv=1-0-40&fsbs=1&eri=5&sc=1&cookie=ID%3D8eb997a522143a69%3AT%3D1703947694%3ART%3D1703947694%3AS%3DALNI_MY-d_AijHSgCYvANmWi6-7bKf94VQ&gpic=UID%3D00000a057286812f%3AT%3D1703947694%3ART%3D1703947694%3AS%3DALNI_MaoHc7xFpwnaf_Wjxdy1ZcIunRTZA&abxe=1&dt=1703947696182&adxs=330&adys=4807&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcnz.to%2F&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&psts=AOrYGskRYsPhxZJGLCFGsC5q19Hz5np5hwQNmeswh6Fhn-mxFnX_0nIjycTQLEUTimRSVj2cVqJ0FIo99IIDo9E_Hjo&ga_vid=88848028.1703947691&ga_sid=1703947694&ga_hid=1019701129&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRjw5MnZyzFIAFICCG8SLwoKYW1hem9uLmNvbRIYN2JvRFJnaUpGRHlHWUVTbk5mTTJ0djIyGLHjydnLMUgAEhgKCXlhaG9vLmNvbRiU48nZyzFIAFICCGQSrgEKCHJ0YmhvdXNlEpgBcnRoclJCSmhTZ0NIQ3A4d1NRTXpvTmhKTmw4aTBsK2hGV1dhaHVkUjA2bEhBM2pFL0RDU3Y3eENRZVRqN2ZhZS85VzVLOStQOTIxUm5OWWIxRWtBaFNEOHpJMllsL0szL1ZtUWZOVVZaMmE0cUpjc0JYYi9ET0UzUUxGSVhqbkdVU1BHS2lLNEVzTGxGcVlKV3hnQUtRPT0Y9OXJ2csxSAASPgoFb3BlbngSLGV5SnBJam9pV2pScldVVm1OSHBDUTJOWE1VbFlRVkZtTlRoRVFUMDlJbjA9GKfkydnLMUgAEsMBCg5lc3AuY3JpdGVvLmNvbRKnAVk0VHFsVjlQSlRKQ2VURktTemh6YTA5aVZqSkxNa3MyVm1wcVZub2xNa1ppTnpaVlpsWkNkMkYwUzB0V1dta2xNa1poVjBSblRUSnZPRFJEVG1oWlJXSXpWRXM0ZVZsUFRraEliRUo0YzFkR1RESm9OMnMySlRKQ04ydE9RVmRETVdSUVdIWlpjbVYzTWpoTFkyRk1KVEpHWjNKQ2FGbHJiMUVsTTBRGKDsydnLMUgA&dlt=1703947689969&idt=1380&prev_scp=maxVelocity%3D801%26hb_bidder%3Dsharethrough_s2s%26hb_adid%3D105e2c2e85c2d41e%26hb_pb%3D0.56%26hb_sdef_set%3D0.961024%26hb_bid%3D0.56%26hb_bsbid%3D0.5555284%26hb_safeframe%3D1%26hb_s2sBidder%3Dsharethrough%26hb_liv%3D4%26hb_ub%3D0.56%26hb_size%3D300x250%26hb_pb_pubmatic%3D0.38%26hb_pb_rubicon%3D0.34%26hb_pb_indexExcha_s2s%3D0.45%26hb_pb_sharethrou_s2s%3D0.55%26hb_pb_rubicon_s2s%3D0.30%26hb_pb_appnexus_s2s%3D0.30%26hb_pb_openx_s2s%3D0.29%26sales_cat%3D210%252C211%252C216%252C217%26sales_safety%3DGGT0%26sales_kw%3Dparis%2520kitchen%252Cchocolate%252Czucchini%252Csimple%2520recipes%252Cblack%2520sesame%252Ckind%252Csabl%25C3%25A9s%252Cbutter%252Cissue%252Ctoasty%2520flavor%252Crecipe%252Cfrench%2520man%252Ceasy%2520meal%252Ccoconut%252Cshatter-prone%26sales_segment%3DGumGum%2520Verity%2520Seasonal%2520-%2520Fathers%2520Day%252CGumGum%2520Verity%2520Seasonal%2520-%2520Memorial%2520Day%252CGumGum%2520Verity%2520Seasonal%2520-%2520Thanksgiving%252FBl%252CGumGum%2520Verity%2520Seasonal%2520-%2520Christmas%252CGumGum%2520Verity%2520Seasonal%2520-%2520The%2520Big%2520Game%2520(A%26partnerLift%3DrubiconE4M3%26slot_id%3Dcontent_2_btf%26hb_count%3D13%26hb_pool%3D0%26hb_pmp%3D0%26UR%3D56%26URP%3D138%26OE%3D0%26google%3D1%26native%3D1%26slot_number%3D2%26slot%3Dcontent_btf%26arrival%3D0%26refresh%3D0%26sspm%3D0%26bidFloor%3D0.23%26ccpa%3D1---%26timeout%3Dcontent_lazy_d_2300%26gid%3D0%26inview%3D0%26adomain%3Dshopify.ca%26grow_state%3D1%26dsp_id%3D17CzF5ktQoN1vCLa3wP58vYU%263pc%3D1%26illr%3D0%26gpp%3D0-0-0&cust_params=site%3Dchocolate-and-zucchini%26path%3D%252F%26secure%3D1%26sessiondepth%3D1%26optout%3Dcpbm%252Cwl%26categories%3Dfood-and-drink%26generator%3Dweb%26bucket%3D42%26referrer_url%3DDIRECT%26utm_source%3D%26utm_campaign%3D%26dow%3D6%26day%3D30%26month%3D12%26hour%3D14%26wrapper_group%3D2.94.31%26wswy%3D8%26sessionId%3D88848028%26groupm%3D1%26browser%3DChrome%26os%3DWindows%26s2sVersion%3Dproduction&adks=2679453490&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
f673e5a948e8d720292cda8b8fb94439863ceac962b6f65f0e033cde1ceb2893
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cnz.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43767
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cnz.to
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame ACB0 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
86650
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 14:44:06 GMT
expires
Sat, 28 Dec 2024 14:44:06 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame ACB0 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 00:06:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
52892
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Dec 2024 00:06:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 24E9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BTa_Pri2QZbOdJOLD6toPoJKUwAoAAAAAOAHgBAI&bg=!trWltfrNAAY3kmNgF5I7ADQBe5WfOBulf8A70ifCb5NhgGwjfUbO8rRnaqhaEj5oodb4NrLVGUY16xQhaToGNNRStPxEAgAAAYBSAAAAA2gBB5kDUnSlMNANzAxS7m3-7eXK1noptNP4mNeyElnirPfzQRmxW_oZh_707CDJvSnMsk6IdgKeNZiGhZQL384lVVHdor5J1lMo5jTeKK-TwW7wp7_1ikHjV4QkLEmgUtcooPLn-8SHz0RG2E1YLDXsSfzwLAVXT3AYFKPGg0oc2m4NabLKaegPNbG-AMpWqZg-yb1eCG1UzqpSlg5blNSlnSUCMYNHezF3z_4TET-opzQ-uqHtonkOaO_m6Miil_OaQ8ddDdqFNHUo00WECc8Yufc7NKqmBii54d57qCUzSAQVOVuMcaiOj_BPUWoc19QqvMWejLFk-dx7_nLGWrs55MGUUKXGOlkYuK4DASTTIqr4TAVfy_QVAcHHJnXk5AlNOba2b438xYRTvjkwcnjC6cGcwVNXluCbHhSqan0NXaZIt1t0n4FmIvB2ETAUXuabXYg1K8mJ9xl5wY0Jx3qG-wAcUkf15sUymDnwnOWHozS_r_NwHxtRnDXQcKJRJiT0asz9RnjVjUurmu4jJoxyToy40P-RKqAeFJLESPN9B7iQjzhBw4h7RciknIuYn5Rn9Sbvj6ta7wD-zFgAKfbR5H6SF0X8diRUk5dLuSX_scH-myfbvX8fr4Bt4nlBdAb39Tpxm0C4t-feoAJzFOjtn0eJUCW9zz4yfeqG3OLT5V3jXw7L5KRTrjLnBDDm19UktmlzyU_IPVEFGn3j1psasTapS7JT6jPXbu-Kf-SifXBSdHiaKKjZUK2DOmUyFwMNO5juA-zlmicdjtwHTPABHIixsiWG9yFoZX33ooBURjXpOz5vXVI-9H_OXLjnywDZZ-TF_ePBwgWXTpCLh4tnpQ7TbcO3cqFDKLyzy6EzvNGNWY_p6gJ1rB_aisTXWGTJqaCMfkdXtbecKKfPT6eUSfAxfTVk2VhIPljy-ceBd8dgxdx9a3hpSX03bbxlKX2n328xU8qlTZKMcl_wX738iAMUQZDveUA3BEMx31O-mg3ImwgLviqcONnsyDSiy66wQJX66ZAuasz4pfWfPyrXGjJD8eNHMCyt9D19S0FRW94aLh0bpk1Grw6wlezdFJlGa7T7mIUV1jZmsAAxFNy3xQvW9BPDXFHGDehcRBy-lY_OBg8zLXY
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3E50 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 14:48:14 GMT
expires
Sun, 29 Dec 2024 14:48:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1AB3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 14:48:14 GMT
expires
Sun, 29 Dec 2024 14:48:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame AA3C 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
Origin
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 00:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52077
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 31 Dec 2023 00:20:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame AA3C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1552256/76024099/xbbe/creative/adj?p=APEucNU94AhH1VI5SjcCs-l8VmeMAUHybXvi-gFWwJKtswzisY_-ZP8&d=CokBAKAmf-BUeYD0aNTygpasvcodkacXP8civ4kd6_i6BGb7JHj79IA_f0jHWADCT7R9X2cPw_G-s28u84mVWV-LFtXADDA5RCCKMQS2ENfgSIJhnSFURVBLrYX2H9K13Y-V3nc-D0zb0VtoC-fTshY8FZ9_lhHIFTPJATnB0wNcdEwMnPBJalGV_goSiQ4AoCZ_4OMvo8tmbuHbxJDTHmZjszBni024kbZYIpLP8UZONmuUU53vZUgHvyR_fTElkGT3ePB3iApICflv009mRL_bPzeZ6X4zxC6bgG7YRoRHsW5TRljepPx8h_OxrVhHRbr67ngzcVlf41YhzNpChDzzfqAVP-xLVnu3_wbOnC9aiDbydreLdYV-bYyyqmdLX_G2SqcdC-IQkVwerGgAcXKYaxdkgWO00wbTv_x_KPlwPpr94RMXAe1KDYu5jQQcBmEAFbngkCzniilhp9yu-zluXcgZGCjB62qusjdPIDpSzl9i7xKKNa2D3EzBoniiGoz8IMqiBKJ1wSBvUHgxrfrlUKc9hIz8-8AqsQcYMdeRFNXl9BZzRFN28S05DyrajO7Dq1tu8fn-Kq8E7eUwF8SNZfPYvzxKq8v6PBmrjL_xj5xY_czSj8GPOpRdAUtAfqN5C0DtmjOQKM9LHtazYbUYCKS11ySc8Df8LQXbjknFEa2zrWK8d0yJ2g4a6vzY4aLY9YvrOgtdIk5SQo_2n5moMP-JnmmSdRrwweL6rzirVDt4WnOJ6E5YkFQkdWjkhaYMFhJNCYWEdmwkaL-bjz_-YYIemrdWFQXPfgQoZU6Q_FBGYDMBTD6WsZMOEXPXeW4AC-z9nOyJh_bYvA0OXSVZ0D0h9TdrGOHC_J5Z5LTiBkq2RNhUyTfin_7J-iXf9edgYJ3uU3Lc-E5G9_hAv8QtiqC17BINUtEDBWncVHReUra8d1fUZtbraOVztfDcqxh5o9msom7bnwIQ9joXMddImc8emlTlyV2d_V1229yDXfSt1qiIuKa3T2x-eANBO54mz0rUC1GohkKJwgEc4zGjsvt0e1-yDpk12WWgeu6wbErm85LKh5t7rRtliJl_vWuJCvovqCoilJn1Zjuw8a9YRSKv_y-b_aoxe6Y-QkSs0sXe1JABEOO0fDz5nCikneU16nSc4ari2s7qnW78MPMonn0Bu2zmx5EA-1mxPo5p55uqUX9hO2KGZrETjMXc1_mNXGYv-FMc5OEWRetvhcl0CzoF5Ci1DG1j5GYKKcnEiNm0YH0qrM0XIJxWs5Sil3yklzj8Xu25BRE7q4-kEqQ02g3LbWUdvm-E8fNxDlZvr07nWZs136IXaO1nmUwkKwazTimYoT5VGEg8CJcJByAgPxwVa1qpMqQMgqzhF0v09d_sOopD9G6KU1tr6PzNC_YDkzhseb0GSLwMZ9A8n-J-x6jpGIiANxD1oC60yb3Pt_sVjPR5B2rdLFIxzWQIdNfdjeQJXX85RvcQGT82FprtuxSFF9L0MZwUSqE_Mm4EFltzst4Z1iBg-b9mhCboBSC2w3xSgF_IzuJz0tUsfNyokHaI_fW3n6hJxjp53n5OXfHhfRi5icEu3nSxEvu7rPC6oFaH286d9WNUKCbklyVXYmk_O6Pxf2hZvgJxQ6adsC34Z61Dse1U9Rb9T0tPx81gOR-Rn9NJOCiwU_VmsFhwzBuDHnR1H5pk03lPItcxzoBlHYF7iuCqSmEHsxJfzRheCcKYpHupkOulEVjGbxhtCPar8hD-6T02T6WU81elEymtF3p3rTahh9uIq0U4k4mDDiU6pwnZaIteMLqL4PQvZ-TBZTcMz5fk0N2UDPpt0XPV0wfCHYMfmydr13ndkw_Of0N6pElh8xqkCDmrNFH1FWIMRQqDUZPuhgKiNYMdtl3QmO2Jd8ep30S4slZMnHjWgkFpw3UEWtuJLMkXohWDrvfNg4NtoZJdJLRlw1VJRDM-6M7UXzb-bvWsISw_gr3nqoFzfHzK_P0eZUimiTtUGvt5V_QaB3NpFHPyBslQQ89BsFU0LvrpWpViJadpUpODsJTqkO3Hq8-R8lRw194Wv7C97HomzirA2Jgq5yik1I2qpmIGSwvFtsePdBnqmS3wK5Pj8b0kVDg00MRAqptfNANLxYOesbROZWESX2vniP47lwHknM-jc2RQilyDWrRftu2verKBplTpjEeFtm1tvaqBflNnaYvocAFF1qmo0ic2zntv2VVow5fmoibW-qclI60V75e9Xc-qT8HXHRl8RR7x1GWIHQqjBkgE2-Z1HV4sQfNGQ_ZIuj5hcEyJ78m-s6-_U-9DDHnH0jIple57I78cWs0OHFrt1cG7PlG4AZc8PWNe5IOnFRwaI2sQ55RHwGKe414bHrFUlaJe87jhF7NirCPLMABaJM0pVKByosoAEmD4_Yw5w_HM6s3e0TdDCqg-La7AcYdULBLzNloyqKah0UH64knmibMwFprazD4_rynXcnezEVyvjc8yw5qUilV4lJANkYGQyzFowbI1fWpNwp-cWUBomLTx0UVsf8Wp_w8qqdPTbsrMZHLjRrBOXUU0VHvbszQKaTEVINv_xDK57GZyGk8IBBJJAC8eF_-vCPauUU4pko1djivWY0xsMm8o6BBbVy5yhYuaRBQmGasfkdfzp94vbaVwUNoxNr5qdDkejQpYQTdpIck84obtOOXPShgBYAE&bundleId=&ias_dspID=3&ias_campId=1013483123&ias_pubId=193478&ias_chanId=13&ias_placementId=20367901655&bidurl=https://cnz.to/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iTp2dZ0dGdFygba4gkfklQ&adsafe_url=https%3A%2F%2Fcnz.to&adsafe_type=g&adsafe_url=https%3A%2F%2Fcnz.to%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:871837eb-91dc-86a4-fc86-9c9b3d1bbaf0,c:ygbzB2,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7949887ccd-hzpvv,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.320.100,am:i,cc:NaN.NaN.320.100,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:rHRbA1,mtim:4,mot:0,app:0,maw:0,fm:tZVYSMa+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o31%7C1o4%7C1p1*.1552256-76024099%7C1p11%7C1q%7C1r1,idMap:1p1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us.bi,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:27,oid:76c89ea5-a722-11ee-940d-b25f653e03f1,v:19.8.466,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 14:54:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
85998
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 14:54:58 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame AA3C 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1552256/76024099/xbbe/creative/adj?p=APEucNU94AhH1VI5SjcCs-l8VmeMAUHybXvi-gFWwJKtswzisY_-ZP8&d=CokBAKAmf-BUeYD0aNTygpasvcodkacXP8civ4kd6_i6BGb7JHj79IA_f0jHWADCT7R9X2cPw_G-s28u84mVWV-LFtXADDA5RCCKMQS2ENfgSIJhnSFURVBLrYX2H9K13Y-V3nc-D0zb0VtoC-fTshY8FZ9_lhHIFTPJATnB0wNcdEwMnPBJalGV_goSiQ4AoCZ_4OMvo8tmbuHbxJDTHmZjszBni024kbZYIpLP8UZONmuUU53vZUgHvyR_fTElkGT3ePB3iApICflv009mRL_bPzeZ6X4zxC6bgG7YRoRHsW5TRljepPx8h_OxrVhHRbr67ngzcVlf41YhzNpChDzzfqAVP-xLVnu3_wbOnC9aiDbydreLdYV-bYyyqmdLX_G2SqcdC-IQkVwerGgAcXKYaxdkgWO00wbTv_x_KPlwPpr94RMXAe1KDYu5jQQcBmEAFbngkCzniilhp9yu-zluXcgZGCjB62qusjdPIDpSzl9i7xKKNa2D3EzBoniiGoz8IMqiBKJ1wSBvUHgxrfrlUKc9hIz8-8AqsQcYMdeRFNXl9BZzRFN28S05DyrajO7Dq1tu8fn-Kq8E7eUwF8SNZfPYvzxKq8v6PBmrjL_xj5xY_czSj8GPOpRdAUtAfqN5C0DtmjOQKM9LHtazYbUYCKS11ySc8Df8LQXbjknFEa2zrWK8d0yJ2g4a6vzY4aLY9YvrOgtdIk5SQo_2n5moMP-JnmmSdRrwweL6rzirVDt4WnOJ6E5YkFQkdWjkhaYMFhJNCYWEdmwkaL-bjz_-YYIemrdWFQXPfgQoZU6Q_FBGYDMBTD6WsZMOEXPXeW4AC-z9nOyJh_bYvA0OXSVZ0D0h9TdrGOHC_J5Z5LTiBkq2RNhUyTfin_7J-iXf9edgYJ3uU3Lc-E5G9_hAv8QtiqC17BINUtEDBWncVHReUra8d1fUZtbraOVztfDcqxh5o9msom7bnwIQ9joXMddImc8emlTlyV2d_V1229yDXfSt1qiIuKa3T2x-eANBO54mz0rUC1GohkKJwgEc4zGjsvt0e1-yDpk12WWgeu6wbErm85LKh5t7rRtliJl_vWuJCvovqCoilJn1Zjuw8a9YRSKv_y-b_aoxe6Y-QkSs0sXe1JABEOO0fDz5nCikneU16nSc4ari2s7qnW78MPMonn0Bu2zmx5EA-1mxPo5p55uqUX9hO2KGZrETjMXc1_mNXGYv-FMc5OEWRetvhcl0CzoF5Ci1DG1j5GYKKcnEiNm0YH0qrM0XIJxWs5Sil3yklzj8Xu25BRE7q4-kEqQ02g3LbWUdvm-E8fNxDlZvr07nWZs136IXaO1nmUwkKwazTimYoT5VGEg8CJcJByAgPxwVa1qpMqQMgqzhF0v09d_sOopD9G6KU1tr6PzNC_YDkzhseb0GSLwMZ9A8n-J-x6jpGIiANxD1oC60yb3Pt_sVjPR5B2rdLFIxzWQIdNfdjeQJXX85RvcQGT82FprtuxSFF9L0MZwUSqE_Mm4EFltzst4Z1iBg-b9mhCboBSC2w3xSgF_IzuJz0tUsfNyokHaI_fW3n6hJxjp53n5OXfHhfRi5icEu3nSxEvu7rPC6oFaH286d9WNUKCbklyVXYmk_O6Pxf2hZvgJxQ6adsC34Z61Dse1U9Rb9T0tPx81gOR-Rn9NJOCiwU_VmsFhwzBuDHnR1H5pk03lPItcxzoBlHYF7iuCqSmEHsxJfzRheCcKYpHupkOulEVjGbxhtCPar8hD-6T02T6WU81elEymtF3p3rTahh9uIq0U4k4mDDiU6pwnZaIteMLqL4PQvZ-TBZTcMz5fk0N2UDPpt0XPV0wfCHYMfmydr13ndkw_Of0N6pElh8xqkCDmrNFH1FWIMRQqDUZPuhgKiNYMdtl3QmO2Jd8ep30S4slZMnHjWgkFpw3UEWtuJLMkXohWDrvfNg4NtoZJdJLRlw1VJRDM-6M7UXzb-bvWsISw_gr3nqoFzfHzK_P0eZUimiTtUGvt5V_QaB3NpFHPyBslQQ89BsFU0LvrpWpViJadpUpODsJTqkO3Hq8-R8lRw194Wv7C97HomzirA2Jgq5yik1I2qpmIGSwvFtsePdBnqmS3wK5Pj8b0kVDg00MRAqptfNANLxYOesbROZWESX2vniP47lwHknM-jc2RQilyDWrRftu2verKBplTpjEeFtm1tvaqBflNnaYvocAFF1qmo0ic2zntv2VVow5fmoibW-qclI60V75e9Xc-qT8HXHRl8RR7x1GWIHQqjBkgE2-Z1HV4sQfNGQ_ZIuj5hcEyJ78m-s6-_U-9DDHnH0jIple57I78cWs0OHFrt1cG7PlG4AZc8PWNe5IOnFRwaI2sQ55RHwGKe414bHrFUlaJe87jhF7NirCPLMABaJM0pVKByosoAEmD4_Yw5w_HM6s3e0TdDCqg-La7AcYdULBLzNloyqKah0UH64knmibMwFprazD4_rynXcnezEVyvjc8yw5qUilV4lJANkYGQyzFowbI1fWpNwp-cWUBomLTx0UVsf8Wp_w8qqdPTbsrMZHLjRrBOXUU0VHvbszQKaTEVINv_xDK57GZyGk8IBBJJAC8eF_-vCPauUU4pko1djivWY0xsMm8o6BBbVy5yhYuaRBQmGasfkdfzp94vbaVwUNoxNr5qdDkejQpYQTdpIck84obtOOXPShgBYAE&bundleId=&ias_dspID=3&ias_campId=1013483123&ias_pubId=193478&ias_chanId=13&ias_placementId=20367901655&bidurl=https://cnz.to/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iTp2dZ0dGdFygba4gkfklQ&adsafe_url=https%3A%2F%2Fcnz.to&adsafe_type=g&adsafe_url=https%3A%2F%2Fcnz.to%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:871837eb-91dc-86a4-fc86-9c9b3d1bbaf0,c:ygbzB2,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7949887ccd-hzpvv,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.320.100,am:i,cc:NaN.NaN.320.100,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:rHRbA1,mtim:4,mot:0,app:0,maw:0,fm:tZVYSMa+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o31%7C1o4%7C1p1*.1552256-76024099%7C1p11%7C1q%7C1r1,idMap:1p1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us.bi,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:27,oid:76c89ea5-a722-11ee-940d-b25f653e03f1,v:19.8.466,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 23:42:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
54347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
server
cafe
etag
16225921609732785849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 23:42:29 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 8F18 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=193478&gdpr=0&gpp=DBABzw~1---~BqgAAAAAAgA
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4135612a99221d0fa21b270bc8723b871cb695e2d712bd5770c90bea59c67b

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83db152e99e836ae-YYZ
content-encoding
br
content-type
text/html
date
Sat, 30 Dec 2023 14:48:16 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnworWgXLyTdcdGj7KRj%2B4BVi%2B0a42SxxTcSHg0zf3TM3djUMvkkf%2B1AlCku5zCOGQkAAwT%2FRF%2BsxJdYg4oD8lHfsruwiKxpJafh4VSV82%2F4hw2%2FryO%2FowWmqn3xyo3graRLBZievA4YcA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3E50 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 00:00:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
53261
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 29 Dec 2024 00:00:35 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3E50 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:48:16 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DB19 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiHRhDRp0cYzq-Y3QEwAQ&v=APEucNV_xbitWYoLnxanlHYDIS-mIKUw28l31yxnZ1iSwT6AL39olXxt6KoivxJbT1nyaY_d2QHjPfUptfPUwYpayWTduYzqMw
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 14:48:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1298974/68196516/ Frame 1AB3 		255 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1298974/68196516/skeleton.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.90.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-90-71.compute-1.amazonaws.com
Software
/
Resource Hash
41f85c566a0dbe139d4f9c9c244f83b287edced6fcf24736ddf27e91584a3629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 1AB3 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 01:12:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
48968
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 01:12:08 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 1AB3 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 17:51:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
75397
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 17:51:39 GMT
view
ad.doubleclick.net/pcs/ Frame 1AB3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsu0WuTaS9I01scTd6ZAiCDhDsHe7J2gXhuHQBClQjRo_QjexaQaFdFIbygF0ln0CCMkmL4T132ZneC7PkBZ5aFpRJgIx9mdyQE8ZMVRqTao1ClbCRDFrciOCXnYp9v6aMXJs_WuYPUHDnLkgvZI9kinsjdrn5emhu5AGxAG_iUuYzGGkGthByls_nacVyXY16uOiLJ38lhp-FwQKJpt2jxe3MNBATNUxpz-bkJf-RaE1PxUleZ4t9adfawHZnRKQmbB7UqzNsZkuHNKNfhco_uSJACWak4ap3sZl5nyVzhoO44pHoNrwgvGwn63alI3m2bBdkubpTkTM-mC32FE51Ht_K_wAxEivWdlBX1Ko4uT8e9_CGJfwHqgHSs1_Sv_sv25UDbHO3LFEVzMWDE0GAFIYhQdbMLpmn_eHlxNO4lg7opSOtYWdUuguFI7TezR6Odd56T1WYwL7UmZmYxWbXH903jODk9nmVSMD0M2yUE4aY10rJdazlx_UDvT9lyC2sbur3lyi68QyQlmh_G89IMDgi4xk5Mdifn9q1s-bKjAOwbhVkhCe7MdvyyZ_ggtK4WmNTeK023Hprtt0VsjNqF3by9ttZ3utasiBfLJbFFl08ruERnT0Br8fcHmRnArxb7UWWqwvN18Uf2CSJLYUoJ0sUpk0i97Qmq_TaTyS6k0CpCFK8h-CHHAJS12tSxX4WdHbPFhdz3k3VGbmoW0L0RtFCKx2BRz7JHAERWvLrIJnj7EWZjonF-ulpWRQRxBl8F5786CsV1eFJcVAXTHXLGvPCj8F9u8q_MOtDw4Sv98bPMbjlCW5mw9x5iJqJpt9cYp_bekCtSdTjIqzkvQwi9AItfC_uB-ufCyAql5Mu622HdnvTJABHvsm0UKpF3Ar8A4vU_KGMA5M4n19sFzAQv2gxNma87oCLoADkevQQGJU5YEzYnq1z-ahAM2Uoz-34MQXQt9C0qA8pBszKBBF0iZqW3UO8bec4rJu1SkldkyKu_cpyUTddhpr-BsKzHRc4VSL48G2DY2oIcWD3IVY5KqNBAqZX9C7yW5ESW-oykpJglM8-_952yBUf4_h4vKxWDomJr1KYkJyZD41DA2qDgDEMgvrgryS52CsFcSrkNpGVx9BMuDXMcHEox5UFVEMm3MDWOMK4cdyGu8DVNLx3yLiJsYo4Bdr0siw94kCIvBwBFIF4g8tBl9dHGH8dEBsqfL53-VlwXzRF4ZrHQ0FKXNRpPOXcLqTpSfE0LeKpWYFU0jwU254eSrxtUTIKli5T0FhAT5DpmPZYWKcQfMgeC1NZuVSlijIqVzl0gZpHsaBWCf5rpwQoVeRbwMOCZGUhip-x3CjbTfQW6MLNRuGko434npMu_EQBfHA5NVD1feRaBoR9_sQpCimTbgjinTGyaD5fMHvQGQj9ZSK7kUjzkrMhBpkqE2eZRXBdFCdaBdf7DNsWYgBZj3jp0EzBKV49IUgMm0ceqzK3GMvWyKELG24nv9Qow7uOdIvgmByQtrDmaWRIB6VsZx&sai=AMfl-YRAZNfSyRIxVcbFb14iCkEus7ntPMqM1RRWuvlZ6vA84tpNpG_0WsrbXANS5mLi3hWO4jQGkiuQEUrQE6cS--OmX-OFGWxLf6JqvetlibSsv9s0MsiMN8YCOjMEkOwrWcPh_Pl-1Y8H8lLmUYUcWhaI66PmgDFkXvZq8kE5ojnI1i7BQbuadj87xS-VOf0-FS1CIKvhQ1wkHQahb7ap91CvH6lhEg-_c1Iit8CJ8YS1N09y2VEVlK0fd0IMwl-bnkNYwu3B0WJWeFntw7uIuXav1knzqsZd4gY0twhL6jD12mvPjFIpPyL-W7p1kEZKAay-xUryNhIMx8DtFq7wmuRuCUy0nKQNzX00aA9OfXGvPcgvsJ49zjTv1t5qf7_LoPVGpPNzk2TZqMXgHEluNvwGPsjEMFcEAt3inRL4vg&sig=Cg0ArKJSzH8t-bJVNQ1kEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYWRpbGxhY2NhbmFkYS5jYQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231207.39527&arae=0&ftch=1&adurl=
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 30 Dec 2023 14:48:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 1AB3 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 13:17:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
5466
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Dec 2024 13:17:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1AB3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 00:27:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
51627
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 00:27:49 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EB7C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
19068
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 09:30:28 GMT
etag
48472445140208031
expires
Sun, 31 Dec 2023 09:30:28 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1AB3 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 00:24:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
51800
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 00:24:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1AB3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DvtjE3nGmJkHNBpBD-52MZa9h5J5N8Np_mUXwyaYRatVhvjxQPlmc93pPE2U3AJVs-JZK4j_Hcr134h5W9P4GRDYIqMvicn5elPr-T0xjDZdbQ7xA
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1AB3 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:48:16 GMT
5080887523823338372
s0.2mdn.net/simgad/ Frame 1AB3 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5080887523823338372
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
41a23ef1bcd8162ad53e411eded278b23d15f8c3aaa403711cb8af5cc307d2cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 29 Dec 2024 08:22:45 GMT
date
Sat, 30 Dec 2023 08:22:45 GMT
x-content-type-options
nosniff
age
23131
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78006
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 20:20:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
dt
dt.adsafeprotected.com/ Frame FCD9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1298974&asId=408a6d4a-259f-badd-b9cc-791dd0d5ea17&tv=%7Bc:ygbzGx,time:456,type:e,im:%7Bimprf:%7Bttecl:751,ecd:239,tsecr:15%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:456,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B448~0%5D,as:%5B448~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZVYSKJ+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o*.1298974-68196513%7C1o1%7C1o2%7C1o31%7C1p1.1552256-76024099%7C1p11%7C1q%7C1r,idMap:1o*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:29,sis:283%7D&br=c
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
securepubads.g.doubleclick.net/pcs/ Frame 3E50 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqC9YGH6AYL0CuPsiIEkyeYu600KiJGowI3JZF2co-b-wLGRmrzyoyHWyKGjahfEJti21xYIgwdtnPZ8r_0YQzk8PxZq8JAZFj3qbnV87EmdMOJfJn53gNKwhArj9G2iClnTFUZeP_z9jb5d1Z8cfymFLrEjEszDCle8ar6K5C1xFrHxCSGoml4zf8Cl-uAYz926f0wXsR17qMEvsEndLCr7ZpqcnWQFvZPqSy7Y3xO2ruJhTncEI2zq7vPj4fsi3qZ89INZnHU_9mEu-hXa0v14fGxiHeIh5nzzjFzuHpBAN_XP3Y4Nxiz2eYUwk8L3wBJ6NZkAIxn2FeIWNDnRxr5AZu8xBvMUEdMDi-4jd9FFlrdEsGRpQ2jBagKWF3hN9CVEZBognL&sai=AMfl-YSsec48jxyCoxfl-KgGo-odWT0Up5eF_mOgi4N9HHQteY6A1knqH9GIZvLBPL8vJ9WchRT1aB2XG6LRM_I514JqPDRsUO6A7tNz4o6laE8mWYPSqI9cLXd023gyIK0&sig=Cg0ArKJSzPoOQFjn6V44EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
362358.gif
idsync.rlcdn.com/ Frame 8F18
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZAtr6yzX0QvgfmWsP6.BAAA%261351&gpdr=&gdpr_consent=&us_privacy=&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=DBABzw~1---~BqgAAAAAAgA&bidder_uuid=ZZAtr6yzX0QvgfmWsP6.BAAA%261351&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=172f0ee4dc514...
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=172f0ee4-dc51-4afd-9bb1-280f435372c7
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=48b12a2e-bad8-4687-af8f-2e19bbf7b62b%3A1703947698.0510182&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D48b12a2e-bad8-4687-af8f-2e19bbf...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=969188723640060651&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D48b12a2e-bad8-4687-af8...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=48b12a2e-bad8-4687-af8f-2e19bbf7b62b%3A1703947698.0510182&_=1703947698.0542147
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOaxWao0w9ttB6JC-xpYTRE&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOaxWao0w9ttB6JC-xpYTRE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=193478&gdpr=0&gpp=DBABzw~1---~BqgAAAAAAgA
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:20 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOaxWao0w9ttB6JC-xpYTRE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 8F18 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZAtr6yzX0QvgfmWsP6-BAAABUcAAAAB&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=193478&gdpr=0&gpp=DBABzw~1---~BqgAAAAAAgA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N9R224Y7ZJ7BA1THD2PM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8F18
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale?gpp=DBABzw~1---~BqgAAAAAAgA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ae9fa611-1916-4d55-ab82-f7eea3328191&expiration=1706539696&gdpr=0&gdpr_consent=
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ae9fa611-1916-4d55-ab82-f7eea3328191&expiration=1706539696&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=193478&gdpr=0&gpp=DBABzw~1---~BqgAAAAAAgA
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Er53ANLcaBTVna1dLgzMRKpZjdmGf%2Fvu2NAaLUmuwYffaiD0hsWgqgir86DPIzBro7QU7sVKqf9hUVSMrk2JwICzmF26ojHziGz1SKnsf7G4mEhJDbvJLOww%2F4suukRyCGKfh41aKZK8fA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83db152f6b21711c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ae9fa611-1916-4d55-ab82-f7eea3328191&expiration=1706539696&gdpr=0&gdpr_consent=
date
Sat, 30 Dec 2023 14:48:16 GMT
server
Kestrel
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 8F18
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZAtr6yzX0QvgfmWsP6-BAAABUcAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=&google_gid=CAESEG4YuTkTNFgva5v_ZOcwO6s&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=&google_gid=CAESEG4YuTkTNFgva5v_ZOcwO6s&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=193478&gdpr=0&gpp=DBABzw~1---~BqgAAAAAAgA
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QR6QihQ8SYWB4l6YEGwZcZwxsLKN5oZdp8xWZOQBcVQfrY9mpGRVIn9dFoGogtc5sQjzrEd8Mdtd%2B0t6tv8ZJom2fLw79q2zv0DAf%2BNPgRP8TrIVR7RdzamzBLqb89i39dXwl%2BRMO9CPFA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83db152febb6711c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=&google_gid=CAESEG4YuTkTNFgva5v_ZOcwO6s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
387
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
113
match.deepintent.com/usersync/ Frame 8F18 		0
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113?gpp=DBABzw~1---~BqgAAAAAAgA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=193478&gdpr=0&gpp=DBABzw~1---~BqgAAAAAAgA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 30 Dec 2023 14:48:19 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
rum
dsum.casalemedia.com/ Frame 8F18
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gpp=DBABzw~1---~BqgAAAAAAgA
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=643de0dc3b4911fa&is_secure=true&networkId=19998&version=1&gpp=DBABzw%7E1---%7EBqgAAAAAAgA
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGYvwrWNKbGQMTxduMAAAAAAA&expiration=1704034097&gpp=DBABzw~1---~BqgAAAAAAgA&is_secure=true
43 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGYvwrWNKbGQMTxduMAAAAAAA&expiration=1704034097&gpp=DBABzw~1---~BqgAAAAAAgA&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=193478&gdpr=0&gpp=DBABzw~1---~BqgAAAAAAgA
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fv8mSrMR1yW0FIodQP2biCF4IMsg7tSNsGtdLYvtYyPHxg0hlM6k9EheDRzuc6Ud2P%2BxXxd3M1LOuVpO6uKijwjDIUcz%2Fv8V9LcxKFh3hl5XPTgGSd7d%2Fpwz%2Bn%2FRyWpU6PoaBYiu"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83db1536ec4836ae-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGYvwrWNKbGQMTxduMAAAAAAA&expiration=1704034097&gpp=DBABzw~1---~BqgAAAAAAgA&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 8F18
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gpp=DBABzw~1---~BqgAAAAAAgA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZAtrgAKzRwSbwBd&gpp=DBABzw~1---~BqgAAAAAAgA
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZAtrgAKzRwSbwBd&gpp=DBABzw~1---~BqgAAAAAAgA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=193478&gdpr=0&gpp=DBABzw~1---~BqgAAAAAAgA
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KY4tCLZH3jBiGpjK%2FHjc8fGkAIRO8KdZQdufOijFNT9tDtowoUxKVR6I56ypSZiYf34PXG2PoP91OcCfoDCTKZNSzMYmh7T7EtSaQjS5CBvILMb6TjtQX7SyFuO8fsphScW1eWP%2F2OxTGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83db152f3adb711c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-yul12822-YUL
pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
via
1.1 varnish
server
Varnish
x-timer
S1703947696.494203,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZAtrgAKzRwSbwBd&gpp=DBABzw~1---~BqgAAAAAAgA
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 8F18 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?ZZAtr6yzX0QvgfmWsP6.BAAA%261351=&gpp=DBABzw~1---~BqgAAAAAAgA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=193478&gdpr=0&gpp=DBABzw~1---~BqgAAAAAAgA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:19 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
1115
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
83db15425e983a00-YYZ
content-length
43
expires
Sat, 30 Dec 2023 18:48:19 GMT
crum
dsum-sec.casalemedia.com/ Frame EE95
Redirect Chain
  • https://um4.eqads.com/um/cs?gpp=DBABzw~1---~BqgAAAAAAgA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=8dcf15ef-e7fa-4910-9b99-301f709ccc14&expiration=1711810099
43 B
743 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=8dcf15ef-e7fa-4910-9b99-301f709ccc14&expiration=1711810099
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=193478&gdpr=0&gpp=DBABzw~1---~BqgAAAAAAgA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83db15429fc1711c-YYZ
content-length
43
content-type
image/gif
date
Sat, 30 Dec 2023 14:48:19 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHrzCRzxAmZMK0xj5fHpz55%2BtCX%2B%2BMfaAr%2FqoTlsmVLgU2%2BrdWvyCOjRgNhrNSMCP%2Bny3YjESTMLeIXBQIyGsLML2j4Z7lM3oTjPXZU6oLafn6r%2FECDloEipFtkxK2E5%2BE%2BwIgMFJDJ36A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache
content-length
0
date
Sat, 30 Dec 2023 14:48:19 GMT
expires
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=8dcf15ef-e7fa-4910-9b99-301f709ccc14&expiration=1711810099
sfp.js
native.sharethrough.com/assets/ Frame 203A 		493 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://native.sharethrough.com/assets/sfp.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-34.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
285ee81ccebfbb0f5cbda88427582e3a10f05dc5abd1e228c0376eef5e9694a7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 13:56:08 GMT
content-encoding
gzip
via
1.1 c110cb09b6758ae195e144da07517b70.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 14:29:54 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1
age
3136
x-amz-server-side-encryption
AES256
etag
W/"8db01154aa022df6061b5dbdc5d3f0dc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
3yZCrlwpki4XExRH9mms9sd-_CndsROOcZylVrCnQKSAl_75wcMYyA==
expires
Fri, 22 Dec 2023 15:29:53 GMT
butler
b.sharethrough.com/ Frame 203A 		95 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.sharethrough.com/butler?type=s2s-win&arid=cb3146ea-629a-4dcc-a98c-e1f8de1e9547
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.184.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-184-111.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:59:55 GMT
via
1.1 7c6d67660968d7bc9fe1773f0d83dce2.cloudfront.net (CloudFront)
last-modified
Fri, 12 May 2023 13:28:48 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P2
age
67702
x-amz-server-side-encryption
AES256
etag
"71a50dbba44c78128b221b7df7bb51f1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
CVeai5V55a4jjqvuEpRgIR5NDj0VSK6msYoqpU0cCAwbcAALVpfrFQ==
i.match
s.tribalfusion.com/z/ Frame EB7C
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEAFrRFFeiFrofTTdIRzgh_c&google_cver=1&google_push=AXcoOmT6goEmAgr1N87Ge2vEBtwq71cksnsedg_1xWZ6oVEMvNs-Icm2cUQEfXJDshRAtSWGBT3376WgirCn7CXRPfVEvkVjHxq1&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAFrRFFeiFrofTTdIRzgh_c&google_cver=1&google_push=AXcoOmT6goEmAgr1N87Ge2vEBtwq71cksnsedg_1xWZ6oVEMvNs-Icm2cUQEfXJDshRAtSWGBT3376WgirCn7CXRPfVEvkVjHxq...
43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAFrRFFeiFrofTTdIRzgh_c&google_cver=1&google_push=AXcoOmT6goEmAgr1N87Ge2vEBtwq71cksnsedg_1xWZ6oVEMvNs-Icm2cUQEfXJDshRAtSWGBT3376WgirCn7CXRPfVEvkVjHxq1&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT6goEmAgr1N87Ge2vEBtwq71cksnsedg_1xWZ6oVEMvNs-Icm2cUQEfXJDshRAtSWGBT3376WgirCn7CXRPfVEvkVjHxq1%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Server
104.18.24.173 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:23 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83db155cacf136ae-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:23 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
297
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAFrRFFeiFrofTTdIRzgh_c&google_cver=1&google_push=AXcoOmT6goEmAgr1N87Ge2vEBtwq71cksnsedg_1xWZ6oVEMvNs-Icm2cUQEfXJDshRAtSWGBT3376WgirCn7CXRPfVEvkVjHxq1&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT6goEmAgr1N87Ge2vEBtwq71cksnsedg_1xWZ6oVEMvNs-Icm2cUQEfXJDshRAtSWGBT3376WgirCn7CXRPfVEvkVjHxq1%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83db155bfc3e36ae-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EB7C
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEA3exreLDS83O4-h4eRjtX8&google_cver=1&google_push=AXcoOmQzs81c7svr_eOx4_UiUK8Ma_BHFIIg8CLs5UtIndZT7aU4Tg51z2LSiLuVxGrbp784ohNkC3yx-iYN2ukOOMd17G5sJvLj
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E2B2A44A78974F3394C09F6A59216CFD&google_push=AXcoOmQzs81c7svr_eOx4_UiUK8Ma_BHFIIg8CLs5UtIndZT7aU4Tg51z2LSiLuVxGrbp784ohNkC3yx-iYN2uk...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E2B2A44A78974F3394C09F6A59216CFD&google_push=AXcoOmQzs81c7svr_eOx4_UiUK8Ma_BHFIIg8CLs5UtIndZT7aU4Tg51z2LSiLuVxGrbp784ohNkC3yx-iYN2ukOOMd17G5sJvLj
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 30 Dec 2023 14:48:18 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E2B2A44A78974F3394C09F6A59216CFD&google_push=AXcoOmQzs81c7svr_eOx4_UiUK8Ma_BHFIIg8CLs5UtIndZT7aU4Tg51z2LSiLuVxGrbp784ohNkC3yx-iYN2ukOOMd17G5sJvLj
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 29 Dec 2023 14:48:18 GMT
pixel
cm.g.doubleclick.net/ Frame EB7C
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRVST...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-4RESxqmCI5RMbFXdTT8orD0MrrWW1o8nttbyKw&google_push=AXcoOmRVSTfbcL1Pj-WhfCg2KWD_xtCfDIlXsldp6QVsxbhMQptcRerM7wgO7Kbg5Y73q_9tiEDDQ1GOWL_p...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-4RESxqmCI5RMbFXdTT8orD0MrrWW1o8nttbyKw&google_push=AXcoOmRVSTfbcL1Pj-WhfCg2KWD_xtCfDIlXsldp6QVsxbhMQptcRerM7wgO7Kbg5Y73q_9tiEDDQ1GOWL_pgNP-_-TnpYro008
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:15 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-4RESxqmCI5RMbFXdTT8orD0MrrWW1o8nttbyKw&google_push=AXcoOmRVSTfbcL1Pj-WhfCg2KWD_xtCfDIlXsldp6QVsxbhMQptcRerM7wgO7Kbg5Y73q_9tiEDDQ1GOWL_pgNP-_-TnpYro008
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
762525
content-length
0
expires
Sat, 30 Dec 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EB7C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEBh9wTTvqp7CdHJqk1IpISo&google_cver=1&google_push=AXcoOmRILNUaYjzYGnzXgxrqKWfIzi0p-Iu6j2MbdPq0ze7jRnE5WQaqsLgO1VlU5xmojehU0uVjIdoYjz2pt...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEBh9wTTvqp7CdHJqk1IpISo&google_push=AXcoOmRILNUaYjzYGnzXgxrqKWfIzi0p-Iu6j2MbdPq0ze7jRnE5WQaqsLgO1VlU5xmojehU0uVjIdoYjz2pt...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRILNUaYjzYGnzXgxrqKWfIzi0p-Iu6j2MbdPq0ze7jRnE5WQaqsLgO1VlU5xmojehU0uVjIdoYjz2ptSA9PcmONnAE4SY&google_hm=T0ZsNGNzZHpKUFg1SnktO...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRILNUaYjzYGnzXgxrqKWfIzi0p-Iu6j2MbdPq0ze7jRnE5WQaqsLgO1VlU5xmojehU0uVjIdoYjz2ptSA9PcmONnAE4SY&google_hm=T0ZsNGNzZHpKUFg1SnktOTUtcng=
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:23 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRILNUaYjzYGnzXgxrqKWfIzi0p-Iu6j2MbdPq0ze7jRnE5WQaqsLgO1VlU5xmojehU0uVjIdoYjz2ptSA9PcmONnAE4SY&google_hm=T0ZsNGNzZHpKUFg1SnktOTUtcng=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EB7C
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENx0bfkwoZA7sjJjKLNQsfs&google_cver=1&google_push=AXcoOmQZ3KmewdOkQAMnWOXJbz2xAvB_jFiQeqHizIJYfLihyNgEd12KjUC5qjSozc7PIAMDfad8ib7i2GwoKyv-sejo7uUsLe_x
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ4MTcyNzIxMzk1NDkxNzUwOTc3Mg%3D%3D&google_push=AXcoOmQZ3KmewdOkQAMnWOXJbz2xAvB_jFiQeqHizIJYfLihyNgEd12K...
170 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ4MTcyNzIxMzk1NDkxNzUwOTc3Mg%3D%3D&google_push=AXcoOmQZ3KmewdOkQAMnWOXJbz2xAvB_jFiQeqHizIJYfLihyNgEd12KjUC5qjSozc7PIAMDfad8ib7i2GwoKyv-sejo7uUsLe_x
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ4MTcyNzIxMzk1NDkxNzUwOTc3Mg%3D%3D&google_push=AXcoOmQZ3KmewdOkQAMnWOXJbz2xAvB_jFiQeqHizIJYfLihyNgEd12KjUC5qjSozc7PIAMDfad8ib7i2GwoKyv-sejo7uUsLe_x
date
Sat, 30 Dec 2023 14:48:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame EB7C
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=654e5941-747b-486c-a326-9c9cd8f9789b&google_cver=1&google_gid=CAESEL195Ib17P9MV9kfW37__fU&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=654e5941-747b-486c-a326-9c9cd8f9789b&google_cver=1&google_gid=CAESEL195Ib17P9MV9kfW37__fU&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTFJmR5LvkL4QZ17MDmVT4n34-qsq4p5MPzXb6uGnC_wOLhE4OTfQ3KefEtONAk-Bu86yoLNuXQN6vjwUBN2oZ8j7IvM8McBA&gdpr=${GDPR}
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=654e5941-747b-486c-a326-9c9cd8f9789b&google_cver=1&google_gid=CAESEL195Ib17P9MV9kfW37__fU&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTFJmR5LvkL4QZ17MDmVT4n34-qsq4p5MPzXb6uGnC_wOLhE4OTfQ3KefEtONAk-Bu86yoLNuXQN6vjwUBN2oZ8j7IvM8McBA&gdpr=${GDPR}
date
Sat, 30 Dec 2023 14:48:20 GMT
server
_
content-length
0
pixel
cm.g.doubleclick.net/ Frame EB7C
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEBmMhRvIPBzMaGDvHjxFyK0&google_cver=1&google_push=AXcoOmSGfP9J84T4Fxmc2rEEjVSxr2GWrQlfk5DxKlgxUeIteCVUiYeg3dEL_RMtoyu...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSGfP9J84T4Fxmc2rEEjVSxr2GWrQlfk5DxKlgxUeIteCVUiYeg3dEL_RMtoyukg2iMcG9icRVXTdBs6LRo-eogQ_nx-9YWPQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSGfP9J84T4Fxmc2rEEjVSxr2GWrQlfk5DxKlgxUeIteCVUiYeg3dEL_RMtoyukg2iMcG9icRVXTdBs6LRo-eogQ_nx-9YWPQ
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
2497c060
date
Sat, 30 Dec 2023 14:48:16 GMT
x-bytefaas-request-id
20231230144816976E6415DF83736374DA
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-231230144816976E6415DF83736374DA-438036BBC61F6212-00
x-cache
TCP_MISS from a23-44-200-105.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
server-timing
inner; dur=6, cdn-cache; desc=MISS, edge; dur=2, origin; dur=14
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231230144816976E6415DF83736374DA
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSGfP9J84T4Fxmc2rEEjVSxr2GWrQlfk5DxKlgxUeIteCVUiYeg3dEL_RMtoyukg2iMcG9icRVXTdBs6LRo-eogQ_nx-9YWPQ
x-bytefaas-execution-duration
4.46
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
01a2a304f3913210a1379270ca8566b26b7d408fc102178d0465e25795079829970f5ebabbc3f9a98627b0e8252ab39a7aba5e2be5b2e2cebad62953de936ffc5f4a596ed8bc3703717c7ac75976b299f069e5a6ebd4777838833b7701ea59dca3
x-origin-response-time
15,23.44.200.105
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Sat, 30 Dec 2023 14:48:16 GMT
attr
cm.g.doubleclick.net/pixel/ Frame EB7C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IYZDLzQ0nJRxQVwId0ZvZZIgnkNDp4SM2U8V-ucCGYYw_XdiMU56-IVd6aT-ZPxsf7ARw5Z2M
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sd
us-u.openx.net/w/1.0/ Frame DB19
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIijdUGW6EtTDa17g4l0x4o&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIijdUGW6EtTDa17g4l0x4o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiHRhDRp0cYzq-Y3QEwAQ&v=APEucNV_xbitWYoLnxanlHYDIS-mIKUw28l31yxnZ1iSwT6AL39olXxt6KoivxJbT1nyaY_d2QHjPfUptfPUwYpayWTduYzqMw
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIijdUGW6EtTDa17g4l0x4o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DB19
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTg0YWY0ODItOWVjMy02NTc0LTU5ZTItMTc5MWVmM2I4MTkx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTg0YWY0ODItOWVjMy02NTc0LTU5ZTItMTc5MWVmM2I4MTkx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiHRhDRp0cYzq-Y3QEwAQ&v=APEucNV_xbitWYoLnxanlHYDIS-mIKUw28l31yxnZ1iSwT6AL39olXxt6KoivxJbT1nyaY_d2QHjPfUptfPUwYpayWTduYzqMw
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 30 Dec 2023 14:48:16 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTg0YWY0ODItOWVjMy02NTc0LTU5ZTItMTc5MWVmM2I4MTkx
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
sync.teads.tv/ Frame DB19
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEFH2Xn7hFdFKaX_snWjk9Ys&google_cver=1
23 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEFH2Xn7hFdFKaX_snWjk9Ys&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiHRhDRp0cYzq-Y3QEwAQ&v=APEucNV_xbitWYoLnxanlHYDIS-mIKUw28l31yxnZ1iSwT6AL39olXxt6KoivxJbT1nyaY_d2QHjPfUptfPUwYpayWTduYzqMw
Protocol
H2
Server
23.51.57.155 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-57-155.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 30 Dec 2023 14:48:16 GMT
pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEFH2Xn7hFdFKaX_snWjk9Ys&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DB19
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MzQ0MzczZTctZjMxZC00YjA5LWExNGEtMDExMGFiM2M2YWNm
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MzQ0MzczZTctZjMxZC00YjA5LWExNGEtMDExMGFiM2M2YWNm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiHRhDRp0cYzq-Y3QEwAQ&v=APEucNV_xbitWYoLnxanlHYDIS-mIKUw28l31yxnZ1iSwT6AL39olXxt6KoivxJbT1nyaY_d2QHjPfUptfPUwYpayWTduYzqMw
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MzQ0MzczZTctZjMxZC00YjA5LWExNGEtMDExMGFiM2M2YWNm
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Sat, 30 Dec 2023 14:48:16 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame F2F2 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
86650
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 14:44:06 GMT
expires
Sat, 28 Dec 2024 14:44:06 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4.js
static.adsafeprotected.com/ Frame 1AB3
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1298974/68196516/4.js?adContainerId=gcc_ry2QZdG_Nu_R6toP75CG8Ac&cbFunctionName=goog_wrapCb_ry2QZdG_Nu_R6toP75CG8Ac&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsa...
  • https://static.adsafeprotected.com/4.js?adContainerId=gcc_ry2QZdG_Nu_R6toP75CG8Ac&cbFunctionName=goog_wrapCb_ry2QZdG_Nu_R6toP75CG8Ac&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=gcc_ry2QZdG_Nu_R6toP75CG8Ac&cbFunctionName=goog_wrapCb_ry2QZdG_Nu_R6toP75CG8Ac&true_pb=
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
3.160.22.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-80.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:02:30 GMT
x-amz-version-id
vKEhI2DDF7x4y1d6KCleNAEq1uB6J8K1
content-encoding
gzip
via
1.1 0f798c5dc07bf9546ee3d4bc341d91a4.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P3
age
456346
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 13 Dec 2023 19:37:39 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
-sefY3KCvYEClmitmO_USDFDPF9blFxxvYd17_t_LdK7JJnsaE4Etw==

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
server
nginx
x-server-name
app46.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=gcc_ry2QZdG_Nu_R6toP75CG8Ac&cbFunctionName=goog_wrapCb_ry2QZdG_Nu_R6toP75CG8Ac&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame BEC1 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.22.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-80.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 08:06:12 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 0f798c5dc07bf9546ee3d4bc341d91a4.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P3
age
7886525
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
e6IF5I_Xr6Qcrzo7ElhYbBAvzxr9jOVeNbW3JlmILT8o0cO227nPJA==
truncated
/ Frame 1AB3 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12a257aaa7d4145d0681594fdb8b98c2440ac00e81806a2ce777cd82201b313b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame 1AB3 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1298974&asId=9a84b939-c383-32d0-2f35-37c294808147&tv=%7Bc:ygbzKj,pingTime:-3,time:141,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:49%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:141,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:49,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B134~0%5D,as:%5B134~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZVYSTA+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1p11%7C1p12%7C1p131%7C1p141%7C1q%7C1r11%7C1s1%7C1t*.1298974-68196516%7C1t1%7C1t2%7C1t3,idMap:1t*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:51%7D&br=c
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 1AB3 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1298974&asId=9a84b939-c383-32d0-2f35-37c294808147&tv=%7Bc:ygbzKl,pingTime:-6,time:143,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:143,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:49,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B135~0%5D,as:%5B135~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZVYSTA+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1p11%7C1p12%7C1p131%7C1p141%7C1q%7C1r11%7C1s1%7C1t*.1298974-68196516%7C1t1%7C1t2%7C1t3,idMap:1t*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:51%7D&tpiLookup=ao:cnz.to*&br=c
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
x-server-name
dt25.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
ad.doubleclick.net/pcs/ Frame FCD9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssfuM2f0HDqg9TEDOwOY0yLcnApODJPCoyfCtNAVC7rkE8U62A53AuU3x8fk5WgfwwfyV-GGpYmYoDyuvraLr7vBgqQ2QIhHUJyAx3vUIXazRbTm0paliMRiRBVdsPsE6BL6QBEXhe31EAMgSde5qGtLVvnBgSiuvdHirlZY1mbpnvT9fUXIiDhto09Lmq-2_x6lb-Vt0zbrz6zab2dYyyzNFnMPJD8VrFKFzkS5rsGlgboWDh9ld_lGUTyNX9PMNctoAMenbULyCVoaKgxIqnAFgMoSBT134LCG_eO0So7e8LD8q1LxMC7ptjEt1-yNWTOkTiDhrE6Dknu2sxIQiKITLH5gS14KJhlo4pwguitx5uQ3IlwJJhvHw-ljMszgjvRdDmPfyDYOrwWcHu5RQHgem_LIfZgz54yJ3PNvQG1S-x6WbkkKPMaZv_P_w_I3e5Daj9v0x4WP1k0dozmHRbrHMJxRvJm856frk7gVM7ygloyQw3E68m_H_c-WfxO06UDyCivmTJA2BP3P9VVizBcN0rimfDQck4cfu9TgE35GDTnWIAF88Af9E_oTS2WEYOGEnWbyXsZonXhaYKs65RSTS-i4A5XgAnVcscIpJTdlWG0nTvLkjg274m4tDiKNrh6aSA202rSrV40goj4ra1A18DKd_3kMxZi-2N3kwCfaPwa9s2VTVkaP2o5fGNGSVavFS8iOtJA00QMf50dGYSpNaEioRgudAx8C3qcDpwcM1kPk8lrMMEwfMwkGgxv6Dw_OX0RAjXPAEt6915vDwl9dKuwlu5pcBkkj3Xocf_78agn2yu86RshVaZY20kYHghKTfUc1gNVaJpInOeofGlvpTe17TxAuqQz9Bh9Pr1_nOgVJtvMQpK3zZWvMSU3G8_Xs24WFU0fy6NP0hoj0lk18Wvk0DdEX1IJq4yZVXfbAEFk1DU9uDDkTXvMNyAH4y9hAKJ_kSyZV_PMqx-CwywOW2uDgoPa2tQsRh2sePEGK1dD9beW2GypvxtnExreGHqmqweyZBQdNy3u9uCWZGjag4zaG1g3L3rKlICqkpFEG6T3-ivgA14YFI5DgGFjPfEX-sOjo-VrBbDGAT8ReM0Tr2x5rvH7_TmCTADFayr1aaNUnnyq3Gx43Tm5awUQqYyPW7XKAacVC4eopoBntDeKtK3ueb9DiuM_h_GYZwrnM_q3J2niknACssdGVFaJ9BgoG7XBIPLC85qi7LxBnwxZFinkEsPaKqqN9XgHVI1nr4JL3-D3xjE4eElUFBIO9mbUsPz3ec39luNzL8pFvZjX4CVdXd9tf9Q1fEOYyxpVd-FEa7VQ-qu_T-XC-HW8nNVqDJTrlOkxc8YWplp9D1KgDABs6tx2BsPPpyuKs6XwnddsP03Oc5mhs-K5mXM85zg-8KzysJgT039VdsEpuYs_5XIvRXmnjjupiCqWD3YggMQ_QChba0VqHH0bfTQYcX1Ga9DzXBnU6BnskJPSVJxS6m-pvwPOIgAr6TH6lz6xj5Z6KrOMHj07JJND2ond&sai=AMfl-YT3P1thlpo5Cmd4Tg2OOMQK5QTkNe3YuU44T9ElgqHGa-U79IlbXO4j25xM2hX7N_68fSiZSPbjbdhEc0_oJ55ZPC_cQJtnQ6IR0ebnQ9_ddUlB9-pZKEX_27eryj9WBbEetRkXqPzAFqdJhjuLpTwwXg0-JrP8icT5AwkE2q3vnvxNGrJfZCrFbm7YZ9y3ChqF6TLdjUhs5lE_MCig-70HkXbuqMxcGEglS3_4wECPzJm42l3N6lqLhv67SYlO6JoJvabwfh9IouJUMkOGRebQLYzcDQ4BR9wnCXVahowVgY6rP9na3ld6kA0yehsp3op_6EYr4di4wu69lk8-5D41Bnno19lWbTnFPAecQ-WbRIkv1KCE7VqKIZj69LEkj5XAoezRC3zcWroggIXcSd-D2jBc12mwid-hsKG9ww&sig=Cg0ArKJSzP34ly7kGJFwEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYWRpbGxhY2NhbmFkYS5jYQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1159&vt=11&dtpt=1158&dett=2&cstd=0&cisv=r20231207.54104&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 1AB3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsu0WuTaS9I01scTd6ZAiCDhDsHe7J2gXhuHQBClQjRo_QjexaQaFdFIbygF0ln0CCMkmL4T132ZneC7PkBZ5aFpRJgIx9mdyQE8ZMVRqTao1ClbCRDFrciOCXnYp9v6aMXJs_WuYPUHDnLkgvZI9kinsjdrn5emhu5AGxAG_iUuYzGGkGthByls_nacVyXY16uOiLJ38lhp-FwQKJpt2jxe3MNBATNUxpz-bkJf-RaE1PxUleZ4t9adfawHZnRKQmbB7UqzNsZkuHNKNfhco_uSJACWak4ap3sZl5nyVzhoO44pHoNrwgvGwn63alI3m2bBdkubpTkTM-mC32FE51Ht_K_wAxEivWdlBX1Ko4uT8e9_CGJfwHqgHSs1_Sv_sv25UDbHO3LFEVzMWDE0GAFIYhQdbMLpmn_eHlxNO4lg7opSOtYWdUuguFI7TezR6Odd56T1WYwL7UmZmYxWbXH903jODk9nmVSMD0M2yUE4aY10rJdazlx_UDvT9lyC2sbur3lyi68QyQlmh_G89IMDgi4xk5Mdifn9q1s-bKjAOwbhVkhCe7MdvyyZ_ggtK4WmNTeK023Hprtt0VsjNqF3by9ttZ3utasiBfLJbFFl08ruERnT0Br8fcHmRnArxb7UWWqwvN18Uf2CSJLYUoJ0sUpk0i97Qmq_TaTyS6k0CpCFK8h-CHHAJS12tSxX4WdHbPFhdz3k3VGbmoW0L0RtFCKx2BRz7JHAERWvLrIJnj7EWZjonF-ulpWRQRxBl8F5786CsV1eFJcVAXTHXLGvPCj8F9u8q_MOtDw4Sv98bPMbjlCW5mw9x5iJqJpt9cYp_bekCtSdTjIqzkvQwi9AItfC_uB-ufCyAql5Mu622HdnvTJABHvsm0UKpF3Ar8A4vU_KGMA5M4n19sFzAQv2gxNma87oCLoADkevQQGJU5YEzYnq1z-ahAM2Uoz-34MQXQt9C0qA8pBszKBBF0iZqW3UO8bec4rJu1SkldkyKu_cpyUTddhpr-BsKzHRc4VSL48G2DY2oIcWD3IVY5KqNBAqZX9C7yW5ESW-oykpJglM8-_952yBUf4_h4vKxWDomJr1KYkJyZD41DA2qDgDEMgvrgryS52CsFcSrkNpGVx9BMuDXMcHEox5UFVEMm3MDWOMK4cdyGu8DVNLx3yLiJsYo4Bdr0siw94kCIvBwBFIF4g8tBl9dHGH8dEBsqfL53-VlwXzRF4ZrHQ0FKXNRpPOXcLqTpSfE0LeKpWYFU0jwU254eSrxtUTIKli5T0FhAT5DpmPZYWKcQfMgeC1NZuVSlijIqVzl0gZpHsaBWCf5rpwQoVeRbwMOCZGUhip-x3CjbTfQW6MLNRuGko434npMu_EQBfHA5NVD1feRaBoR9_sQpCimTbgjinTGyaD5fMHvQGQj9ZSK7kUjzkrMhBpkqE2eZRXBdFCdaBdf7DNsWYgBZj3jp0EzBKV49IUgMm0ceqzK3GMvWyKELG24nv9Qow7uOdIvgmByQtrDmaWRIB6VsZx&sai=AMfl-YRAZNfSyRIxVcbFb14iCkEus7ntPMqM1RRWuvlZ6vA84tpNpG_0WsrbXANS5mLi3hWO4jQGkiuQEUrQE6cS--OmX-OFGWxLf6JqvetlibSsv9s0MsiMN8YCOjMEkOwrWcPh_Pl-1Y8H8lLmUYUcWhaI66PmgDFkXvZq8kE5ojnI1i7BQbuadj87xS-VOf0-FS1CIKvhQ1wkHQahb7ap91CvH6lhEg-_c1Iit8CJ8YS1N09y2VEVlK0fd0IMwl-bnkNYwu3B0WJWeFntw7uIuXav1knzqsZd4gY0twhL6jD12mvPjFIpPyL-W7p1kEZKAay-xUryNhIMx8DtFq7wmuRuCUy0nKQNzX00aA9OfXGvPcgvsJ49zjTv1t5qf7_LoPVGpPNzk2TZqMXgHEluNvwGPsjEMFcEAt3inRL4vg&sig=Cg0ArKJSzH8t-bJVNQ1kEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYWRpbGxhY2NhbmFkYS5jYQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=259&vt=11&dtpt=258&dett=2&cstd=0&cisv=r20231207.39527&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 3E50 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
339190ec304bd927dca44088df9acf2b6cebe2b2adbbed7504d5f6e85509e63a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/12455646190286929920/ Frame 0998 		20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12455646190286929920/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
73737a4ea074b9a142dce919f28b812cfe103dc521f78b16ecb3d550f2b00616
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
111330
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5926
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 07:52:46 GMT
expires
Sat, 28 Dec 2024 07:52:46 GMT
last-modified
Tue, 24 Oct 2023 13:23:58 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame AA3C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstdXwioqmwAAwHKq_xgxkkPspJ1LdmD9RKleh4l1zlTmjq4XpDgATsCp0mbGI_hlSLCOGQXls1x9Hn4og7IlZmb77rqpwa_irJsTi8u5yIntrov1OIBPGNi19GPjZQtOXdaAx7g7zC_HKyoR-JYBowtUNd-spjgTS11kEAAXGemN4mFizo5ul3lhpfQGZCpifu0&sai=AMfl-YTwMgtrtUyaU9SxYlHbXNuN9L3Q9Wyyf6sTg-UqIkvVDpHhFV0jbHplbthRfLeTXg-_7Oa_8k2A8yM2JuFuxzlOEf2neFjZiXpMPWjzsiGrd0NieEgMqIaBclaY3SADtxxq5Ebi9gz9Ufuwe-UU4khR3aeQHVJC1ToYrM4q38LUuh9R8Glx&sig=Cg0ArKJSzPQSLsDHkIE8EAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9hZGlkYXMuY2E&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=339&cbvp=1&cstd=335&cisv=r20231207.34066&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 1AB3 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1298974&asId=9a84b939-c383-32d0-2f35-37c294808147&tv=%7Bc:ygbzLF,pingTime:-2,time:225,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:78,mdZ:121,beA:187,beZ:188,mfA:191,cmA:192,inA:193,inZ:196,prA:196,prZ:230,si:237,poA:238,poZ:262,cmZ:262,mfZ:262,loA:329,loZ:331,ltA:411,ltZ:411%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:49%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:225,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:49,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B217~0%5D,as:%5B217~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZVYSKJ+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o.1298974-68196513%7C1o1%7C1o2%7C1o3%7C1o4%7C1p1.1552256-76024099%7C1p11%7C1p12%7C1p131%7C1p141%7C1q%7C1r11%7C1s1%7C1t*.1298974-68196516%7C1t1%7C1t2%7C1t3,idMap:1t*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:51,sinceFw:173,readyFired:false%7D&br=c
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
container.html
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4076 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 14:48:14 GMT
expires
Sun, 29 Dec 2024 14:48:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame FCD9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1298974&asId=408a6d4a-259f-badd-b9cc-791dd0d5ea17&tv=%7Bc:ygbzM9,pingTime:-10,time:804,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw0ODB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1703947696796%7C%7C226049344b1f7f0f5d24adc497af1e14%7C%7Cf5ef61ca1e560a2377dfd6c236fd3eb9%7C%7C0bf8aabafb8f66b175d98c815eeb66f3%7C%7C541a884a67a533503093db019c781159%7C%7Cdc5148ffba616bb5ca6ec5a424798984%7C%7C0da782e5cc126c2fc531a7e737551114%7C%7C20b1d1adf2c053a0de9ece7c2b83aade%7C%7C1663701684,im:%7Bpci:%7Btdr:635%7D%7D%7D
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
x-server-name
dt24.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame EA5B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0xMLEP5w5UtxVn9LpkdoQWh-2n5nIfi6W_-xxixMqXcLk8WeR5Msu5IXNQSl6Dkulyy9oJe9DZJ9fPAo2u9jSTFvmFeTsaMDmCLKpUshAroGVNFyExHTfIMzjF5g4Icb6tpxD3MXE0hI_-bWwpsbB_0sP&sig=Cg0ArKJSzPmvhUR04LWFEAE&id=lidar2&mcvt=1036&p=1100,614,1200,934&mtos=1036,1036,1036,1036,1036&tos=1036,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=536790681&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703947695488&rpt=277&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame F2F2 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 00:06:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
52892
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Dec 2024 00:06:44 GMT
fe90b894.svg
s0.2mdn.net/sadbundle/12455646190286929920/images/ Frame 0998 		608 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12455646190286929920/images/fe90b894.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12455646190286929920/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
f7b3649f3de96765a234a0daaff2fd4322924a2904604b416ea4817d850f07d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12455646190286929920/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Mon, 23 Dec 2024 01:41:51 GMT
date
Sun, 24 Dec 2023 01:41:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
565585
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
374
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 13:23:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
c77b2caf.png
s0.2mdn.net/sadbundle/12455646190286929920/images/ Frame 0998 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12455646190286929920/images/c77b2caf.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12455646190286929920/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
345c48b53db49f4ac7c824dec7e8399bc84c87de16b3880fc0a812c0b2322ae5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12455646190286929920/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 25 Dec 2024 16:53:20 GMT
date
Tue, 26 Dec 2023 16:53:20 GMT
x-content-type-options
nosniff
age
338096
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18290
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 13:23:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
51f69f54.png
s0.2mdn.net/sadbundle/12455646190286929920/images/ Frame 0998 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12455646190286929920/images/51f69f54.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12455646190286929920/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
135f1dd493460ff5b59f79a6d90ff4937f83b135333ea54e50a2f83c18289a78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12455646190286929920/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 25 Dec 2024 16:53:20 GMT
date
Tue, 26 Dec 2023 16:53:20 GMT
x-content-type-options
nosniff
age
338096
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1342
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 13:23:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
4eef6a58.png
s0.2mdn.net/sadbundle/12455646190286929920/images/ Frame 0998 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12455646190286929920/images/4eef6a58.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12455646190286929920/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
bc34e6a3b885e2c355cc95c15f5e620571ee7d2c6d2ec95a26ec8c7b0f151a2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12455646190286929920/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 28 Dec 2024 07:52:46 GMT
date
Fri, 29 Dec 2023 07:52:46 GMT
x-content-type-options
nosniff
age
111330
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2989
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 13:23:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7AAC 		482 B
213 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiHRhDRp0cYzq-Y3QEwAQ&v=APEucNUIo0tMa9xg2vQu0hNfbCdsgATNlvS2-E_hRWIPcaaJ12iv1NBo9fI1hQx0iL2srJxZWtd7PcNpoEeSTb7RIPsDhx5oYQ
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 14:48:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1298974/68196516/ Frame 4076 		255 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1298974/68196516/skeleton.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.90.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-90-71.compute-1.amazonaws.com
Software
/
Resource Hash
1779a397750dac1412b68b673aeb2b6471e7491463309b08494715c278bda13e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
5080887523823338372
s0.2mdn.net/simgad/ Frame 4076 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5080887523823338372
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
41a23ef1bcd8162ad53e411eded278b23d15f8c3aaa403711cb8af5cc307d2cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 29 Dec 2024 08:22:45 GMT
date
Sat, 30 Dec 2023 08:22:45 GMT
x-content-type-options
nosniff
age
23131
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78006
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 20:20:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 4076 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 01:12:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
48968
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 01:12:08 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 4076 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 17:51:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
75397
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 17:51:39 GMT
view
ad.doubleclick.net/pcs/ Frame 4076 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvqWCwbZm3dNY5xJgUc3-qvJI8CpEoResxeUb8cN55Y05Inyw14y3sILdy_UsaFkMDwvxtGbZ-1Pzxbzq2Vpn5i4u_pyobMCXccAFszr0qy7AKXgkqhF3kdvVNBmecF4oT0P1nzm0dQDH_n3p8I8lvCOEDoyVUikoa-jHX4X-vIL6SWgVioM5jRGr4_hlgy2-R_5U6l21okvT4I6cHDa1dxyD3ARWDQROQJTarRXB-me3M53NcLCuTO73DKC--oUgV5YpHyulO3FhfKjjbtzK4W3PPsg2Ax-EM3n7LjJqFPdXcJ8IAN4Nnv3XJEDNEv73C9LBNc3IFtMVnUuZC-uRQ6lMoHTdunT1K3d3jZ8kLwH66aq2RJymngRFjtiKtbb8jMeV1sssPp0Hzlxqt7hLnsUlv_O25-UB0hHv4tcgVdM0PSmh3JkSBHSo9qAsSHGuM7xZON1XFSvds1LzvRFhYKwBjulx2QTZnuAkE78HY5jTmuy7tpHnqrKjaBy33MDtjdF-HThsYdqyU6KL3PID9Av3EX8-gZ852lMDHdkI2xtSgwYtTUvbMrShKXanZQ62q77KEXyVMpEv98m5NdEv2mCoV7H10VbiMVFoayHJf0nBlWgRhDBQua3_RBohRjtwmWXt2vjQzEjlWneTG5tTKQnC99lh2TiFpLiSpkMuDH_h478ZwiceqN3zyIlMSWkt9KSnrMU1b7lJskrYnubVenmgQdDFWm-I7FA7gjzxXDUN5CTaB386tkZ4Semo63kxnCfCPGqbFwqXG8cKKOx9yhk3ztsYe709OMpI8ceQdSUET3pjWinjHR-v2BC17bJxYiarOWHVYlLkto5aJngXs7eYQd71y_iiOeuoPvMOy5lLNm-7vAype9UiKaSb2z969a49cNsu7Jvk1uGOUsXDEj40cOoGN2aSNnF2vlup2trbZA_FFp2YIN-Sz9bb0L8d9T1xy-euqd_GtP7VqAMQnFsD4lEfmqUYwSXlDlmEkKFc8tKiemrKTSBZ9TRi_AHSKBBqCoiB8Ae37PGtzcHfMcY8U2i3W9Y-RJ1td73gasBSaCfMfJz_0EUBaTLl4QQf5bRE4plwb2eNWmmJg9_BqmDrdjV38p-sCTJqE09XEPdvhHMcr8q38kBz-cIUfyg4Ts2z3El7Bxxm9UOnbFihvxYFrXr0qUNGHhc5zHopnR9IlabQWz3CsDxMh1cokeyrMKUyfAQR5tEJ08nvmV5HxuXjo0_H9USsfDRwwOYawIl_D6mJl7WbJ213kwEfTFWDgLuRzuObBn7DMfIdtcYm0kxYYJgJ41zErPK_TrWLv4YAWsj1aTTN38arCkxxAN9me65ev4kttaH7T5yoCu7hGXdaKELVJrKksMmBui15d4RC2BZcLo8wYE2jLHHsaPGDqwnTCOjGU-RlYq6txsEwIXIMgtywrHZcsSUiib5HhaIACsLIRXuZlQJyyZs5Bs-qpclvkfBu6pGIUDP1kaScDPYDQpeRecQR3mt42xtNaKJigj&sai=AMfl-YRO9QHwvq7ze523DxTXMLODeFlEsUnptfC83dyC26jvzgg_mX7DAVypEJrjoxY_gA_yVAwTkTJ46QBx0y-dZQE6s039Ktnmk25HddNslZBxVs9VHtaTuI1YDOOnZnd9KkzU7Ep-wtcsYjtW-6b_LRuKnXagzqkTXWYj2zQcYPll2aH-MpIa0GaGvMfjR0TO_aWDlIlZNZpcPyiqDDZ9yujpsu_PfTu0RWy8-BRXB4p3uMD_Pe9l46dBxTwqBX64Q4Vhyu7elAsvOao3vw8Wg-t58xT1tvx5CzT4zecIrNO6wPWd9FZqLJiC-uS6wzFdjjrzmtCadyb7YoNgjUvJ14MAablPryO7_oHyYQcljmVnJbhx-sCBZdu7JWIleZ8dfI0Ri7w25rOEREi6sy3T8gYYwgaR7GW9LTTaP9eAOg&sig=Cg0ArKJSzN8oZ_4J2meGEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYWRpbGxhY2NhbmFkYS5jYQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231207.81251&arae=0&ftch=1&adurl=
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 30 Dec 2023 14:48:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 4076 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 13:17:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
5466
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Dec 2024 13:17:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4076 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 00:27:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
51627
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 00:27:49 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4ABE 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
19068
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 09:30:28 GMT
etag
48472445140208031
expires
Sun, 31 Dec 2023 09:30:28 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4076 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 00:24:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
51800
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 00:24:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4076 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BzLMCVWVOKLxPtA0_4RJghIBL8jtMgl3k6cLwCzH_NQFu2jUCZ4ERNJL0xRbI38S2qtQFVii4z1bPBSSVJR9lyNsRvk5Rait2rX_vp5GbAIpinJnk
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 4076 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyHG-g8cdeYBObi1HHwhLA3kDefzTTcdxM0rHDTUw7g01jaMoGJMXFp685Zg7V8Yg4fp2SgkjI_TYoNy0Dlns9yqgqAA
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4076 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:48:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ACB0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BMdjDsC2QZfkS9p3EA62qjpgJAAAAADgB4AQC&bg=!xMelx4jNAAY3kmNgF5I7ADQBe5WfOCmpj7PdtY7tV1hLPIQWSRBMqF8lLL8IgCJQ3DcV_lBxLWMTpGNgQsqzWkm6H3_YAgAAAfxSAAAAA2gBB5kDkESJ7bH4ykDovPx4HZ5qtZXh-UYemH3DRTiAQVz37qP598sEldP6fK08P40rqdylB9dQGiybqwP8PdVnQxWOOjBrW0i-XLTmdcl2XOKnNwMrtpLsF3I9n_hp_Vybm84sQ2NqT-2rqOE6rQybh7JYwF5LXhfV_9ZNetOqVe9UAF3mb3-I_i6y-yq6nZ2rUBFKwSpnj13bK15rK7J_7HhB1gGCHN4C5yhpQ3HRbJ3EpYoDtukQ6CVFwCT-htndQJBcxtFgljHjwCkS9CC3HowiWl5Wfzyd8xy-dp0F9NxLmoEwmnHFwsrRZxW7zjm4_qduP20U9xMEwXOK_1299l1QTAFCxgwdrKArYeyRnabHH-ZTFl0a8-WMibRu2Hq2kn49kgx5iI2DtI8Xel4yJBS_EhW4OvFzDF-tyaJp0k0eLf0YniYYtRXrKbmA2FdbM0GkrRZY5MZitGZAyC_4vXGqcCYGC9qek2h9ziH_9x92QqW2rueoXrrEy0ulH5cO7WeMU3jOEZmvLZ8LyvT2QvBZOnmYj8YkK_LQTPPOivgDVBoopLtthf1HNCsqXC2NSWnFIQaonwsAXpW09B4XsFaLSDrvgF49QEk6jC56LTrSe_JVk0fl8GyiyliJyxC_3FbQdizHcfy2uqc0YO-DRt3kYDQSm2XOPxdhsyUwNtRTXWorhGbFBe8T9DnJJphhowB86pm4tdT96YDvUX7XyW_L0Ex_K-YWjY74pQaCazAjfKgGsJQZFRGPeiHuccllK8VwKJPAiIQySPUZOwHbgbXmFLdIOWMnYWvgV6mJ7dVHC9xaRC5jkjr1L6wS9GiW6x3aqWysR9FPQel1WNJUN6Q_mr06c81Ke364tfpjTc7vNTSAvInwshFluPUS65SZOK95o6agVgtZMjVdYdKldjWMT891Y_xJLX2EVSkAMUWEVFwaryY8hKozAup-GL7wsyqHofOvZqT5BGWbVqMnB_l-NlSwB-62pzUlPDoJ_okdFCVCVeoTPJSeqmT3I8Z6V26DDIkGQ_f2ZEyIYL15AnEL48Ri5ZF35M0dweuB5E1mVtIsbE4jCC6IRi3h5aqT1OtOh8iDXSgTwAHnX7F6HnxSP6YDOZemeN2q3W1j1FDNbEl7cxfFqFaMF0pAicidDaJhfxnxSV0iovOo21q2T7biuFI-_GZ9u40vTTvAo61TI7erfgIdDh-suqidVV7JvDsxeQ
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
ad.doubleclick.net/pcs/ Frame AA3C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstdXwioqmwAAwHKq_xgxkkPspJ1LdmD9RKleh4l1zlTmjq4XpDgATsCp0mbGI_hlSLCOGQXls1x9Hn4og7IlZmb77rqpwa_irJsTi8u5yIntrov1OIBPGNi19GPjZQtOXdaAx7g7zC_HKyoR-JYBowtUNd-spjgTS11kEAAXGemN4mFizo5ul3lhpfQGZCpifu0&sai=AMfl-YTwMgtrtUyaU9SxYlHbXNuN9L3Q9Wyyf6sTg-UqIkvVDpHhFV0jbHplbthRfLeTXg-_7Oa_8k2A8yM2JuFuxzlOEf2neFjZiXpMPWjzsiGrd0NieEgMqIaBclaY3SADtxxq5Ebi9gz9Ufuwe-UU4khR3aeQHVJC1ToYrM4q38LUuh9R8Glx&sig=Cg0ArKJSzPQSLsDHkIE8EAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9hZGlkYXMuY2E&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=509&vt=11&dtpt=170&dett=3&cstd=335&cisv=r20231207.34066&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 4ABE
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP8cdg__PDKru0eY1w_uBn8&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP8cdg__PDKru0eY1w_uBn8&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SXdGWFJUbm8xUmpBRHE1&google_gid=CAESEP8cdg__PDKru0eY1w_uBn8&google_cver=1&google_push=AXcoOmSrC7KhQwD9_6SBqbiktcknR97dRkEBSWkM3O26XU9...
170 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SXdGWFJUbm8xUmpBRHE1&google_gid=CAESEP8cdg__PDKru0eY1w_uBn8&google_cver=1&google_push=AXcoOmSrC7KhQwD9_6SBqbiktcknR97dRkEBSWkM3O26XU9iXUGO1Ovd763nNlwRmAH4Bz97W2eQRDtrBR7NMKycOejZ3ioc7Yo
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:19 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-050a7cc73d01a1a5a@us-east-1d@dxedge-app-us-east-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SXdGWFJUbm8xUmpBRHE1&google_gid=CAESEP8cdg__PDKru0eY1w_uBn8&google_cver=1&google_push=AXcoOmSrC7KhQwD9_6SBqbiktcknR97dRkEBSWkM3O26XU9iXUGO1Ovd763nNlwRmAH4Bz97W2eQRDtrBR7NMKycOejZ3ioc7Yo
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4ABE
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEA3exreLDS83O4-h4eRjtX8&google_cver=1&google_push=AXcoOmT5v4dPeBfgl_ElmBXMYYVPY6O80DUghDHGjoQrD7a-o3wvPp6tS7-1aEcyV42GQo_oLzoXA1484e8YzJVnF6zisiim27RM
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D42EFDD7087845AF9680AB8957760C74&google_push=AXcoOmT5v4dPeBfgl_ElmBXMYYVPY6O80DUghDHGjoQrD7a-o3wvPp6tS7-1aEcyV42GQo_oLzoXA1484e8YzJV...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D42EFDD7087845AF9680AB8957760C74&google_push=AXcoOmT5v4dPeBfgl_ElmBXMYYVPY6O80DUghDHGjoQrD7a-o3wvPp6tS7-1aEcyV42GQo_oLzoXA1484e8YzJVnF6zisiim27RM
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 30 Dec 2023 14:48:18 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D42EFDD7087845AF9680AB8957760C74&google_push=AXcoOmT5v4dPeBfgl_ElmBXMYYVPY6O80DUghDHGjoQrD7a-o3wvPp6tS7-1aEcyV42GQo_oLzoXA1484e8YzJVnF6zisiim27RM
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 29 Dec 2023 14:48:18 GMT
pixel
cm.g.doubleclick.net/ Frame 4ABE
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEC-hFb0XUuHNH1__ZV8fWB4&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NGIzOWUwNDctMWE2Ni00ZWFmLTkxMjgtMjMxYWI5ZmQxZGRm&google_gid=CAESEC-hFb0XUuHNH1__ZV8fWB4&google_cver=1&google_push=AXcoOmRb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NGIzOWUwNDctMWE2Ni00ZWFmLTkxMjgtMjMxYWI5ZmQxZGRm&google_gid=CAESEC-hFb0XUuHNH1__ZV8fWB4&google_cver=1&google_push=AXcoOmRb8QIEWkTk0qNJQRGq-rU1oy2rB-4RQnJnLzLH95AovsQqcMv2pWRb0vJW-RLydS1JgOPpKH9_P1U50yCuPFV3-NkBZ-Q
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NGIzOWUwNDctMWE2Ni00ZWFmLTkxMjgtMjMxYWI5ZmQxZGRm&google_gid=CAESEC-hFb0XUuHNH1__ZV8fWB4&google_cver=1&google_push=AXcoOmRb8QIEWkTk0qNJQRGq-rU1oy2rB-4RQnJnLzLH95AovsQqcMv2pWRb0vJW-RLydS1JgOPpKH9_P1U50yCuPFV3-NkBZ-Q
date
Sat, 30 Dec 2023 14:48:17 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4ABE
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQdYipxMF1HNUCgB7_N6kZ23nLeSPghdbp0Yuc3w1vtCsXCqBGaLUjS8jANbIMN-xCkxH2wr_fs4I...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQdYipxMF1HNUCgB7_N6kZ23nLeSPghdbp0Yuc3w1vtCsXCqBGaLUjS8jANbIMN-xCkxH2wr_fs4I4WTRdN55qmo9Simv8&google_hm=a922f506-4180-4c4c-97f...
170 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQdYipxMF1HNUCgB7_N6kZ23nLeSPghdbp0Yuc3w1vtCsXCqBGaLUjS8jANbIMN-xCkxH2wr_fs4I4WTRdN55qmo9Simv8&google_hm=a922f506-4180-4c4c-97fe-693780e706eb
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:20 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-150
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQdYipxMF1HNUCgB7_N6kZ23nLeSPghdbp0Yuc3w1vtCsXCqBGaLUjS8jANbIMN-xCkxH2wr_fs4I4WTRdN55qmo9Simv8&google_hm=a922f506-4180-4c4c-97fe-693780e706eb
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4ABE
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESENqahe8Fd3bkYR8jZrhyGfM&google_cver=1&google_push=AXcoOmRNlNrefZf7eqLlzz9soT3StF25l3CFni5ezIeF_pz7sWu4h1ptSC8_KUOBdzRjSXude4kwa...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRNlNrefZf7eqLlzz9soT3StF25l3CFni5ezIeF_pz7sWu4h1ptSC8_KUOBdzRjSXude4kwav3f02AhTdpNhKVd-PRlxuUM&google_hm=WlpBdHM4Q28...
170 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRNlNrefZf7eqLlzz9soT3StF25l3CFni5ezIeF_pz7sWu4h1ptSC8_KUOBdzRjSXude4kwav3f02AhTdpNhKVd-PRlxuUM&google_hm=WlpBdHM4Q284WDBBQUthLVFOUUFBQUFB
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Sat, 30 Dec 2023 14:48:19 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESENqahe8Fd3bkYR8jZrhyGfM&google_cver=1&google_push=AXcoOmRNlNrefZf7eqLlzz9soT3StF25l3CFni5ezIeF_pz7sWu4h1ptSC8_KUOBdzRjSXude4kwav3f02AhTdpNhKVd-PRlxuUM","cluster_id":0,"gdpr":false,"ipv4":"185.213.80.43","key":"ZZAts8Co8X0AAKa-QNQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad257"}
X-SO-Key
ZZAts8Co8X0AAKa-QNQAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad257
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRNlNrefZf7eqLlzz9soT3StF25l3CFni5ezIeF_pz7sWu4h1ptSC8_KUOBdzRjSXude4kwav3f02AhTdpNhKVd-PRlxuUM&google_hm=WlpBdHM4Q284WDBBQUthLVFOUUFBQUFB
Cache-Control
private
X-SO-HostName
m-ad257.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
21
Content-Length
0
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
X-SO-IP
185.213.80.43
pixel
cm.g.doubleclick.net/ Frame 4ABE
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESELhNNFBE8FErlf0Af5uVMis&google_cver=1&google_push=AXcoOmTRp4HE05Lrs9tqOQJGxK9xkpC6APcqrtAVpI6hM5SG7sQZ_cauRgeYBRjBSa2uAPP-YfYTl4Zpe-xX5I3nd...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZGFlMDhhMjMtZWQ1Ny00NWMxLWEzNDItZmUwMTdhOWIxYWYz&google_push=AXcoOmTRp4HE05Lrs9tqOQJGxK9xkpC6APcqrtAVpI6hM5SG7sQZ_cauRgeYBRjB...
170 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZGFlMDhhMjMtZWQ1Ny00NWMxLWEzNDItZmUwMTdhOWIxYWYz&google_push=AXcoOmTRp4HE05Lrs9tqOQJGxK9xkpC6APcqrtAVpI6hM5SG7sQZ_cauRgeYBRjBSa2uAPP-YfYTl4Zpe-xX5I3ndmOv2C2z0EHwAA
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZGFlMDhhMjMtZWQ1Ny00NWMxLWEzNDItZmUwMTdhOWIxYWYz&google_push=AXcoOmTRp4HE05Lrs9tqOQJGxK9xkpC6APcqrtAVpI6hM5SG7sQZ_cauRgeYBRjBSa2uAPP-YfYTl4Zpe-xX5I3ndmOv2C2z0EHwAA
date
Sat, 30 Dec 2023 14:48:20 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4ABE
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENNTdsFIf...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=1b5adac0-e56f-4876-8fdb-b83d18162df4&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=1b5adac0-e56f-4876-8fdb-b83d18162df4&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=1b5adac0-e56f-4876-8fdb-b83d18162df4&%%GOOGLE_PUSH_PAIR%%
Date
Sat, 30 Dec 2023 14:48:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 4ABE 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LW3P2GDgwmlr0YgWUliVESJl7aK4FJx72Pcxw-r28aqLM9AAIpJcPb6NH9YGY9VAXh9J_34vs
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
css2
fonts.googleapis.com/ Frame 203A 		2 KB
683 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f10.1e100.net
Software
ESF /
Resource Hash
0ff4fe886c21f09a3ba144b93e3eb818a5152eaac69c25fce50a31677078c533
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 30 Dec 2023 14:48:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 30 Dec 2023 14:07:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Dec 2023 14:48:17 GMT
sync
ssbsync.smartadserver.com/api/ Frame 29E3 		764 B
866 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=47&gdpr=0&gdpr_consent=
Requested by
Host: native.sharethrough.com
URL: https://native.sharethrough.com/assets/sfp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.83.76.39 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
48624b95958abdc5cce2c48ba8b3a5a17e0a9e70f1335bb0e40d7367f257159e

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
764
content-type
text/html
date
Sat, 30 Dec 2023 14:48:16 GMT
usync.html
eus.rubiconproject.com/ Frame 9E1F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=18694&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=18694&gdpr=0&gdpr_consent=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=18694&gdpr=0&gdpr_consent=
Requested by
Host: native.sharethrough.com
URL: https://native.sharethrough.com/assets/sfp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 30 Dec 2023 14:48:17 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 30 Dec 2023 14:48:17 GMT
location
https://eus.rubiconproject.com/usync.html?p=18694&gdpr=0&gdpr_consent=
server
AkamaiGHost
adchoice.png
sdk.sharethrough.com/ Frame 203A 		0
0
butler
b.sharethrough.com/ Frame 203A 		95 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.sharethrough.com/butler?type=is_experiment&arid=cb3146ea-629a-4dcc-a98c-e1f8de1e9547&pkey=k4kjjO3O7TJj3fjbf3yufYeA&supplyId=47b99924&tkey=300x600&ckey=17CzF5ktQoN1vCLa3wP58vYU-418954249&umtime=1703947696967&experiment_id=2023-q3-aug-sanity&experiment_variant_id=control&gcid=d0708082-9dc8-49e8-907e-af54d0355a85&action=banner&awid=f7ec18a6-b0e7-4340-9c8a-7ab9d5cf3eb1&sourceId=17CzF5ktQoN1vCLa3wP58vYU&renderEnv=safeframe&version=gc-1097-e5d911a1
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.184.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-184-111.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:59:55 GMT
via
1.1 7c6d67660968d7bc9fe1773f0d83dce2.cloudfront.net (CloudFront)
last-modified
Fri, 12 May 2023 13:28:48 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P2
age
67703
x-amz-server-side-encryption
AES256
etag
"71a50dbba44c78128b221b7df7bb51f1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
NKzVyj04A8Eh0mGph8EbTICXV9vEBtOTl7dnsOwbqj4SZCaG1dp5bA==
butler
b.sharethrough.com/ Frame 203A 		95 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.sharethrough.com/butler?type=impressionReceived&arid=cb3146ea-629a-4dcc-a98c-e1f8de1e9547&pkey=k4kjjO3O7TJj3fjbf3yufYeA&supplyId=47b99924&tkey=300x600&ckey=17CzF5ktQoN1vCLa3wP58vYU-418954249&umtime=1703947696968&bootTime=462.00&benchmarkBoot=0.5999984741210938&butlerLatency=5.500&gcid=d0708082-9dc8-49e8-907e-af54d0355a85&shouldEnhance=0&action=banner&awid=f7ec18a6-b0e7-4340-9c8a-7ab9d5cf3eb1&sourceId=17CzF5ktQoN1vCLa3wP58vYU&renderEnv=safeframe&version=gc-1097-e5d911a1
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.184.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-184-111.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:59:55 GMT
via
1.1 7c6d67660968d7bc9fe1773f0d83dce2.cloudfront.net (CloudFront)
last-modified
Fri, 12 May 2023 13:28:48 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P2
age
67703
x-amz-server-side-encryption
AES256
etag
"71a50dbba44c78128b221b7df7bb51f1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
2UomFdXpLCCsYmseBTskmLUkj8G8E8d48z_SuU4CyqQSFLltHDaVdQ==
butler
b.sharethrough.com/ Frame 203A 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.sharethrough.com/butler?type=groundControlPresent&arid=cb3146ea-629a-4dcc-a98c-e1f8de1e9547&pkey=k4kjjO3O7TJj3fjbf3yufYeA&supplyId=47b99924&tkey=300x600&ckey=17CzF5ktQoN1vCLa3wP58vYU-418954249&umtime=1703947696969&action=banner&awid=f7ec18a6-b0e7-4340-9c8a-7ab9d5cf3eb1&sourceId=17CzF5ktQoN1vCLa3wP58vYU&pwidth=300&pxoff=1100&pyoff=1996.421875&twidth=0&renderEnv=safeframe&version=gc-1097-e5d911a1
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.184.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-184-111.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:59:55 GMT
via
1.1 7c6d67660968d7bc9fe1773f0d83dce2.cloudfront.net (CloudFront)
last-modified
Fri, 12 May 2023 13:28:48 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P2
age
67703
x-amz-server-side-encryption
AES256
etag
"71a50dbba44c78128b221b7df7bb51f1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
BLnSUwCh-WHDLFVyrYp9i-U-JiUgZgeFUCsXs3CbI_Fnu4uFSbHP8g==
Pug
image2.pubmatic.com/AdServer/ Frame A673
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252F...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252F...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTcyQUYzQ0MtMEY1Ri00NERDLUExNjYtRDk3Rjg3MUU2MzUw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
0
v1
match.sharethrough.com/sync/ Frame A673
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=41&p=244&cp=sharethrough&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&url=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7658cb1d77a660882b48...
  • https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-CjtswqmCI5RMbFXdTT8orD0MrrWtUtkP97iDww&gdpr=0&gdpr_consent=&us_privacy=1---
0
0
/
ssc-cms.33across.com/ps/ Frame A673 		0
0
v1
match.sharethrough.com/sync/ Frame A673
Redirect Chain
  • https://cms.quantserve.com/pixel/p-_jQ037pSmtjhN.gif?idmatch=1&gdpr=0&gdpr_consent=&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
  • https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=DgeRQgpWyRYVBJsXAASFSg5UnkQVAspFXlTa3sww
0
0
cookiesyncredir
bttrack.com/pixel/ Frame A673 		0
0
v1
match.sharethrough.com/sync/ Frame A673
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=ae9fa611-1916-4d55-ab82-f7eea3328191&gdpr=0&gdpr_consent=
0
0
v1
match.sharethrough.com/sync/ Frame A673
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2...
  • https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=7a46d275-e5f0-063d-09a9-6b622f12ed99
0
0
v1
match.sharethrough.com/sync/ Frame A673
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1294&gdpr=0&gdpr_consent=&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1294&gdpr=0&gdpr_consent=&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
  • https://match.sharethrough.com/sync/v1?source_id=tYyXe2fcCnEgDUj176HQNZKu&source_user_id=6172223941383628484&gdpr=0&gdpr_consent=
0
0
v1
match.sharethrough.com/sync/ Frame A673
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=15&gdpr=0&gdpr_consent=&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-9c15b727-5578-5f51-494b-e4101fd4cbe1$ip$185.213.80.43&gdpr=0&gdpr_consent=
0
0
v1
match.sharethrough.com/sync/ Frame A673
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=YmE5YjQ4YmMtNWM0OC00ZmYzLTkxZmUtMjZkOWViZTJlMjcw&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
0
0
v1
match.sharethrough.com/sync/ Frame A673
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A&gpp=DBABzw%7...
  • https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=ZZAtrgAKzRwSbwBd
0
0
v1
match.sharethrough.com/sync/ Frame A673
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=%24UID&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmatch.sharethrough.com%252Fsync%252Fv1%253Fsource_id%3D0e8893f90b606c9c5d33f1be%26gdpr%3D0%26gdpr_consent%3D%26source_user_id%3D%2524...
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=2963816996209011993&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=
0
0
ping_match.gif
pm.w55c.net/ Frame A673 		0
0
current
stx-match.dotomi.com/match/bounce/ Frame A673 		0
0
sharethrough
sync.1rx.io/usersync2/ Frame A673 		0
0
v1
match.sharethrough.com/sync/ Frame A673
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/sharethrough/ba9b48bc-5c48-4ff3-91fe-26d9ebe2e270?gdpr=0&gdpr_consent=&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
  • https://match.sharethrough.com/sync/v1?source_id=BVbSRuzbUWjBEF6bQrmLHKkX&source_user_id=y-6ZgXPoFE2oM4OZK6UsjgcJemeVf47OAncXxYOhAZ2TI2~A&gpp=DBABzw~1---~BqgAAAAAAgA
0
0
redirectuser
ssp.disqus.com/ Frame A673 		0
0
sync
ssbsync.smartadserver.com/api/ Frame A673 		0
0
c9dd71b6-fd13-4133-bf5d-b88619cef491
sid.storygize.net/ccm/ Frame A673 		0
0
/
s.ad.smaato.net/c/ Frame A673 		0
0
server_match
ad.360yield.com/ Frame A673 		0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame A673 		0
0
sync
x.bidswitch.net/ Frame A673 		0
0
cm-notify
creativecdn.com/ Frame A673 		0
0
shr
match.prod.bidr.io/cookie-sync/ Frame A673 		0
0
c01d0246d79eba64b8a7cca07e5b7dc7.gif
cs.admanmedia.com/ Frame A673 		0
0
rtset
bh.contextweb.com/bh/ Frame A673 		0
0
container.html
8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A673 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:17 GMT
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2653
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/html
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 29 Dec 2024 14:48:17 GMT
sharethrough
b1sync.zemanta.com/usersync/ Frame A673 		0
0
redirect
exchange.mediavine.com/usersync/ Frame A673 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/redirect?partnerId=ba9b48bc-5c48-4ff3-91fe-26d9ebe2e270&partner=sharethrough&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.254.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-254-189.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:17 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
sync
ups.analytics.yahoo.com/ups/58280/ Frame A673 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58280/sync?uid=ba9b48bc-5c48-4ff3-91fe-26d9ebe2e270&_origin=1&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:17 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ecm3
s.amazon-adsystem.com/ Frame A673 		0
0
c.gif
c.bing.com/ Frame A673 		0
0
712068.gif
idsync.rlcdn.com/ Frame A673 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/712068.gif?partner_uid=ba9b48bc-5c48-4ff3-91fe-26d9ebe2e270&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 23CE 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
86651
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 14:44:06 GMT
expires
Sat, 28 Dec 2024 14:44:06 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4.js
static.adsafeprotected.com/ Frame 4076
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1298974/68196516/4.js?adContainerId=gcc_sC2QZaKkD6qK6toP7KmJmAI&cbFunctionName=goog_wrapCb_sC2QZaKkD6qK6toP7KmJmAI&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsa...
  • https://static.adsafeprotected.com/4.js?adContainerId=gcc_sC2QZaKkD6qK6toP7KmJmAI&cbFunctionName=goog_wrapCb_sC2QZaKkD6qK6toP7KmJmAI&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=gcc_sC2QZaKkD6qK6toP7KmJmAI&cbFunctionName=goog_wrapCb_sC2QZaKkD6qK6toP7KmJmAI&true_pb=
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
3.160.22.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-80.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:02:30 GMT
x-amz-version-id
vKEhI2DDF7x4y1d6KCleNAEq1uB6J8K1
content-encoding
gzip
via
1.1 0f798c5dc07bf9546ee3d4bc341d91a4.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P3
age
456347
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 13 Dec 2023 19:37:39 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
F03G0brTFi-Xy6HBCNHcTSfBUBrD6o4F_RL_LICLR9E3KGBtbHKlDA==

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
x-server-name
app35.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=gcc_sC2QZaKkD6qK6toP7KmJmAI&cbFunctionName=goog_wrapCb_sC2QZaKkD6qK6toP7KmJmAI&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame B000 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.22.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-80.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 08:06:12 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 0f798c5dc07bf9546ee3d4bc341d91a4.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P3
age
7886526
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
65iNNZLsFghjDDzLGn4rTYvruvhDnsxIgjCRL6NITavhk6cAUMAm9g==
sync
partners.tremorhub.com/ Frame 7AAC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEJFo8VaQkCMKgfi2kCEZ1D4&google_cver=1
43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEJFo8VaQkCMKgfi2kCEZ1D4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiHRhDRp0cYzq-Y3QEwAQ&v=APEucNUIo0tMa9xg2vQu0hNfbCdsgATNlvS2-E_hRWIPcaaJ12iv1NBo9fI1hQx0iL2srJxZWtd7PcNpoEeSTb7RIPsDhx5oYQ
Protocol
H2
Server
52.200.12.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-12-121.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 30 Dec 2023 14:48:18 GMT
server
nginx
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://partners.tremorhub.com/sync?UIGL=CAESEJFo8VaQkCMKgfi2kCEZ1D4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 7AAC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBYEmCf84URCM7ux67UZ0b0&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame 7AAC 		0
0
view
ad.doubleclick.net/pcs/ Frame 4076 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvqWCwbZm3dNY5xJgUc3-qvJI8CpEoResxeUb8cN55Y05Inyw14y3sILdy_UsaFkMDwvxtGbZ-1Pzxbzq2Vpn5i4u_pyobMCXccAFszr0qy7AKXgkqhF3kdvVNBmecF4oT0P1nzm0dQDH_n3p8I8lvCOEDoyVUikoa-jHX4X-vIL6SWgVioM5jRGr4_hlgy2-R_5U6l21okvT4I6cHDa1dxyD3ARWDQROQJTarRXB-me3M53NcLCuTO73DKC--oUgV5YpHyulO3FhfKjjbtzK4W3PPsg2Ax-EM3n7LjJqFPdXcJ8IAN4Nnv3XJEDNEv73C9LBNc3IFtMVnUuZC-uRQ6lMoHTdunT1K3d3jZ8kLwH66aq2RJymngRFjtiKtbb8jMeV1sssPp0Hzlxqt7hLnsUlv_O25-UB0hHv4tcgVdM0PSmh3JkSBHSo9qAsSHGuM7xZON1XFSvds1LzvRFhYKwBjulx2QTZnuAkE78HY5jTmuy7tpHnqrKjaBy33MDtjdF-HThsYdqyU6KL3PID9Av3EX8-gZ852lMDHdkI2xtSgwYtTUvbMrShKXanZQ62q77KEXyVMpEv98m5NdEv2mCoV7H10VbiMVFoayHJf0nBlWgRhDBQua3_RBohRjtwmWXt2vjQzEjlWneTG5tTKQnC99lh2TiFpLiSpkMuDH_h478ZwiceqN3zyIlMSWkt9KSnrMU1b7lJskrYnubVenmgQdDFWm-I7FA7gjzxXDUN5CTaB386tkZ4Semo63kxnCfCPGqbFwqXG8cKKOx9yhk3ztsYe709OMpI8ceQdSUET3pjWinjHR-v2BC17bJxYiarOWHVYlLkto5aJngXs7eYQd71y_iiOeuoPvMOy5lLNm-7vAype9UiKaSb2z969a49cNsu7Jvk1uGOUsXDEj40cOoGN2aSNnF2vlup2trbZA_FFp2YIN-Sz9bb0L8d9T1xy-euqd_GtP7VqAMQnFsD4lEfmqUYwSXlDlmEkKFc8tKiemrKTSBZ9TRi_AHSKBBqCoiB8Ae37PGtzcHfMcY8U2i3W9Y-RJ1td73gasBSaCfMfJz_0EUBaTLl4QQf5bRE4plwb2eNWmmJg9_BqmDrdjV38p-sCTJqE09XEPdvhHMcr8q38kBz-cIUfyg4Ts2z3El7Bxxm9UOnbFihvxYFrXr0qUNGHhc5zHopnR9IlabQWz3CsDxMh1cokeyrMKUyfAQR5tEJ08nvmV5HxuXjo0_H9USsfDRwwOYawIl_D6mJl7WbJ213kwEfTFWDgLuRzuObBn7DMfIdtcYm0kxYYJgJ41zErPK_TrWLv4YAWsj1aTTN38arCkxxAN9me65ev4kttaH7T5yoCu7hGXdaKELVJrKksMmBui15d4RC2BZcLo8wYE2jLHHsaPGDqwnTCOjGU-RlYq6txsEwIXIMgtywrHZcsSUiib5HhaIACsLIRXuZlQJyyZs5Bs-qpclvkfBu6pGIUDP1kaScDPYDQpeRecQR3mt42xtNaKJigj&sai=AMfl-YRO9QHwvq7ze523DxTXMLODeFlEsUnptfC83dyC26jvzgg_mX7DAVypEJrjoxY_gA_yVAwTkTJ46QBx0y-dZQE6s039Ktnmk25HddNslZBxVs9VHtaTuI1YDOOnZnd9KkzU7Ep-wtcsYjtW-6b_LRuKnXagzqkTXWYj2zQcYPll2aH-MpIa0GaGvMfjR0TO_aWDlIlZNZpcPyiqDDZ9yujpsu_PfTu0RWy8-BRXB4p3uMD_Pe9l46dBxTwqBX64Q4Vhyu7elAsvOao3vw8Wg-t58xT1tvx5CzT4zecIrNO6wPWd9FZqLJiC-uS6wzFdjjrzmtCadyb7YoNgjUvJ14MAablPryO7_oHyYQcljmVnJbhx-sCBZdu7JWIleZ8dfI0Ri7w25rOEREi6sy3T8gYYwgaR7GW9LTTaP9eAOg&sig=Cg0ArKJSzN8oZ_4J2meGEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYWRpbGxhY2NhbmFkYS5jYQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=252&vt=11&dtpt=251&dett=2&cstd=0&cisv=r20231207.81251&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 4076 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1298974&asId=88d3cac3-bcde-fc25-b33d-6d2dff0a2305&tv=%7Bc:ygbzRD,pingTime:-3,time:119,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:44%7D,%7Bpiv:0,vs:o,r:l,t:118%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:119,n:118,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:44,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B111~1%5D,as:%5B111~300.250%5D%7D%7D,%7Bsl:o,t:118,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZVYT1g+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1p11%7C1p12%7C1p13%7C1p141%7C1p15%7C1q%7C1r11%7C1s11%7C1s12%7C1s13%7C1s14%7C1t1%7C1t2%7C1t31%7C1t4%7C1u*.1298974-68196516%7C1u1%7C1u2%7C1u3,idMap:1u*,rmeas:1,rend:1,renddet:IMG.qs,siq:45%7D&br=c
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 4076 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1298974&asId=88d3cac3-bcde-fc25-b33d-6d2dff0a2305&tv=%7Bc:ygbzRF,pingTime:-6,time:121,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:121,n:118,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:44,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B111~1%5D,as:%5B111~300.250%5D%7D%7D,%7Bsl:o,t:118,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B3~0%5D,as:%5B3~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZVYT1g+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1p11%7C1p12%7C1p13%7C1p141%7C1p15%7C1q%7C1r11%7C1s11%7C1s12%7C1s13%7C1s14%7C1t1%7C1t2%7C1t31%7C1t4%7C1u*.1298974-68196516%7C1u1%7C1u2%7C1u3,idMap:1u*,rmeas:1,rend:1,renddet:IMG.qs,siq:45%7D&tpiLookup=ao:cnz.to*&br=c
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
usync.js
eus.rubiconproject.com/ Frame 9E1F 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=18694&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d749a992f0eb365b9a7f569f47bce5d5a4bbfbf0f977d3e9eef2c51bd990d1f0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=18694&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 14:48:17 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Dec 2023 19:15:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=16025
Connection
keep-alive
Content-Length
13174
Expires
Sat, 30 Dec 2023 19:15:22 GMT
v1
match.sharethrough.com/sync/ Frame 29E3 		68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&gdpr=0&gdpr_consent=&source_user_id=2833654250881570906
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=47&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.135.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-135-200.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:20 GMT
cache-control
no-cache
content-length
68
content-type
image/png
/
rtb-csync.smartadserver.com/redir/ Frame 29E3
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frtb-csync.smartadserver.com%252Fredir%252F%253Fissi%253D1%2526partnerid%253D86%2526partneruserid%253D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2963816996209011993&gdpr=0&gdpr_consent=
43 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2963816996209011993&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=47&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.105.12.136 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
an-x-request-uuid
54851180-835f-4584-856f-72e462594570
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2963816996209011993&gdpr=0&gdpr_consent=
x-proxy-origin
185.213.80.43; 185.213.80.43; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 29E3
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=cd35ffb1-22a8-4e8c-916d-a6e93d3b2077&gdpr=0
43 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=cd35ffb1-22a8-4e8c-916d-a6e93d3b2077&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=47&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.105.12.136 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 30 Dec 2023 14:48:19 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=cd35ffb1-22a8-4e8c-916d-a6e93d3b2077&gdpr=0
date
Sat, 30 Dec 2023 14:48:20 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 29E3
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjgzMzY1NDI1MDg4MTU3MDkwNg==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjgzMzY1NDI1MDg4MTU3MDkwNg==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=47&gdpr=0&gdpr_consent=
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjgzMzY1NDI1MDg4MTU3MDkwNg==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 30 Dec 2023 14:48:16 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 29E3
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7318399637020932253&gdpr=0&gdpr_consent=
43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7318399637020932253&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=47&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.105.12.136 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7318399637020932253&gdpr=0&gdpr_consent=
Date
Sat, 30 Dec 2023 14:48:18 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
truncated
/ Frame 4076 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80763d110b552ceef6f5c4737adce35fc01ce13f2dc1152da61bab4ba9265609

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame 4076 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1298974&asId=88d3cac3-bcde-fc25-b33d-6d2dff0a2305&tv=%7Bc:ygbzT4,pingTime:-2,time:208,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:93,mdZ:143,beA:241,beZ:243,mfA:245,cmA:246,inA:247,inZ:250,prA:250,prZ:281,si:286,poA:287,poZ:310,cmZ:310,mfZ:310,loA:362,loZ:364,ltA:449,ltZ:449%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:44%7D,%7Bpiv:0,vs:o,r:l,t:118%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:208,n:118,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:44,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B111~1%5D,as:%5B111~300.250%5D%7D%7D,%7Bsl:o,t:118,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B90~0%5D,as:%5B90~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZVYSKJ+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o.1298974-68196513%7C1o1%7C1o2%7C1o3%7C1o4%7C1p1.1552256-76024099%7C1p11%7C1p12%7C1p13%7C1p141%7C1p15%7C1q%7C1r11%7C1s11%7C1s12%7C1s13%7C1s14%7C1t.1298974-68196516%7C1t1%7C1t2%7C1t31%7C1t4%7C1u*.1298974-68196516%7C1u1%7C1u2%7C1u3,idMap:1u*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:45,sinceFw:161,readyFired:false%7D&br=c
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4DA0 		617 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4YifjixwEwAQ&v=APEucNXcnCG0hPA1wCh0jDvAC7cQyMcFdX-u-Tq1apknonNQ8JCM8q85RrxIck_OWy72oBgO1SLNZrtEzbXB-L_30Kr9DvHPvTXw9NBj_94w1BF640SIbso
Requested by
Host: native.sharethrough.com
URL: https://native.sharethrough.com/assets/sfp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
1c9c11d16363f8bc064882200f5261b12bad52e5fb01771c0339a1cc7c96b89e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
280
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 14:48:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3183 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: native.sharethrough.com
URL: https://native.sharethrough.com/assets/sfp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:48:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3183 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CZwAkjKyJTqKSv8q_oALHh519DyGIUg3GMNc3OPuyNJpBR5k-IWUlq7Tv_6CKM6vB6zCuQFPoPnlgF0bSBRBeSDDdc45i6ddrRMMyU7E1Z31l-MGI
Requested by
Host: native.sharethrough.com
URL: https://native.sharethrough.com/assets/sfp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pandg-sdk.js
pghub.io/js/ Frame 203A 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: native.sharethrough.com
URL: https://native.sharethrough.com/assets/sfp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 13:50:40 GMT
content-encoding
gzip
age
3457
x-guploader-uploadid
ABPtcPp39g2S25Ki0nFV5xOf5WvNqOTB-IvQC8r1FTdC1yfbsPe1VO0vBBSY-A18iSQOcC_M0gLaYQ0i73rZAi_Ap-03DA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5009
last-modified
Mon, 05 Jun 2023 16:36:50 GMT
server
UploadServer
etag
"47a886353056caf33a998c6041e20896"
vary
Accept-Encoding
x-goog-generation
1685983010517890
x-goog-hash
crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
5009
accept-ranges
bytes
content-type
application/javascript
analytics.js
s.update.sharethru.com/2/673815/ Frame 203A 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.sharethru.com/2/673815/analytics.js?dt=6738151684949532477000&di=cnz.to&pd=avt&ac=14723314503&pv=3418458a-e2ec-40b7-bf58-fbc57152df48&to=3&pp=47b99924&sr=sharethrough.com&si=k4kjjO3O7TJj3fjbf3yufYeA&c1=k4kjjO3O7TJj3fjbf3yufYeA&ti=cb3146ea-629a-4dcc-a98c-e1f8de1e9547&de=2&md=1
Requested by
Host: native.sharethrough.com
URL: https://native.sharethrough.com/assets/sfp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.93.69.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-69-72.compute-1.amazonaws.com
Software
/
Resource Hash
9e1ebfc7e3e311af891b9615f70de2860009319f9c5b22fa063cc133c396e878
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:21 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin
*
Content-Length
2664
Expires
0
butler
b.sharethrough.com/ Frame 203A 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.sharethrough.com/butler?type=impression&arid=cb3146ea-629a-4dcc-a98c-e1f8de1e9547&pkey=k4kjjO3O7TJj3fjbf3yufYeA&supplyId=47b99924&tkey=300x600&ckey=17CzF5ktQoN1vCLa3wP58vYU-418954249&umtime=1703947697245&browser=Chrome&platform=desktop&url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com&referrer=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&evid=undefined&renderLatency=276.0&gcid=d0708082-9dc8-49e8-907e-af54d0355a85&action=banner&awid=f7ec18a6-b0e7-4340-9c8a-7ab9d5cf3eb1&sourceId=17CzF5ktQoN1vCLa3wP58vYU&pwidth=300&pxoff=1100&pyoff=1996.421875&twidth=300&renderEnv=safeframe&version=gc-1097-e5d911a1
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.184.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-184-111.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:59:55 GMT
via
1.1 7c6d67660968d7bc9fe1773f0d83dce2.cloudfront.net (CloudFront)
last-modified
Fri, 12 May 2023 13:28:48 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P2
age
67703
x-amz-server-side-encryption
AES256
etag
"71a50dbba44c78128b221b7df7bb51f1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
-YE6YBOANdzwN7FJWumLxEtEs4tVfEVWEddlxII-7-cXhj9mEGeITQ==
khaos.json
token.rubiconproject.com/ Frame 9E1F 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LQS6GMOO-13-GYA2
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
314e432eb2d967cf733b82bdbbe35231
Expires
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 23CE 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 00:06:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
52893
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Dec 2024 00:06:44 GMT
usersync
usersync.gumgum.com/ Frame B410
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6358375726502932821
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6358375726502932821
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
an-x-request-uuid
87c0f9a1-d6d0-44ce-a6ae-00aff4498537
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=6358375726502932821
x-proxy-origin
185.213.80.43; 185.213.80.43; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame B410
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_2f29f0d2-2bcb-4331-8708-b92ac34b79eb&gdpr=&gdpr_consent=&us_privacy=1---
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=d5a10885-e7e9-48af-aefc-6b6be8bf5457&expires=1&user_group=2&ssp=gumgum2&bsw_param=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=&gdpr_consent=&gdpr_pd=
  • https://usersync.gumgum.com/usersync?b=bsw&i=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=&gdpr_consent=&us_privacy=
Date
Sat, 30 Dec 2023 14:48:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame B410
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=43188338-7fa1-0386-2b79-5dc5ed894eb7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=43188338-7fa1-0386-2b79-5dc5ed894eb7
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 30 Dec 2023 14:48:17 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=43188338-7fa1-0386-2b79-5dc5ed894eb7
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame B410
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-9c15b727-5578-5f51-494b-e4101fd4cbe1$ip$185.213.80.43
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-9c15b727-5578-5f51-494b-e4101fd4cbe1$ip$185.213.80.43
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-9c15b727-5578-5f51-494b-e4101fd4cbe1$ip$185.213.80.43
Date
Sat, 30 Dec 2023 14:48:17 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame B410
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-hjRM5IFE2pdQzwzeRawd3W_wtE_GLusKppi8~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-hjRM5IFE2pdQzwzeRawd3W_wtE_GLusKppi8~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 30 Dec 2023 14:48:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-hjRM5IFE2pdQzwzeRawd3W_wtE_GLusKppi8~A
content-length
0
usersync
usersync.gumgum.com/ Frame B410
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusers...
  • https://usersync.gumgum.com/usersync?b=vnt&i=5424119b-601b-4303-9302-c674017cde11
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=5424119b-601b-4303-9302-c674017cde11
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=5424119b-601b-4303-9302-c674017cde11
Date
Sat, 30 Dec 2023 14:48:17 GMT
Connection
keep-alive
X-CI-RTID
39895045-9aec-41cf-a657-7fb1e62087d1
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame B410 		0
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 30 Dec 2023 14:48:18 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame B410
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_2f29f0d2-2bcb-4331-8708-b92ac34b79eb&gdpr=&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&puid=u_2f29f0d2-2bcb-4331-8708-b92ac34b79eb&s=2&us_privacy=1---
  • https://usersync.gumgum.com/usersync?b=zem&i=Vs6NN-XJLUhrh03ZYYyz&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=Vs6NN-XJLUhrh03ZYYyz&us_privacy=1---
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:23 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:23 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=Vs6NN-XJLUhrh03ZYYyz&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
112
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame B410
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=cCzRBpruGTaG&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=cCzRBpruGTaG&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
H2
Server
34.226.253.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-253-159.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:22 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://rtb.gumgum.com/usersync?b=pln&i=cCzRBpruGTaG&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-db744d8c7-7trw5
expires
-1
usersync
usersync.gumgum.com/ Frame B410
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=2833654250881570906
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=2833654250881570906
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=2833654250881570906
date
Sat, 30 Dec 2023 14:48:16 GMT
content-length
0
redirect
exchange.mediavine.com/usersync/ Frame B410 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=gumgum&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=u_2f29f0d2-2bcb-4331-8708-b92ac34b79eb
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.254.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-254-189.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:17 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 9FF2
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6358375726502932821
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6358375726502932821
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
an-x-request-uuid
1d24b25d-e8d2-4d0f-a2f1-330e259cc8b7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=6358375726502932821
x-proxy-origin
185.213.80.43; 185.213.80.43; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 9FF2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_8de9abd7-6253-4d9b-96b2-646cf244fae8&gdpr=0&gdpr_consent=&us_privacy=
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=gumgum2&user_id=7wV3pg_sjCQGtDJ4MOSp0
  • https://usersync.gumgum.com/usersync?b=bsw&i=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=&gdpr_consent=&us_privacy=
Date
Sat, 30 Dec 2023 14:48:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 9FF2
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=43188338-7fa1-0386-2b79-5dc5ed894eb7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=43188338-7fa1-0386-2b79-5dc5ed894eb7
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 30 Dec 2023 14:48:17 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=43188338-7fa1-0386-2b79-5dc5ed894eb7
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 9FF2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-9c15b727-5578-5f51-494b-e4101fd4cbe1$ip$185.213.80.43
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-9c15b727-5578-5f51-494b-e4101fd4cbe1$ip$185.213.80.43
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-9c15b727-5578-5f51-494b-e4101fd4cbe1$ip$185.213.80.43
Date
Sat, 30 Dec 2023 14:48:17 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 9FF2
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-hjRM5IFE2pdQzwzeRawd3W_wtE_GLusKppi8~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-hjRM5IFE2pdQzwzeRawd3W_wtE_GLusKppi8~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 30 Dec 2023 14:48:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-hjRM5IFE2pdQzwzeRawd3W_wtE_GLusKppi8~A
content-length
0
usersync
usersync.gumgum.com/ Frame 9FF2
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
  • https://usersync.gumgum.com/usersync?b=vnt&i=5424119b-601b-4303-9302-c674017cde11
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=5424119b-601b-4303-9302-c674017cde11
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=5424119b-601b-4303-9302-c674017cde11
Date
Sat, 30 Dec 2023 14:48:17 GMT
Connection
keep-alive
X-CI-RTID
55f623a8-2f14-42fa-900a-ab32a5478bc0
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 9FF2 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 30 Dec 2023 14:48:19 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 9FF2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_8de9abd7-6253-4d9b-96b2-646cf244fae8&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=u_8de9abd7-6253-4d9b-96b2-646cf244fae8&s=2&us_privacy=
  • https://usersync.gumgum.com/usersync?b=zem&i=OFl4csdzJPX5Jy-95-rx&gdpr=0
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=OFl4csdzJPX5Jy-95-rx&gdpr=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:23 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=OFl4csdzJPX5Jy-95-rx&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
103
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 9FF2
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=jCQgeKmpJZtm&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=jCQgeKmpJZtm&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
34.226.253.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-253-159.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:22 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://rtb.gumgum.com/usersync?b=pln&i=jCQgeKmpJZtm&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-db744d8c7-mtsv2
expires
-1
usersync
usersync.gumgum.com/ Frame 9FF2
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=2833654250881570906
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=2833654250881570906
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=2833654250881570906
date
Sat, 30 Dec 2023 14:48:17 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 9FF2 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_8de9abd7-6253-4d9b-96b2-646cf244fae8
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0YE2CBG4J4EDA94SM3DA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame C3B1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=1179816859700053156&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=1179816859700053156&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 30 Dec 2023 14:48:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sat, 30 Dec 2023 14:48:18 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=1179816859700053156&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 8E85 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8yZjI5ZjBkMi0yYmNiLTQzMzEtODcwOC1iOTJhYzM0Yjc5ZWI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 14:48:17 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8402 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-57-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=74432
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 30 Dec 2023 14:48:20 GMT
expires
Sun, 31 Dec 2023 11:28:52 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame B70A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=ae9fa611-1916-4d55-ab82-f7eea3328191
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=ae9fa611-1916-4d55-ab82-f7eea3328191
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 30 Dec 2023 14:48:17 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Sat, 30 Dec 2023 14:48:17 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=ae9fa611-1916-4d55-ab82-f7eea3328191
server
Kestrel
usersync
usersync.gumgum.com/ Frame 0E48
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZAtssCo8X0AAKa-QK8AAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZZAtssCo8X0AAKa-QK8AAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 30 Dec 2023 14:48:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 30 Dec 2023 14:48:18 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZZAtssCo8X0AAKa-QK8AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
0
X-SO-HostName
m-ad430.dc4p.scaleout.jp
X-SO-IP
185.213.80.43
X-SO-Key
ZZAtssCo8X0AAKa-QK8AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"185.213.80.43","key":"ZZAtssCo8X0AAKa-QK8AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad430"}
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad430
usersync
usersync.gumgum.com/ Frame BA52
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=7RpKiJEwcRBLYinh3zAK6r9vZv2qo-Fnfw_kiB471q8&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=7RpKiJEwcRBLYinh3zAK6r9vZv2qo-Fnfw_kiB471q8&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 30 Dec 2023 14:48:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sat, 30 Dec 2023 14:48:20 GMT Sat, 30 Dec 2023 14:48:20 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=7RpKiJEwcRBLYinh3zAK6r9vZv2qo-Fnfw_kiB471q8&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 39E2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 30 Dec 2023 14:48:18 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 30 Dec 2023 14:48:17 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usersync
usersync.gumgum.com/ Frame 9A37
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=6463982688388548906&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=6463982688388548906&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 30 Dec 2023 14:48:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sat, 30 Dec 2023 14:48:18 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=6463982688388548906&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 6754 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV84ZGU5YWJkNy02MjUzLTRkOWItOTZiMi02NDZjZjI0NGZhZTg=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 14:48:17 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A926 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-57-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=74432
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 30 Dec 2023 14:48:20 GMT
expires
Sun, 31 Dec 2023 11:28:52 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 4ED4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=ae9fa611-1916-4d55-ab82-f7eea3328191
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=ae9fa611-1916-4d55-ab82-f7eea3328191
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 30 Dec 2023 14:48:17 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Sat, 30 Dec 2023 14:48:17 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=ae9fa611-1916-4d55-ab82-f7eea3328191
server
Kestrel
usersync
usersync.gumgum.com/ Frame 7464
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZAts8Co8X0AAKa-QLoAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZZAts8Co8X0AAKa-QLoAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 30 Dec 2023 14:48:19 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 30 Dec 2023 14:48:19 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZZAts8Co8X0AAKa-QLoAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad1011.dc4p.scaleout.jp
X-SO-IP
185.213.80.43
X-SO-Key
ZZAts8Co8X0AAKa-QLoAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"185.213.80.43","key":"ZZAts8Co8X0AAKa-QLoAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad1011"}
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad1011
usersync
usersync.gumgum.com/ Frame B876
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=7RpKiJEwcRBLYinh3zAK6r9vZv2qo-Fnfw_kiB471q8&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=7RpKiJEwcRBLYinh3zAK6r9vZv2qo-Fnfw_kiB471q8&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 30 Dec 2023 14:48:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sat, 30 Dec 2023 14:48:20 GMT Sat, 30 Dec 2023 14:48:20 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=7RpKiJEwcRBLYinh3zAK6r9vZv2qo-Fnfw_kiB471q8&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 658D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 30 Dec 2023 14:48:18 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 30 Dec 2023 14:48:17 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
v1
match.sharethrough.com/sync/ Frame 9E1F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent=&gdpr=0&khaos=LQS6GMOO-13-GYA2
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQS6GMOO-13-GYA2&gdpr=0
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQS6GMOO-13-GYA2&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=18694&gdpr=0&gdpr_consent=
Protocol
H2
Server
107.23.135.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-135-200.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:20 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQS6GMOO-13-GYA2&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f84b118a3f01dd6ffa744f6af941f4e8
Expires
0
pixel
cm.g.doubleclick.net/ Frame 4DA0
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=16&user_group=1&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dbidswitch_dbm%26google_hm%3D%24%7BBSW_UID_ENCODED%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_hm=MWI1YWRhYzAtZTU2Zi00ODc2LThmZGItYjgzZDE4MTYyZGY0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_hm=MWI1YWRhYzAtZTU2Zi00ODc2LThmZGItYjgzZDE4MTYyZGY0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4YifjixwEwAQ&v=APEucNXcnCG0hPA1wCh0jDvAC7cQyMcFdX-u-Tq1apknonNQ8JCM8q85RrxIck_OWy72oBgO1SLNZrtEzbXB-L_30Kr9DvHPvTXw9NBj_94w1BF640SIbso
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_hm=MWI1YWRhYzAtZTU2Zi00ODc2LThmZGItYjgzZDE4MTYyZGY0
Date
Sat, 30 Dec 2023 14:48:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 4DA0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm&gdpr=0
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&piggybackCookie=CAESELC1147cEPZgZr4tdYuCOrA&google_cver=1
42 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&piggybackCookie=CAESELC1147cEPZgZr4tdYuCOrA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4YifjixwEwAQ&v=APEucNXcnCG0hPA1wCh0jDvAC7cQyMcFdX-u-Tq1apknonNQ8JCM8q85RrxIck_OWy72oBgO1SLNZrtEzbXB-L_30Kr9DvHPvTXw9NBj_94w1BF640SIbso
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&piggybackCookie=CAESELC1147cEPZgZr4tdYuCOrA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
361
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 4DA0
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&p=360&gdpr=0&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpubmatic%26google_hm%3D%23%23B64_PM_UID%26gdpr%3DPM_GDPR%26gdpr_co...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&p=360&gdpr=0&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpubmatic%26google_hm%3D%23%23B64_PM_UID%26gdpr%3DPM_GDPR%26gdpr_co...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTcyQUYzQ0MtMEY1Ri00NERDLUExNjYtRDk3Rjg3MUU2MzUw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=156557&pr=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DuFFr5RFBYgoUJbWMAWGEZKS3%26source_user_id%3D972AF3CC-0F5F-44DC-A166-D97F8...
  • https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=972AF3CC-0F5F-44DC-A166-D97F871E6350
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=972AF3CC-0F5F-44DC-A166-D97F871E6350
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4YifjixwEwAQ&v=APEucNXcnCG0hPA1wCh0jDvAC7cQyMcFdX-u-Tq1apknonNQ8JCM8q85RrxIck_OWy72oBgO1SLNZrtEzbXB-L_30Kr9DvHPvTXw9NBj_94w1BF640SIbso
Protocol
H2
Server
107.23.135.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-135-200.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:21 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=972AF3CC-0F5F-44DC-A166-D97F871E6350
date
Sat, 30 Dec 2023 14:48:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3183 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9492893059766&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3183 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9492893059766&version=m202309260101&ct=76&x=101&cor=17808040720498630000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3183 		97 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D3U8cikFGGwDMCLovsgPAI6p6-9ymjY-SzKdrHDl_hpgTHHbPpZiKoxLkkwwVCYrP0Mkpu6tztfY_EnrBdCt6VCQM-0eLBBjOtWCm9ubsurte_ZQADMxi3cWJFBvZMWaqSgJpo3hTZ0I--NTwCVsQr3mVidp6x5lFS46PkiuuNyACPQsE&dbm_d=AKAmf-DTnufQ282rxBMp7wnQXnSS84u28qBYk8iEckNRSVgC_pARC39X5mNFJXCUvvbHaTk8h-KCKyT9NKSzYcj03XS7d7kAwKI01BmEhE6K63YOybAmwee6K9BmwBKQUzGnFc5BHVCj3JEbKa--Vc0nYHuqErWhLQzBoXYQv0hZ80kv8IPkTuqc4ud3haeKwhlV7RXqYHVCY_AMEYCFXUYw3zCNSy8kfyXOVZhdY7YL-5yNgjDlW1QI9sDPkT8AizksK8c2aPpzywcCpqg1n6ZPK9-rEryA-SkVOS6k7Y0c-B5EdiTJvjrWiyCU8zfgA61s6k8K3enzyPBu8tNOwXFv9SuWCaroHgFPm1Xostr1h6QtNmKiaMlU7GyifHeoL4XCdnRuA4ujeQiVQe7SqZjKFiNMjayNRMEH62mN2K266a6HVLkt8rTSZlp8A8F3A_UBjjMo0TRhttR3b9TCiho7duvf5MxloVVYzBPUhbVgWv2pQOf4gKB4Q0l1LaR5pd53fkPj5MrrGkfbonKSUVlbW8baLQmbVzsrtpS6czh8yM8uU7m81tiRtxAwV0ZyXZTbEW3AcXCytPvBTTb6jF9BNlT4MOZpuzTpTsibw9k8-Adi9Fm9t47dZd0eSspAcSY7UTnFACgNtdTfT8-YHwKZK3KICpLbjvmGuzu19x12UFSXPmgxfE1CGvZcsbrTE1Lp0g-1Cnr1nYX9GtAnkCbmxARj9bP2cXDjT0YBU1t_4PJ_PN6zecdmauCtDNK6pCye09p5pjlhRhTZpIbWuKupkJBB_U4cFdaNwlMtu7rKL5iMfZF2284NlHzgLSYV40aEdDIAz1Did505VpE5-UM7hpIpF98DDTN3Yo8ptQ6NjjvFISXsTo-pNeIxN92Ldt7FUuf3I8w85edW0lf7TIxEDEv8j8xo5iu4teYovHfZBYtc9H5k2nKWFky-HUdyKjbm1gD4AmYcbvOAT1RYdFeG9aJDw02X8aQW54WxXA3hY9-orBxj13l6FLrxfSfWahl4ug68IB_XKL8x8NVd1rHeZD44yQtuByNi-S6mBnMlyFoVLmX9kGvdtUrMdf5tZX-JRPiEpngrxUGQPolpNRwEy2on1u8DphtUp2cazwTO_ySCvxgXOCs1uU93oB_a8eIITFWkc_6rYCDSorBjFovlBlmqK_KvWHY-w1HpcBxCM1nOPaBvnci3VfmSTMKro241X3ePreasFRb-GHiUv6P7q-SpG_ZulmK6waH5vy42Ad2CMVkXhoY7tVjhLCnDhKp9iy7PzOFTwAGLF1Qwp-3XayPDIAl7N9VvmBDayGkNEry3-WLQnAeT3F-2tvg1L9m1xy9LEls__WeLmI1gnx-E7KwI0Oe9N6C4sth_nNXrVEjqVFvw8ZegsxB3M8n-KqmYZnb7zFk8jtcvSukR8ov1FMHstc_9a-X1csakSPIPQAS9CHP9yZK9c5YGe44qObGNHs7w3yLUKCB-rWjxQDF_LvRzwT9YVWLbKgiEIabtgQFmynlaFwCb2g4TsEZPbgi03tEkC20rVRmwf_uwqRvxMbA2G1-ycyt0kaTWbkX7YGv0_cy2htHNIbu2bp6W-ODspmxAx-em7Bg6DSjk0Ubl-yW4n5oxrjOac0OiSMv2MKjafNB84tCiMySHVOy49ppvXvnhLqUA0qW5jJI89vsOlxewpyQAHWv78lgm1GqQKXNmfnVdf47Q9SFupIAHmoulNECYahY-PvibSwyQJqBm4bSotvoy8X0fTQpFicq2vquMRIGuIQZlg717Pd8vqjcPDJ5Ltl9XHREnF59ZzkDostmRFwyg7Y8kcc01S6FbFDYcz6jn-tr2kljczy91MwnMEKpAH2-wgvXOx-UhIk0Eh0F8LPcYkrLb0OBc_UcYd-Gco9XCdoRWrL8aQkmg667sH4ijVgJBMiPtJAdB4Gc8cBIeuq2APe6A65Bx6bB4V_kzB49g_k6XxTxZkankinj46Fzuos4xCu40VzEG0Wd_LGumbgKX0w9VVcnoucbBClHGl6VN0Gv605cdspzzAuLCKIVT781ZwlinrhMZG_U3wHTSXV_39W-iNXY7928yVqMShJazpkxQKrRjTmQ2ZQ_4QtjUk1ZVtZHyBEvL75_oqG9m55t-fZrRE22NgLVw7tDaGfTV8qpx0PdZ2gs_L_je8CspKDdFkMGXFogKf-vBAYnafA0nSgbF9xtBIysSzMItsItIWQwhAT3ptpzNoUqs9jXOITu9EZ3M7zYjA0lpFKt8e6Ao63G8vj7-VeWa5wZhapcvFaGE0t9B1JEdFHQ3oJHAnK0eZZsdm60TaO1du04qVKDWGkWoPmbOQSnS6hQjBrdK1f9Dlcit_WX8649kVuYx42iHxNodZnFF_tdcRGLkmpjNy1LRqWbJ0qs38iagJH5MJcX63OBZKvrVb6QFvPzMyX-3JQLOJ60nPiOergH5Nmse2a4n3LUxJalbYgoLrJb7xgtEd0PzbMy3otKO6w1FjPQqkOtE-3SYU7rXklUNsibSK62H0mhMHUG4dE-iyj1ebWb26AKCbJX58OLSgkjZfTnvKFQejg6_08EdKZOIZWm4BsD5dBgpJxB91l_kPm3OgFvdt6vwGqGkk9YrVGkOke9UJsr6cEMKhh1hmWUOoLGkiRFEtRDdu2bhvWpRzFx0pl4hzw_S2UREnY1GAIri9Ymr2QqWtLl8D7UZXeY4j8JBzgXGQRWgSaxKsW0LOol4g2ni-t9fLidXHW-5cEJr8a0PMbUZkH33Al1E8iW_aG3qtMhVYROz6Mrf6hQYkDjMOeuYOFVKdYQS1nmdf7_XqWaOc6dfTmeDic75yrDppmcnPI5WSkd0qk3Z1zaM1Hf3sGcIb4ESRU9p0K4PqFG2tVK4DO3Hfuj5f2_z822rZKEgzRqLOtipZ6DNFbUjodspYGvr1XdeqkOm26oBKVfUMyW0vTZ7RSljnoXczTCMWD5Lmg5xX77KpBWg_asDKqQDi5j_cNhBrrWSnDwWNm1vwH0oLqKBFg-1PF-mZk_dzoTPut3cUhe8VlvqRmq1OdZJ_VIGhzdzV4aA5jzBB1w5IczT7yc3gFQ1aoEexZHC14jbeRDBbRCIsKMwTuVtTcGfLx2nnUhY-4Orbh0kyDIvTsH1n7bDKZQyteYPISSIcFEV-Q6UqfqZ6uEK-r6QdvoZm5D1BekE7dFFWPSHOj6brU8cpxJjeN3ICwHTnsvTPJtOo0x_vNW0085Y8Hdi6E2sd19dAkYa9HSNHf3pa3Yr7h04eYvKlyq68BPK-jkWq_VPs6xB7_AJgmv9vDIOr80sBdSmmsv0DqulZ32gMRMYvBQXco9yYXpVZbCJojsyKLQ5E7MIVKvsosycWmE9c9XW3OjRn9ysiHxooAPalujbXon5kN5nMwhF24GyQOuz6Qk7fQcNq2jhTK5fWLKRVuE76XHvk4aJd1Mn10u9G__WReSUp7xbvKpTBZwbvKtamXCwlKrBpuxae9B4aF2vDgJfPZn-ays0k1ruRSgJ7CJFax0-Q6WSSCAIdhh_pOezcwLZlETcOJZP1n6IERYOxIPIsEKsBbaqzegXrKmR7l9VAX3p4D-4e-H21wcnM8Oo-AIZLjzjgpRtzOoIpVvphxGaJvHmSKgl8CiNhBr0Mm5fwEgBIoY9UWQKdDCQEJk_-oigcQ&pr=101%3A1.51&cid=CAQSYAAvHhf_gCy3DfOk-wC_WUMnps19fBsUIFaEAj-qfoAStcuuwS0wza91jBojx4iT_Z4EZSFqcaLUxjaofGJu0V26r58rnbbLm9HIkTvHUSr2jEMyC-UTNEKLQvJ8fslSKxgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcnz.to%2F&ds=l&xdt=1&iif=1&cor=17808040720498630000&adk=614002379&idt=98&cac=0&dtd=81
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
c09f5b094951b3bd874cf2d54a3c929ebf3412b6165471e01da648b74ed07f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40796
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CAD9 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157108&us_privacy=1---
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-57-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=74432
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 30 Dec 2023 14:48:20 GMT
expires
Sun, 31 Dec 2023 11:28:52 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 65CD 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 30 Dec 2023 14:48:18 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 1CBC 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
36945ba11775e05e6696a2d2ff02e2c2ac108b3e3189f651417223a7ee351562

Request headers

Referer
https://cnz.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1347
content-type
text/html; charset=utf-8
date
Sat, 30 Dec 2023 14:48:19 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
gen_204
pagead2.googlesyndication.com/pagead/ Frame F2F2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bc1Xgry2QZdG_Nu_R6toP75CG8AcAAAAAOAHgBAI&bg=!hYalhsnNAAY3kmNgF5I7ADQBe5WfOGSoGryQ2H37AqLtlGRI9RSxNgrd90FzkiCJyoyfX39T8Tgj2ywFHS1CV6oUZw8iAgAAAcFSAAAAA2gBBwoAMxAiI2eT-JRh1LUBzokup0btPV9_z5asV-eIeYOPZ0ght8VRi52GR2XubFB_52qCWwNJYJkDLowiulo8vrr4jHLuNVvqhV7FgsbWP4F8G21E68gjyMUxQoBssiz8AxzGBPndeJl5aqzyvRY3JkazUhn0AxRzeSb6QHlNn3w3JETmzsfpEkzJMNWYctV380noIHEbOV63aNkzS6wQiHPUSVTiSZcZXIeODBlXIa7Vrymu_8Q9pLpI1mpOT_MWBtsogy0xH4CEssytXvR1soCjcIguCeLv4_zWfipmOQ7_LacjqiBfX6cOfgQ9h5AgQGdlXGMP4Kjha_KPexLYNeP2cxo02SnZlcB20tqrAkUCjdNYCzuedFf7qvn_DgAtK5NKQtKPMVjjnsIdpp2k7cFZpmezZuKPoDIJlMsbyIMX2Ni2FsyUShP68VFwlh_CNWqVOM0FkhrjCn3DQIs9LNC8hX0pg9vAZ5BzTW6bd2qqoz-OaTQqQlAwOlr1YHVmfFS7rDn_T0Bt36oFAQHfSx23xXG3gUs7ki0OF3X8kw3lSyNbfjD7yngKGMoNGizE2ehd2Pqa3gckqIa-ZByBpUGNYDyXVGwNFivopJKHpq2oHzb_zZGqsCbJwizMSxRadLsutgH5qLx_LyH51N35TExbZiuwomUi3xR-y7KgnYBWeRYJMCxUk-DUS7N9CdidVvGVL4105YBzezJjtoHYjmysP1WcWykAzJe0wK6BCtA0kUsSlRZvWnmekylKlWxr-jCCZFt2Sz1AXOqIu03JRFkGmyfgGBQYQXmfpEXUf3wY9CImFEyttBZ5k33Z2KfkFc5v-XZ5IS40qvb6Sy6u6KmPvSZtcV8GQ2FZUvZ9XcbfW90hq6-CK5_HHkSHFaA2t9LEihQObVojjTqYQTVIlU1qOvDJuSZ42kVRmpWsgjpUGtWc9gePPEMlzGh5HG40-SlLFfcx-nF3ildN0BSxkza8ANHpoOuASIsXhVANvYXJidnXBxzEMi5Sy7H6uWsrQewBjJ1C5Sf-MTP2_f7wMwpU52MnWAc9ifLHm9WZPn-NxBEmRNy5WdIOAxaYgKFUkWtzMom8Z98AQYjf5A-5PF34HBa3z3bvW_E5wAChIhWEEcBkf_Hy61rDcdVRUHTtZqBIlyEMjp0
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 1AB3 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1298974&asId=9a84b939-c383-32d0-2f35-37c294808147&tv=%7Bc:ygbzZ9,time:1061,type:e,im:%7Bimprf:%7Bttecl:429,ecd:139,tsecr:131%7D,pci:%7Btdr:569%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1061,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:49,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1053~0%5D,as:%5B1053~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:799,fm:tZVYSKJ+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o.1298974-68196513%7C1o1%7C1o2%7C1o3%7C1o4%7C1p1.1552256-76024099%7C1p11%7C1p12%7C1p131%7C1p141%7C1q%7C1r11%7C1s1%7C1t*.1298974-68196516%7C1t1%7C1t2%7C1t3%7C1u.1298974-68196516,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:51,sis:320%7D&br=c
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 3183 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
Origin
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 21:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64060
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Dec 2023 21:00:37 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 3183 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D3U8cikFGGwDMCLovsgPAI6p6-9ymjY-SzKdrHDl_hpgTHHbPpZiKoxLkkwwVCYrP0Mkpu6tztfY_EnrBdCt6VCQM-0eLBBjOtWCm9ubsurte_ZQADMxi3cWJFBvZMWaqSgJpo3hTZ0I--NTwCVsQr3mVidp6x5lFS46PkiuuNyACPQsE&dbm_d=AKAmf-DTnufQ282rxBMp7wnQXnSS84u28qBYk8iEckNRSVgC_pARC39X5mNFJXCUvvbHaTk8h-KCKyT9NKSzYcj03XS7d7kAwKI01BmEhE6K63YOybAmwee6K9BmwBKQUzGnFc5BHVCj3JEbKa--Vc0nYHuqErWhLQzBoXYQv0hZ80kv8IPkTuqc4ud3haeKwhlV7RXqYHVCY_AMEYCFXUYw3zCNSy8kfyXOVZhdY7YL-5yNgjDlW1QI9sDPkT8AizksK8c2aPpzywcCpqg1n6ZPK9-rEryA-SkVOS6k7Y0c-B5EdiTJvjrWiyCU8zfgA61s6k8K3enzyPBu8tNOwXFv9SuWCaroHgFPm1Xostr1h6QtNmKiaMlU7GyifHeoL4XCdnRuA4ujeQiVQe7SqZjKFiNMjayNRMEH62mN2K266a6HVLkt8rTSZlp8A8F3A_UBjjMo0TRhttR3b9TCiho7duvf5MxloVVYzBPUhbVgWv2pQOf4gKB4Q0l1LaR5pd53fkPj5MrrGkfbonKSUVlbW8baLQmbVzsrtpS6czh8yM8uU7m81tiRtxAwV0ZyXZTbEW3AcXCytPvBTTb6jF9BNlT4MOZpuzTpTsibw9k8-Adi9Fm9t47dZd0eSspAcSY7UTnFACgNtdTfT8-YHwKZK3KICpLbjvmGuzu19x12UFSXPmgxfE1CGvZcsbrTE1Lp0g-1Cnr1nYX9GtAnkCbmxARj9bP2cXDjT0YBU1t_4PJ_PN6zecdmauCtDNK6pCye09p5pjlhRhTZpIbWuKupkJBB_U4cFdaNwlMtu7rKL5iMfZF2284NlHzgLSYV40aEdDIAz1Did505VpE5-UM7hpIpF98DDTN3Yo8ptQ6NjjvFISXsTo-pNeIxN92Ldt7FUuf3I8w85edW0lf7TIxEDEv8j8xo5iu4teYovHfZBYtc9H5k2nKWFky-HUdyKjbm1gD4AmYcbvOAT1RYdFeG9aJDw02X8aQW54WxXA3hY9-orBxj13l6FLrxfSfWahl4ug68IB_XKL8x8NVd1rHeZD44yQtuByNi-S6mBnMlyFoVLmX9kGvdtUrMdf5tZX-JRPiEpngrxUGQPolpNRwEy2on1u8DphtUp2cazwTO_ySCvxgXOCs1uU93oB_a8eIITFWkc_6rYCDSorBjFovlBlmqK_KvWHY-w1HpcBxCM1nOPaBvnci3VfmSTMKro241X3ePreasFRb-GHiUv6P7q-SpG_ZulmK6waH5vy42Ad2CMVkXhoY7tVjhLCnDhKp9iy7PzOFTwAGLF1Qwp-3XayPDIAl7N9VvmBDayGkNEry3-WLQnAeT3F-2tvg1L9m1xy9LEls__WeLmI1gnx-E7KwI0Oe9N6C4sth_nNXrVEjqVFvw8ZegsxB3M8n-KqmYZnb7zFk8jtcvSukR8ov1FMHstc_9a-X1csakSPIPQAS9CHP9yZK9c5YGe44qObGNHs7w3yLUKCB-rWjxQDF_LvRzwT9YVWLbKgiEIabtgQFmynlaFwCb2g4TsEZPbgi03tEkC20rVRmwf_uwqRvxMbA2G1-ycyt0kaTWbkX7YGv0_cy2htHNIbu2bp6W-ODspmxAx-em7Bg6DSjk0Ubl-yW4n5oxrjOac0OiSMv2MKjafNB84tCiMySHVOy49ppvXvnhLqUA0qW5jJI89vsOlxewpyQAHWv78lgm1GqQKXNmfnVdf47Q9SFupIAHmoulNECYahY-PvibSwyQJqBm4bSotvoy8X0fTQpFicq2vquMRIGuIQZlg717Pd8vqjcPDJ5Ltl9XHREnF59ZzkDostmRFwyg7Y8kcc01S6FbFDYcz6jn-tr2kljczy91MwnMEKpAH2-wgvXOx-UhIk0Eh0F8LPcYkrLb0OBc_UcYd-Gco9XCdoRWrL8aQkmg667sH4ijVgJBMiPtJAdB4Gc8cBIeuq2APe6A65Bx6bB4V_kzB49g_k6XxTxZkankinj46Fzuos4xCu40VzEG0Wd_LGumbgKX0w9VVcnoucbBClHGl6VN0Gv605cdspzzAuLCKIVT781ZwlinrhMZG_U3wHTSXV_39W-iNXY7928yVqMShJazpkxQKrRjTmQ2ZQ_4QtjUk1ZVtZHyBEvL75_oqG9m55t-fZrRE22NgLVw7tDaGfTV8qpx0PdZ2gs_L_je8CspKDdFkMGXFogKf-vBAYnafA0nSgbF9xtBIysSzMItsItIWQwhAT3ptpzNoUqs9jXOITu9EZ3M7zYjA0lpFKt8e6Ao63G8vj7-VeWa5wZhapcvFaGE0t9B1JEdFHQ3oJHAnK0eZZsdm60TaO1du04qVKDWGkWoPmbOQSnS6hQjBrdK1f9Dlcit_WX8649kVuYx42iHxNodZnFF_tdcRGLkmpjNy1LRqWbJ0qs38iagJH5MJcX63OBZKvrVb6QFvPzMyX-3JQLOJ60nPiOergH5Nmse2a4n3LUxJalbYgoLrJb7xgtEd0PzbMy3otKO6w1FjPQqkOtE-3SYU7rXklUNsibSK62H0mhMHUG4dE-iyj1ebWb26AKCbJX58OLSgkjZfTnvKFQejg6_08EdKZOIZWm4BsD5dBgpJxB91l_kPm3OgFvdt6vwGqGkk9YrVGkOke9UJsr6cEMKhh1hmWUOoLGkiRFEtRDdu2bhvWpRzFx0pl4hzw_S2UREnY1GAIri9Ymr2QqWtLl8D7UZXeY4j8JBzgXGQRWgSaxKsW0LOol4g2ni-t9fLidXHW-5cEJr8a0PMbUZkH33Al1E8iW_aG3qtMhVYROz6Mrf6hQYkDjMOeuYOFVKdYQS1nmdf7_XqWaOc6dfTmeDic75yrDppmcnPI5WSkd0qk3Z1zaM1Hf3sGcIb4ESRU9p0K4PqFG2tVK4DO3Hfuj5f2_z822rZKEgzRqLOtipZ6DNFbUjodspYGvr1XdeqkOm26oBKVfUMyW0vTZ7RSljnoXczTCMWD5Lmg5xX77KpBWg_asDKqQDi5j_cNhBrrWSnDwWNm1vwH0oLqKBFg-1PF-mZk_dzoTPut3cUhe8VlvqRmq1OdZJ_VIGhzdzV4aA5jzBB1w5IczT7yc3gFQ1aoEexZHC14jbeRDBbRCIsKMwTuVtTcGfLx2nnUhY-4Orbh0kyDIvTsH1n7bDKZQyteYPISSIcFEV-Q6UqfqZ6uEK-r6QdvoZm5D1BekE7dFFWPSHOj6brU8cpxJjeN3ICwHTnsvTPJtOo0x_vNW0085Y8Hdi6E2sd19dAkYa9HSNHf3pa3Yr7h04eYvKlyq68BPK-jkWq_VPs6xB7_AJgmv9vDIOr80sBdSmmsv0DqulZ32gMRMYvBQXco9yYXpVZbCJojsyKLQ5E7MIVKvsosycWmE9c9XW3OjRn9ysiHxooAPalujbXon5kN5nMwhF24GyQOuz6Qk7fQcNq2jhTK5fWLKRVuE76XHvk4aJd1Mn10u9G__WReSUp7xbvKpTBZwbvKtamXCwlKrBpuxae9B4aF2vDgJfPZn-ays0k1ruRSgJ7CJFax0-Q6WSSCAIdhh_pOezcwLZlETcOJZP1n6IERYOxIPIsEKsBbaqzegXrKmR7l9VAX3p4D-4e-H21wcnM8Oo-AIZLjzjgpRtzOoIpVvphxGaJvHmSKgl8CiNhBr0Mm5fwEgBIoY9UWQKdDCQEJk_-oigcQ&pr=101%3A1.51&cid=CAQSYAAvHhf_gCy3DfOk-wC_WUMnps19fBsUIFaEAj-qfoAStcuuwS0wza91jBojx4iT_Z4EZSFqcaLUxjaofGJu0V26r58rnbbLm9HIkTvHUSr2jEMyC-UTNEKLQvJ8fslSKxgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcnz.to%2F&ds=l&xdt=1&iif=1&cor=17808040720498630000&adk=614002379&idt=98&cac=0&dtd=81
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 14:54:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
85999
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 14:54:58 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 3183 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D3U8cikFGGwDMCLovsgPAI6p6-9ymjY-SzKdrHDl_hpgTHHbPpZiKoxLkkwwVCYrP0Mkpu6tztfY_EnrBdCt6VCQM-0eLBBjOtWCm9ubsurte_ZQADMxi3cWJFBvZMWaqSgJpo3hTZ0I--NTwCVsQr3mVidp6x5lFS46PkiuuNyACPQsE&dbm_d=AKAmf-DTnufQ282rxBMp7wnQXnSS84u28qBYk8iEckNRSVgC_pARC39X5mNFJXCUvvbHaTk8h-KCKyT9NKSzYcj03XS7d7kAwKI01BmEhE6K63YOybAmwee6K9BmwBKQUzGnFc5BHVCj3JEbKa--Vc0nYHuqErWhLQzBoXYQv0hZ80kv8IPkTuqc4ud3haeKwhlV7RXqYHVCY_AMEYCFXUYw3zCNSy8kfyXOVZhdY7YL-5yNgjDlW1QI9sDPkT8AizksK8c2aPpzywcCpqg1n6ZPK9-rEryA-SkVOS6k7Y0c-B5EdiTJvjrWiyCU8zfgA61s6k8K3enzyPBu8tNOwXFv9SuWCaroHgFPm1Xostr1h6QtNmKiaMlU7GyifHeoL4XCdnRuA4ujeQiVQe7SqZjKFiNMjayNRMEH62mN2K266a6HVLkt8rTSZlp8A8F3A_UBjjMo0TRhttR3b9TCiho7duvf5MxloVVYzBPUhbVgWv2pQOf4gKB4Q0l1LaR5pd53fkPj5MrrGkfbonKSUVlbW8baLQmbVzsrtpS6czh8yM8uU7m81tiRtxAwV0ZyXZTbEW3AcXCytPvBTTb6jF9BNlT4MOZpuzTpTsibw9k8-Adi9Fm9t47dZd0eSspAcSY7UTnFACgNtdTfT8-YHwKZK3KICpLbjvmGuzu19x12UFSXPmgxfE1CGvZcsbrTE1Lp0g-1Cnr1nYX9GtAnkCbmxARj9bP2cXDjT0YBU1t_4PJ_PN6zecdmauCtDNK6pCye09p5pjlhRhTZpIbWuKupkJBB_U4cFdaNwlMtu7rKL5iMfZF2284NlHzgLSYV40aEdDIAz1Did505VpE5-UM7hpIpF98DDTN3Yo8ptQ6NjjvFISXsTo-pNeIxN92Ldt7FUuf3I8w85edW0lf7TIxEDEv8j8xo5iu4teYovHfZBYtc9H5k2nKWFky-HUdyKjbm1gD4AmYcbvOAT1RYdFeG9aJDw02X8aQW54WxXA3hY9-orBxj13l6FLrxfSfWahl4ug68IB_XKL8x8NVd1rHeZD44yQtuByNi-S6mBnMlyFoVLmX9kGvdtUrMdf5tZX-JRPiEpngrxUGQPolpNRwEy2on1u8DphtUp2cazwTO_ySCvxgXOCs1uU93oB_a8eIITFWkc_6rYCDSorBjFovlBlmqK_KvWHY-w1HpcBxCM1nOPaBvnci3VfmSTMKro241X3ePreasFRb-GHiUv6P7q-SpG_ZulmK6waH5vy42Ad2CMVkXhoY7tVjhLCnDhKp9iy7PzOFTwAGLF1Qwp-3XayPDIAl7N9VvmBDayGkNEry3-WLQnAeT3F-2tvg1L9m1xy9LEls__WeLmI1gnx-E7KwI0Oe9N6C4sth_nNXrVEjqVFvw8ZegsxB3M8n-KqmYZnb7zFk8jtcvSukR8ov1FMHstc_9a-X1csakSPIPQAS9CHP9yZK9c5YGe44qObGNHs7w3yLUKCB-rWjxQDF_LvRzwT9YVWLbKgiEIabtgQFmynlaFwCb2g4TsEZPbgi03tEkC20rVRmwf_uwqRvxMbA2G1-ycyt0kaTWbkX7YGv0_cy2htHNIbu2bp6W-ODspmxAx-em7Bg6DSjk0Ubl-yW4n5oxrjOac0OiSMv2MKjafNB84tCiMySHVOy49ppvXvnhLqUA0qW5jJI89vsOlxewpyQAHWv78lgm1GqQKXNmfnVdf47Q9SFupIAHmoulNECYahY-PvibSwyQJqBm4bSotvoy8X0fTQpFicq2vquMRIGuIQZlg717Pd8vqjcPDJ5Ltl9XHREnF59ZzkDostmRFwyg7Y8kcc01S6FbFDYcz6jn-tr2kljczy91MwnMEKpAH2-wgvXOx-UhIk0Eh0F8LPcYkrLb0OBc_UcYd-Gco9XCdoRWrL8aQkmg667sH4ijVgJBMiPtJAdB4Gc8cBIeuq2APe6A65Bx6bB4V_kzB49g_k6XxTxZkankinj46Fzuos4xCu40VzEG0Wd_LGumbgKX0w9VVcnoucbBClHGl6VN0Gv605cdspzzAuLCKIVT781ZwlinrhMZG_U3wHTSXV_39W-iNXY7928yVqMShJazpkxQKrRjTmQ2ZQ_4QtjUk1ZVtZHyBEvL75_oqG9m55t-fZrRE22NgLVw7tDaGfTV8qpx0PdZ2gs_L_je8CspKDdFkMGXFogKf-vBAYnafA0nSgbF9xtBIysSzMItsItIWQwhAT3ptpzNoUqs9jXOITu9EZ3M7zYjA0lpFKt8e6Ao63G8vj7-VeWa5wZhapcvFaGE0t9B1JEdFHQ3oJHAnK0eZZsdm60TaO1du04qVKDWGkWoPmbOQSnS6hQjBrdK1f9Dlcit_WX8649kVuYx42iHxNodZnFF_tdcRGLkmpjNy1LRqWbJ0qs38iagJH5MJcX63OBZKvrVb6QFvPzMyX-3JQLOJ60nPiOergH5Nmse2a4n3LUxJalbYgoLrJb7xgtEd0PzbMy3otKO6w1FjPQqkOtE-3SYU7rXklUNsibSK62H0mhMHUG4dE-iyj1ebWb26AKCbJX58OLSgkjZfTnvKFQejg6_08EdKZOIZWm4BsD5dBgpJxB91l_kPm3OgFvdt6vwGqGkk9YrVGkOke9UJsr6cEMKhh1hmWUOoLGkiRFEtRDdu2bhvWpRzFx0pl4hzw_S2UREnY1GAIri9Ymr2QqWtLl8D7UZXeY4j8JBzgXGQRWgSaxKsW0LOol4g2ni-t9fLidXHW-5cEJr8a0PMbUZkH33Al1E8iW_aG3qtMhVYROz6Mrf6hQYkDjMOeuYOFVKdYQS1nmdf7_XqWaOc6dfTmeDic75yrDppmcnPI5WSkd0qk3Z1zaM1Hf3sGcIb4ESRU9p0K4PqFG2tVK4DO3Hfuj5f2_z822rZKEgzRqLOtipZ6DNFbUjodspYGvr1XdeqkOm26oBKVfUMyW0vTZ7RSljnoXczTCMWD5Lmg5xX77KpBWg_asDKqQDi5j_cNhBrrWSnDwWNm1vwH0oLqKBFg-1PF-mZk_dzoTPut3cUhe8VlvqRmq1OdZJ_VIGhzdzV4aA5jzBB1w5IczT7yc3gFQ1aoEexZHC14jbeRDBbRCIsKMwTuVtTcGfLx2nnUhY-4Orbh0kyDIvTsH1n7bDKZQyteYPISSIcFEV-Q6UqfqZ6uEK-r6QdvoZm5D1BekE7dFFWPSHOj6brU8cpxJjeN3ICwHTnsvTPJtOo0x_vNW0085Y8Hdi6E2sd19dAkYa9HSNHf3pa3Yr7h04eYvKlyq68BPK-jkWq_VPs6xB7_AJgmv9vDIOr80sBdSmmsv0DqulZ32gMRMYvBQXco9yYXpVZbCJojsyKLQ5E7MIVKvsosycWmE9c9XW3OjRn9ysiHxooAPalujbXon5kN5nMwhF24GyQOuz6Qk7fQcNq2jhTK5fWLKRVuE76XHvk4aJd1Mn10u9G__WReSUp7xbvKpTBZwbvKtamXCwlKrBpuxae9B4aF2vDgJfPZn-ays0k1ruRSgJ7CJFax0-Q6WSSCAIdhh_pOezcwLZlETcOJZP1n6IERYOxIPIsEKsBbaqzegXrKmR7l9VAX3p4D-4e-H21wcnM8Oo-AIZLjzjgpRtzOoIpVvphxGaJvHmSKgl8CiNhBr0Mm5fwEgBIoY9UWQKdDCQEJk_-oigcQ&pr=101%3A1.51&cid=CAQSYAAvHhf_gCy3DfOk-wC_WUMnps19fBsUIFaEAj-qfoAStcuuwS0wza91jBojx4iT_Z4EZSFqcaLUxjaofGJu0V26r58rnbbLm9HIkTvHUSr2jEMyC-UTNEKLQvJ8fslSKxgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcnz.to%2F&ds=l&xdt=1&iif=1&cor=17808040720498630000&adk=614002379&idt=98&cac=0&dtd=81
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 23:42:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
54348
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
server
cafe
etag
16225921609732785849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 23:42:29 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 3183 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 13:17:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
5467
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Dec 2024 13:17:10 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 4E93 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
86651
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 14:44:06 GMT
expires
Sat, 28 Dec 2024 14:44:06 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 4076 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1298974&asId=88d3cac3-bcde-fc25-b33d-6d2dff0a2305&tv=%7Bc:ygbA0e,time:652,type:e,im:%7Bimprf:%7Bttecl:464,ecd:193,tsecr:77%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:653,n:118,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:44,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B111~1%5D,as:%5B111~300.250%5D%7D%7D,%7Bsl:o,t:118,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B535~0%5D,as:%5B535~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:339,fm:tZVYSKJ+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o.1298974-68196513%7C1o1%7C1o2%7C1o3%7C1o4%7C1p1.1552256-76024099%7C1p11%7C1p12%7C1p13%7C1p141%7C1p15%7C1q%7C1r11%7C1s11%7C1s12%7C1s13%7C1s14%7C1t.1298974-68196516%7C1t1%7C1t2%7C1t31%7C1t4%7C1u*.1298974-68196516%7C1u1%7C1u2%7C1u3,idMap:1u*,rmeas:1,rend:1,renddet:IMG.qs,siq:45,sis:315%7D&br=c
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3183 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:48:17 GMT
index.html
s0.2mdn.net/sadbundle/14603044856806826777/ Frame 1397 		98 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
3f01b01e36564401efed719dfd6420d11ae72ffa4b69c951b168211db8b877c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 14:48:17 GMT
expires
Sun, 29 Dec 2024 14:48:17 GMT
last-modified
Tue, 02 Nov 2021 11:04:40 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3183 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssdS814upM63Zj9FSbZ7gKjElIJi2cbw5l6rHBHhDOoGn6zC36O-SqbHU6c1dPDHB1cpiwsnoh8xbXIyvtxGEPbb41nQ1xP4SGT0mIF8nojDjD8QYnlH8un11N6PWmIJ-XnZz9_W3brtLVfN1_ZdbVjHLANrJO9rBg0dFv_5xNl0YM66_7cF0F_P4K1IUfUifAaN23JigLGUm5y6EiHZGjaXpCH5ScN9UC1e3x5jk-a_05PlHAmhpmWeDjhbfrB94CXq1hx19nWr2ZS4Y4jlazc5PmZrWqVFuM-ckojog87dNZOTkRLqBj3Mm0q4M15G0C9YwxoxF1yMR6fJCsbFPog01e3c815_QW7oBMmnw5e5eiZ2NxJPPPJPekLQEOMIaS4_LyNUOH-6XkJse1VFXuz98tWrmyYwNpSQnxjoypAJB3AWwZPHZ6fSCi521HbZbnSTRjw4oHmaQBHG4xEUd2572bwLAWTxRhScSM667hjHo6eNUygQxf7c2fK8EoiP8i1eXUcBr9_9XoE9wQepX1wLKAkV6oU2rC4wyhVGGfordKpX8PxHzn_LMnzU9Eh_HLgb2rJ085kH6ZUa6gTBID7BfS8WFzPBJsXFvQF48ZrvKIQMlF-r4UewlRpLUJSB5PufZgYVIVfpW-QESDnnCJpwTgyHpSevUgq8zwHg8fAk2OrW6Af35Ot20-OkI8e11xlYBcx9UwEtNzwSB5EvGVJV4auVThrCFwtvc_eQnV2_a0O0zqX86xQ1am1SDRfZ1XfO69Wr8bQI86fZc6dK5O3j0YTQFgKjRKxH4bapcFinxQ93n_h42jHyPEB3Vzdj6wyJHPObNFXru_VKEUkZaSywro4PXrwcdVaWG_2IJOkQjQ6nJxjPc2_NTP2ZjG7DsY8Q1oCk8n_fKIqh_AUfVn4czGC6yo23IFOJmAdhR0bBhwrHXI5dx-S8l8wD7mIQDV-E3tVobkqgzzQBEOXRLlmFQHeTtK3DATux1GmhAxMiwod4idgc0VQcDIH9eLdzfO1zjLwO_VQ3XgzV89HS0yhQ3Thkxr4l_HJuckL_eJkHDoVPRiqLyz6pPl6BmoWdzRHf6m5HKMIyVDKbXkveYAzrDaWM04FQv1FKLI3t6CNDEiWUxC3H0EKlnF4veAm5k0t3ExDC2KDPFtrjXbuGrrrJbE3pab8gyAfH6HmvJxhm4kn_3VOh4NKrxrzEEM-eJ-b6oYYrhK2t6OehH5UrFn0P9Tx6yDSEO2A3FQ7ob9oViWaR2CXRZtZGFGWhVe5-IgJjLYAx4ks4YRrtxrqsdz0lLRcUrwCMuDSPxni9cakoscoStuPIv5cLVi6ej-u8BQUQKUkJjvUtCoajTHyTGON8UadxiCAl-MfpsL9v2KJpCekslwdsC5ZDZtv5ni9UaucZx9UJB3cm2OsH2qmNhYqK-23N7xc6TdrOz_jABdpOv1Hrkzy&sai=AMfl-YSGoEWqsAJLdHC5wHgInT_JUuk9B0YDhrlo_fp5gfREDE2BeqG2qHYcPa_L1epQmGz6UyOp7gP5a7Yw7rg2WHS5ITsmyPmoQS5NBC-VZ9VKjR2JLy4-E34IFGQl390flPbEzy63_D5XGB2DZjNEt3Mv2RS6vk1Zjn2a9rN9hKCgJujr-kvHt48P7YVwY-cRH66NxY-FWixaGmdTrBDpqd7d8BcUS90Qzqptbd6ChzS2co0pypCY5zOsyhkAy5fsaIGxpGyATYl-9FtlE_WHBlJKdPAhiQ9gmjH5Dte_K77cb0IlHfeBfcpBgiCOa6ypJmDS3IjfJBcY5RbkGQzQnMb4wQKB61_ztEHeLUWpIOJDPX1Pl8yOsp_cl4BxyF9xwuWEYFn7uSSoXkaQMABaZOfkpiwLBQfN_5es0A&sig=Cg0ArKJSzBBE040A3aLLEAE&uach_m=%5BUACH%5D&pr=101:1.51&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=80&cbvp=1&cstd=70&cisv=r20231207.71717&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 30 Dec 2023 14:48:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame AA3C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1552256&asId=871837eb-91dc-86a4-fc86-9c9b3d1bbaf0&tv=%7Bc:ygbA0W,pingTime:-10,time:1632,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw0ODB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1703947696796%7C%7C226049344b1f7f0f5d24adc497af1e14%7C%7Cf5ef61ca1e560a2377dfd6c236fd3eb9%7C%7C0bf8aabafb8f66b175d98c815eeb66f3%7C%7C541a884a67a533503093db019c781159%7C%7Cdc5148ffba616bb5ca6ec5a424798984%7C%7C0da782e5cc126c2fc531a7e737551114%7C%7C20b1d1adf2c053a0de9ece7c2b83aade%7C%7C1663701684,sca:%7Bspg:408a6d4a-259f-badd-b9cc-791dd0d5ea17%7D,env:%7Bnr_p:1%7D%7D
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 4E93 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 00:06:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
52893
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Dec 2024 00:06:44 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FCD9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfmzT6onEHds6NiO_p2axeyfIcZ5M0Njt22Zc1UdIk7EpY4CJdwdLY2vu5dl7eJJgrPVW8ddwzvXNIuy_RZNdbsJ_CX9hDYMfcgJAGFj4tV09XVArBezKsob9XxmTejIPIU4FIE5kMOlew4dVEcVmy5uLB&sai=AMfl-YQsvCiA8MyrSrvnnliesVV4EJf3u2x6WsxE12-n6qHBfF-1x5To6bSRX74MtTTZaXozr_7BwBzDSvz_V66UUdWpCr9XKnAAu2541UeNCz44zU6vsU0_OKaVGy9p&sig=Cg0ArKJSzKrCvdWGJbW8EAE&cid=CAQSPAAvHhf_IVPcGFqWxvak963xung4hwmk0ZbpiQGdgX4xoYAD3p_C_nZP_HJP3N3MsP3QMe20KN2Xzd9LcxgB&id=lidar2&mcvt=1005&p=817,1100,1417,1400&mtos=0,0,1005,1005,1005&tos=0,0,1005,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=0.64&if=1&vu=1&app=0&itpl=20&adk=3656871219&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703947695474&rpt=1215&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gwdpage_style.css
s0.2mdn.net/sadbundle/14603044856806826777/ Frame 1397 		55 B
104 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14603044856806826777/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 29 Dec 2024 07:03:44 GMT
date
Sat, 30 Dec 2023 07:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27873
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 11:04:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/14603044856806826777/ Frame 1397 		731 B
264 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14603044856806826777/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 29 Dec 2024 07:03:45 GMT
date
Sat, 30 Dec 2023 07:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27872
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 11:04:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gwdgooglead_style.css
s0.2mdn.net/sadbundle/14603044856806826777/ Frame 1397 		24 B
73 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14603044856806826777/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 29 Dec 2024 08:13:24 GMT
date
Sat, 30 Dec 2023 08:13:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23693
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 11:04:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gwdimage_style.css
s0.2mdn.net/sadbundle/14603044856806826777/ Frame 1397 		281 B
188 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14603044856806826777/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 29 Dec 2024 10:59:30 GMT
date
Sat, 30 Dec 2023 10:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13727
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
158
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 11:04:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gwdattached_style.css
s0.2mdn.net/sadbundle/14603044856806826777/ Frame 1397 		26 B
75 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14603044856806826777/gwdattached_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 29 Dec 2024 09:13:24 GMT
date
Sat, 30 Dec 2023 09:13:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20093
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 11:04:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gwdtaparea_style.css
s0.2mdn.net/sadbundle/14603044856806826777/ Frame 1397 		157 B
145 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14603044856806826777/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 29 Dec 2024 13:54:13 GMT
date
Sat, 30 Dec 2023 13:54:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3244
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 11:04:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
googbase_min.js
s0.2mdn.net/sadbundle/14603044856806826777/ Frame 1397 		400 B
311 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14603044856806826777/googbase_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 29 Dec 2024 00:30:47 GMT
date
Sat, 30 Dec 2023 00:30:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51450
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
275
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 11:04:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/14603044856806826777/ Frame 1397 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14603044856806826777/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 26 Dec 2024 12:14:14 GMT
date
Wed, 27 Dec 2023 12:14:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
268443
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6276
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 11:04:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gwdpage_min.js
s0.2mdn.net/sadbundle/14603044856806826777/ Frame 1397 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14603044856806826777/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 29 Dec 2024 00:30:47 GMT
date
Sat, 30 Dec 2023 00:30:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51450
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1308
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 11:04:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/14603044856806826777/ Frame 1397 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14603044856806826777/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 28 Dec 2024 19:37:48 GMT
date
Fri, 29 Dec 2023 19:37:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69029
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3191
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 11:04:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 1397 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 20:46:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64929
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Dec 2023 20:46:08 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/14603044856806826777/ Frame 1397 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14603044856806826777/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 29 Dec 2024 09:23:23 GMT
date
Sat, 30 Dec 2023 09:23:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19494
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4481
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 11:04:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gwdimage_min.js
s0.2mdn.net/sadbundle/14603044856806826777/ Frame 1397 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14603044856806826777/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 25 Dec 2024 22:28:10 GMT
date
Tue, 26 Dec 2023 22:28:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318007
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2014
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 11:04:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gwdattached_min.js
s0.2mdn.net/sadbundle/14603044856806826777/ Frame 1397 		1 KB
629 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14603044856806826777/gwdattached_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 29 Dec 2024 00:06:21 GMT
date
Sat, 30 Dec 2023 00:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52916
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
590
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 11:04:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gwdtexthelper_min.js
s0.2mdn.net/sadbundle/14603044856806826777/ Frame 1397 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14603044856806826777/gwdtexthelper_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 28 Dec 2024 22:04:11 GMT
date
Fri, 29 Dec 2023 22:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60246
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2823
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 11:04:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gwdtaparea_min.js
s0.2mdn.net/sadbundle/14603044856806826777/ Frame 1397 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14603044856806826777/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 28 Dec 2024 18:10:19 GMT
date
Fri, 29 Dec 2023 18:10:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74278
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1356
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 11:04:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gwdgpadataprovider_min.js
s0.2mdn.net/sadbundle/14603044856806826777/ Frame 1397 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14603044856806826777/gwdgpadataprovider_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 22 Dec 2024 16:15:57 GMT
date
Sat, 23 Dec 2023 16:15:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
599540
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1293
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 11:04:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gwddatabinder_min.js
s0.2mdn.net/sadbundle/14603044856806826777/ Frame 1397 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14603044856806826777/gwddatabinder_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 22 Dec 2024 16:37:27 GMT
date
Sat, 23 Dec 2023 16:37:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
598250
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2351
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 11:04:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gwdfontloader_min.js
s0.2mdn.net/sadbundle/14603044856806826777/ Frame 1397 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14603044856806826777/gwdfontloader_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
8e631166725db81a1885cbc3332777d5a2a7d9af0414000c270412c2817a755a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 29 Dec 2024 04:03:23 GMT
date
Sat, 30 Dec 2023 04:03:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2124
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 11:04:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gwd-dynamic-binders.js
s0.2mdn.net/sadbundle/14603044856806826777/ Frame 1397 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14603044856806826777/gwd-dynamic-binders.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 29 Dec 2024 12:40:12 GMT
date
Sat, 30 Dec 2023 12:40:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7685
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9229
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 11:04:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame 23CE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bmy75sC2QZaKkD6qK6toP7KmJmAIAAAAAOAHgBAI&bg=!_f6l_rHNAAY3kmNgF5I7ADQBe5WfOAiZGZRjjMdJowTyCSdcdefgJw4xAzJ0kcOVo-kXy5LeZQMn_j90IEWJiQdgwrjbAgAAAX9SAAAABGgBB5kDRC5aYQANxY4yX8VP9xoMu8woFZCOVzqiHncx8ib7BPz63M1xhgzMYFF3bQIqULb5iCnunk8wxKvfN-g5Iahd00qo1GshLbhp_HwFTLCu0Q4DusrQNcGd_uVRWRm31tdsIdeSH-a51pozx7xW5qElZG3-E3Fedny9PEtJly1yfSqb97AZ9Z2zzdPTuCrqJ7olaLPlqY7OgEAMWJSKlsuIE_e0HvrjbIW54r2il8Eo5y9Yu8XRRhfflgAY8amdPtZXWG_lHyuc_WW4SKHKsa_QXlMAfzlXPSugX6dvh1pZkPU7fzqueqgHhOgcTGG_SNO6JjhPLtP8AmVid3qQvvYIxQb8ddvQYz8HKUCjU82TKUrHeW0MaEo218BBWsor9871gR06t_c6iYlQw8rlwA28rHDFKDNwiWvcSzdxKbUE7zfPXwVwKGsdv5vrc5EVWO7m5DBzjvtKzn7l1AdQiDw3z3LD0JcdMWiNcG3CEN8ZsV0MlM4_SZD4xA1h3xqEJzYWZb1MJ2azunwUK3kjwnEnfwLm_fWM6rIRPuXqgIitaeuDWZqmO7QHmbsmxsr4jLsRjkJ4bdqstHVO6bu0RbQHWURKfVPI26Z1bvaliu2RqzOhwsDKBb_yiZmnbZn-jjx250qexgkfZ-ehFB91dvyH4aH_GFDpc6sr1ReaC2fL6Cv6aj9Jx_mu6NCSuW8iDSpphnssXp7dMJg_C58oo-y8FaILqF2F0dFjN5E6fb0olTZFGiINP-ZWBQMq7GH8q5IBL7GebJRUshnMPTLxJSzW7GyrcuRbt8g2lZw6xfDuTdNGMc44g9jZOHzeKj2wo8nW_kPzQrSyiAA6gvahtYorDmgVBmg_DnjO7bG4hFnpHe-wSI9VqHsvqmpZZjXWKt1lnKCsBxb525KyIsPoXrUMSFe6jxkC2AXnJ0eB_E8joXGWxw0aoU7d3-Z_W8ayBpofHwxVorUSLuY-fxk2TRCvDoquThmbQwbzi_YdriaFz8mINzOXV_XZx-wnmU1Jihc-OfWb4eZN-nMTUEPOxu4PmGy3-6hNUud2MWO3qfd96dyh_6UINNV4j-T5w5BIsaVdJw8iYgQXP1hW9LbPt6G68AeC6Cjd
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 1AB3 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1298974&asId=9a84b939-c383-32d0-2f35-37c294808147&tv=%7Bc:ygbA3a,pingTime:-10,time:1310,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw0ODB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1703947696796%7C%7C226049344b1f7f0f5d24adc497af1e14%7C%7Cf5ef61ca1e560a2377dfd6c236fd3eb9%7C%7C0bf8aabafb8f66b175d98c815eeb66f3%7C%7C541a884a67a533503093db019c781159%7C%7Cdc5148ffba616bb5ca6ec5a424798984%7C%7C0da782e5cc126c2fc531a7e737551114%7C%7C20b1d1adf2c053a0de9ece7c2b83aade%7C%7C1663701684,sca:%7Bspg:408a6d4a-259f-badd-b9cc-791dd0d5ea17%7D%7D
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:17 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
image.jpg
s0.2mdn.net/sadbundle/14603044856806826777/ Frame 1397 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14603044856806826777/image.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
8acc57dd546a438f5fee493fb8f716c243f6c1530fe3c558bdbe1af0ee7c2faf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 29 Dec 2024 07:03:45 GMT
date
Sat, 30 Dec 2023 07:03:45 GMT
x-content-type-options
nosniff
age
27872
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135567
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 11:04:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
FreigSanLFProMed.woff
s0.2mdn.net/creatives/assets/4003215/ Frame 1397 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4003215/FreigSanLFProMed.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
6354c4ec800f1d1d7affba1c099e916ab2c55ecadd4fcbd1493d3a28ab776e41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:46:03 GMT
x-content-type-options
nosniff
age
134
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64700
x-xss-protection
0
last-modified
Mon, 21 Dec 2020 16:10:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Dec 2023 15:01:03 GMT
FreigSanLFProSemBL.woff2
s0.2mdn.net/creatives/assets/3981799/ Frame 1397 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3981799/FreigSanLFProSemBL.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
6fdadaacd40057633d19ce14868b83ab76f781214f860e5b93d5e8f37ba1f606
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14603044856806826777/index.html?e=69&leftOffset=0&topOffset=0&c=sBTUCMBXHj&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:47:48 GMT
x-content-type-options
nosniff
age
29
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25824
x-xss-protection
0
last-modified
Tue, 01 Dec 2020 00:02:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Dec 2023 15:02:48 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1397 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
3356e040e8d1bbe6e865bf0a287f7a8732a4692da0b98e1caba34b0f6a00576e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5852
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3183 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssdS814upM63Zj9FSbZ7gKjElIJi2cbw5l6rHBHhDOoGn6zC36O-SqbHU6c1dPDHB1cpiwsnoh8xbXIyvtxGEPbb41nQ1xP4SGT0mIF8nojDjD8QYnlH8un11N6PWmIJ-XnZz9_W3brtLVfN1_ZdbVjHLANrJO9rBg0dFv_5xNl0YM66_7cF0F_P4K1IUfUifAaN23JigLGUm5y6EiHZGjaXpCH5ScN9UC1e3x5jk-a_05PlHAmhpmWeDjhbfrB94CXq1hx19nWr2ZS4Y4jlazc5PmZrWqVFuM-ckojog87dNZOTkRLqBj3Mm0q4M15G0C9YwxoxF1yMR6fJCsbFPog01e3c815_QW7oBMmnw5e5eiZ2NxJPPPJPekLQEOMIaS4_LyNUOH-6XkJse1VFXuz98tWrmyYwNpSQnxjoypAJB3AWwZPHZ6fSCi521HbZbnSTRjw4oHmaQBHG4xEUd2572bwLAWTxRhScSM667hjHo6eNUygQxf7c2fK8EoiP8i1eXUcBr9_9XoE9wQepX1wLKAkV6oU2rC4wyhVGGfordKpX8PxHzn_LMnzU9Eh_HLgb2rJ085kH6ZUa6gTBID7BfS8WFzPBJsXFvQF48ZrvKIQMlF-r4UewlRpLUJSB5PufZgYVIVfpW-QESDnnCJpwTgyHpSevUgq8zwHg8fAk2OrW6Af35Ot20-OkI8e11xlYBcx9UwEtNzwSB5EvGVJV4auVThrCFwtvc_eQnV2_a0O0zqX86xQ1am1SDRfZ1XfO69Wr8bQI86fZc6dK5O3j0YTQFgKjRKxH4bapcFinxQ93n_h42jHyPEB3Vzdj6wyJHPObNFXru_VKEUkZaSywro4PXrwcdVaWG_2IJOkQjQ6nJxjPc2_NTP2ZjG7DsY8Q1oCk8n_fKIqh_AUfVn4czGC6yo23IFOJmAdhR0bBhwrHXI5dx-S8l8wD7mIQDV-E3tVobkqgzzQBEOXRLlmFQHeTtK3DATux1GmhAxMiwod4idgc0VQcDIH9eLdzfO1zjLwO_VQ3XgzV89HS0yhQ3Thkxr4l_HJuckL_eJkHDoVPRiqLyz6pPl6BmoWdzRHf6m5HKMIyVDKbXkveYAzrDaWM04FQv1FKLI3t6CNDEiWUxC3H0EKlnF4veAm5k0t3ExDC2KDPFtrjXbuGrrrJbE3pab8gyAfH6HmvJxhm4kn_3VOh4NKrxrzEEM-eJ-b6oYYrhK2t6OehH5UrFn0P9Tx6yDSEO2A3FQ7ob9oViWaR2CXRZtZGFGWhVe5-IgJjLYAx4ks4YRrtxrqsdz0lLRcUrwCMuDSPxni9cakoscoStuPIv5cLVi6ej-u8BQUQKUkJjvUtCoajTHyTGON8UadxiCAl-MfpsL9v2KJpCekslwdsC5ZDZtv5ni9UaucZx9UJB3cm2OsH2qmNhYqK-23N7xc6TdrOz_jABdpOv1Hrkzy&sai=AMfl-YSGoEWqsAJLdHC5wHgInT_JUuk9B0YDhrlo_fp5gfREDE2BeqG2qHYcPa_L1epQmGz6UyOp7gP5a7Yw7rg2WHS5ITsmyPmoQS5NBC-VZ9VKjR2JLy4-E34IFGQl390flPbEzy63_D5XGB2DZjNEt3Mv2RS6vk1Zjn2a9rN9hKCgJujr-kvHt48P7YVwY-cRH66NxY-FWixaGmdTrBDpqd7d8BcUS90Qzqptbd6ChzS2co0pypCY5zOsyhkAy5fsaIGxpGyATYl-9FtlE_WHBlJKdPAhiQ9gmjH5Dte_K77cb0IlHfeBfcpBgiCOa6ypJmDS3IjfJBcY5RbkGQzQnMb4wQKB61_ztEHeLUWpIOJDPX1Pl8yOsp_cl4BxyF9xwuWEYFn7uSSoXkaQMABaZOfkpiwLBQfN_5es0A&sig=Cg0ArKJSzBBE040A3aLLEAE&uach_m=%5BUACH%5D&pr=101:1.51&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=367&vt=11&dtpt=287&dett=3&cstd=70&cisv=r20231207.71717&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E93 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BzeTfsS2QZY-fHsOVoPMPqsaOkAgAAAAAOAHgBAI&bg=!UlGlUR7NAAY3kmNgF5I7ADQBe5WfOFs2pcBAH1jBPPjIPefBhggtChr42VyiRaph85h9La1pp-X0Uhe57qdwX-i2r453AgAAAMxSAAAABGgBB5kDzvVamYpvYbVMUkQgChe8hmKkxevkjIVdlysBRI4ib5KilXK8PsunWHDGY3zd41n580FKqK9jQ0_zYEAErtXkVzkIGEWBLM1juHdX_81deyzzIpcuI_cN48CQ1qOQDkIrcRFvej6PgI7VBY_O5d7bsUD-0zzp4w4HH2N9W13uH9kdSEEvJ5fXTDabB4AhnJvdk1VYazRWFb1LAYsbpnRgaNA7VjWDPOtdAspAG3ZfA_Rputs3oaCVOpWgU3LneOREasocl0V836yXwr7WHOQo8RApiipfkk-u5s6H6haFpNSQIJecoMiWd8NtjGA4-onoFuUvPuy4LbNie2qJNqGjDwAX865MZiKNqTXKF8shOqSwopPDtbpuvElHwFJErt5Tvr6NZMRuKYR0DAvhWFk-vwu0lXah1yAuUMNc5WCeTIH_LzMgpNOnzV-D49IEXOCL0Q2rtQkoNBI_BdJkuVWJPcTOSMVCp0uzwrvIOEdeHzWkK6zxrNgaa8hADmgZKRjzKWjT5uF6p3Or_PzcwzEKy1TCRtcSsWPVj7ekJbrE5-6t0zV8Cv08hETbU7BdyGXtGhQDgq1bMQ0Gtl7QXiAcwn9XpzpHOPaK7DNKCf7KJUvvE6B_Yzeml1CdsCLD2W6GpMl3JL_V0H3U_H8tcKFOZkVdd-C6cNUXUkJCe5L_fiO19VHOZ-LweMum4CYiMd0jr73et4aoXGXnM9yY9PQ4k7YQf7p55z-tsC7_KqJRftvRo6G2uINkv8FXtfEWozQevWEonSuafmbKZMdbjObg2RKMk4RaYfvDAe7FnpZldHEWgYy1glmWoPJJ5AFh3hRYwVLwR3MFQ2PAAjMRQrI2BhvEaL8VCaa8eD86Lm0A7Sx-sUqDKCBqX6YVSfBbKsQ8hWjBsE4KA0mJz1-Du7nAjvOWuJvvqG5ChFpGLDYvuG9h4hX4kIDgP3rY9wwPJmVQKl1a4KMWnJ50ZMlZAA7cQpCarSjNDhV6tLwi7KKi1E0bRC_7DA4PKAN9hxLb85vBZf7hCxTySAsMiyf5P4Jy86mFQuNhoPwKFoMcI77KpchQ__IAZashRMwornwsd4iONqxNkAtHN1gQHBCOVLv6WB-BCn33F3piXBHpBA78sEJsx-YRUEpCV9545TNy8AwRftc5mM1UgETJ3sJiRCblozb6Qhsg9UJPmsrg66jLd2gpYrnknltNv-3aquubW9-lEj2EbiL7EqUcnOps-awmmVXVMN1RUULvf0Zme7UwIDPQw8Z7QF3V11I3XcKIta5TsWRuXXtBCqpQTSxU6-AO
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1397 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 30 Dec 2023 14:48:18 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame A470 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 00:06:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
52894
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Dec 2024 00:06:44 GMT
dt
dt.adsafeprotected.com/ Frame FCD9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1298974&asId=408a6d4a-259f-badd-b9cc-791dd0d5ea17&tv=%7Bc:ygbA9k,pingTime:1,time:2241,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:28%7D,%7Bpiv:64,vs:pp,r:,t:1234%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1234,n:0,pp:1007,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1227~0,0~50%5D,as:%5B1227~300.600%5D%7D%7D,%7Bsl:pp,t:1234,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:64,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1006~50%5D,as:%5B1006~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:1488,fm:tZVYSKJ+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o*.1298974-68196513%7C1o1%7C1o2%7C1o31%7C1p1.1552256-76024099%7C1p11%7C1q%7C1r%7C1t.1298974-68196516%7C1u.1298974-68196516,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:29,sis:283%7D&br=c
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:18 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
usync.js
eus.rubiconproject.com/ Frame 39E2 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d749a992f0eb365b9a7f569f47bce5d5a4bbfbf0f977d3e9eef2c51bd990d1f0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 14:48:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Dec 2023 19:15:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=16024
Connection
keep-alive
Content-Length
13174
Expires
Sat, 30 Dec 2023 19:15:22 GMT
usync.js
eus.rubiconproject.com/ Frame 658D 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d749a992f0eb365b9a7f569f47bce5d5a4bbfbf0f977d3e9eef2c51bd990d1f0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 14:48:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Dec 2023 19:15:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=16024
Connection
keep-alive
Content-Length
13174
Expires
Sat, 30 Dec 2023 19:15:22 GMT
usync.js
eus.rubiconproject.com/ Frame 65CD 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d749a992f0eb365b9a7f569f47bce5d5a4bbfbf0f977d3e9eef2c51bd990d1f0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 14:48:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Dec 2023 19:15:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=16024
Connection
keep-alive
Content-Length
13174
Expires
Sat, 30 Dec 2023 19:15:22 GMT
khaos.json
token.rubiconproject.com/ Frame 39E2 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LQS6GMOO-13-GYA2
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
khaos.json
token.rubiconproject.com/ Frame 658D 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LQS6GMOO-13-GYA2
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
Expires
0
usersync
usersync.gumgum.com/ Frame 39E2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LQS6GMOO-13-GYA2
  • https://usersync.gumgum.com/usersync?b=mag&i=LQS6GMOO-13-GYA2
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LQS6GMOO-13-GYA2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LQS6GMOO-13-GYA2
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
dt
dt.adsafeprotected.com/ Frame 4076 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1298974&asId=88d3cac3-bcde-fc25-b33d-6d2dff0a2305&tv=%7Bc:ygbAit,pingTime:-10,time:1783,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw0ODB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1703947696796%7C%7C226049344b1f7f0f5d24adc497af1e14%7C%7Cf5ef61ca1e560a2377dfd6c236fd3eb9%7C%7C0bf8aabafb8f66b175d98c815eeb66f3%7C%7C541a884a67a533503093db019c781159%7C%7Cdc5148ffba616bb5ca6ec5a424798984%7C%7C0da782e5cc126c2fc531a7e737551114%7C%7C20b1d1adf2c053a0de9ece7c2b83aade%7C%7C1663701684,sca:%7Bspg:408a6d4a-259f-badd-b9cc-791dd0d5ea17%7D%7D
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:18 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
xuid
eb2.3lift.com/ Frame 1CBC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=ae9fa611-1916-4d55-ab82-f7eea3328191&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=ae9fa611-1916-4d55-ab82-f7eea3328191&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 30 Dec 2023 14:48:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=ae9fa611-1916-4d55-ab82-f7eea3328191&dongle=0cfd&gdpr=0&gdpr_consent=
date
Sat, 30 Dec 2023 14:48:19 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame 1CBC
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzYxMDMzMTExMjIyNDE4MTQyMjQzOQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 1CBC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFSRgmuNaKFYcZuqUDjuqcs&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFSRgmuNaKFYcZuqUDjuqcs&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 30 Dec 2023 14:48:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFSRgmuNaKFYcZuqUDjuqcs&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1CBC
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzYxMDMzMTExMjIyNDE4MTQyMjQzOQ%3D%3D
170 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzYxMDMzMTExMjIyNDE4MTQyMjQzOQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzYxMDMzMTExMjIyNDE4MTQyMjQzOQ%3D%3D
date
Sat, 30 Dec 2023 14:48:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 1CBC 		0
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2481727213954917509772&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:19 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E758B3BAC4E24AE1B4B5B659AF24C1C5 Ref B: EWR311000104021 Ref C: 2023-12-30T14:48:19Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNuz1bw5KxM4Ur1YsEqA==
xuid
eb2.3lift.com/ Frame 1CBC
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2481727213954917509772?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-8fPEIiJE2oSiQdJQoiKLGb_tiCrLnIzyMJ5v6xYXKQ--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-8fPEIiJE2oSiQdJQoiKLGb_tiCrLnIzyMJ5v6xYXKQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 30 Dec 2023 14:48:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 30 Dec 2023 14:48:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-8fPEIiJE2oSiQdJQoiKLGb_tiCrLnIzyMJ5v6xYXKQ--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 1CBC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2481727213954917509772&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=triplelift&bsw_custom_parameter=1b5adac0-e56f-4876-8fdb-b83d18162df4
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=f97c712f-8434-4736-8165-dff7fb9eb5a8&ssp=triplelift&bsw_param=1b5adac0-e56f-4876-8fdb-b83d18162df4
  • https://eb2.3lift.com/xuid?mid=2409&xuid=1b5adac0-e56f-4876-8fdb-b83d18162df4&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=1b5adac0-e56f-4876-8fdb-b83d18162df4&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 30 Dec 2023 14:48:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=1b5adac0-e56f-4876-8fdb-b83d18162df4&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sat, 30 Dec 2023 14:48:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 1CBC
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=b88e34e8-ef93-4d51-afac-7b807bd1ac74&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=b88e34e8-ef93-4d51-afac-7b807bd1ac74&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 30 Dec 2023 14:48:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:18 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=b88e34e8-ef93-4d51-afac-7b807bd1ac74&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
770974
content-length
0
expires
Sat, 30 Dec 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 1CBC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2896712593121374864&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=2896712593121374864&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 30 Dec 2023 14:48:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:19 GMT
an-x-request-uuid
ce67b815-7c7d-46ed-9ce9-da9017a20078
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=2896712593121374864&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
185.213.80.43; 185.213.80.43; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 1CBC 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=2481727213954917509772
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:19 GMT
an-x-request-uuid
12472599-19ae-42d1-8485-cbb8e21b894c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
185.213.80.43; 185.213.80.43; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E290 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=56244652&p=157108&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0b3726ec900826d08eb02b76e62bafc5442a32809003c76b43a8268876fc4d1d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 30 Dec 2023 14:48:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dcm
s.amazon-adsystem.com/ Frame 668C 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=972AF3CC-0F5F-44DC-A166-D97F871E6350&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 30 Dec 2023 14:48:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
JC4DSNSS69FRJ0YJTWYN
Pug
image2.pubmatic.com/AdServer/ Frame DAC0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDVnQwN0xJRnNBQUJPaWJ3M1p3UQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AACVt07LIFsAABOibw3ZwQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACVt07LIFsAABOibw3ZwQ&pid=558502&do=add&gdpr=0
  • https://sync.technoratimedia.com/services?uid=AACVt07LIFsAABOibw3ZwQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_curren...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3D2256C19F18EE421DAF857A505503C3B3%26att%3D1%26pid%3D82%26cb%3Dhttps%...
  • https://sync.technoratimedia.com/services?srv=cs&nuid=2256C19F18EE421DAF857A505503C3B3&att=1&pid=82&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACVt07LIFsAABOibw3ZwQ&gdpr=0
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACVt07LIFsAABOibw3ZwQ&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sat, 30 Dec 2023 14:48:22 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACVt07LIFsAABOibw3ZwQ&gdpr=0
strict-transport-security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 2A75
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_cb216b4e293447c4b00c9
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_cb216b4e293447c4b00c9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Sat, 30 Dec 2023 14:48:19 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_cb216b4e293447c4b00c9
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame 3506
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2896712593121374864&gdpr=0&gdpr_consent=
42 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2896712593121374864&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 04:25:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
649262f8-5028-4669-b161-4f710d1f7a70
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sat, 30 Dec 2023 14:48:20 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2896712593121374864&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
185.213.80.43; 185.213.80.43; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
redirect
exchange.mediavine.com/usersync/ Frame 88D7 		0
185 B 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=pubmatic&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=972AF3CC-0F5F-44DC-A166-D97F871E6350
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.254.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-254-189.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 30 Dec 2023 14:48:20 GMT
vary
Origin, Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E290
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lyrzzA9fRNyhZtl_hx5jUA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Server
23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-57-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:20 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=74432
accept-ranges
bytes
content-length
5622
expires
Sun, 31 Dec 2023 11:28:52 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame E290
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=972AF3CC-0F5F-44DC-A166-D97F871E6350
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=7457a107-ff24-47bb-9883-05820d7eb0cc%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ae9fa611-1916-4d55-ab82-f7eea3328191&ttd_puid=7457a107-ff24-47bb-9883-05820d7eb0cc%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ae9fa611-1916-4d55-ab82-f7eea3328191&ttd_puid=7457a107-ff24-47bb-9883-05820d7eb0cc%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:20 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ae9fa611-1916-4d55-ab82-f7eea3328191&ttd_puid=7457a107-ff24-47bb-9883-05820d7eb0cc%2C%2C
date
Sat, 30 Dec 2023 14:48:20 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame E290 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20972AF3CC-0F5F-44DC-A166-D97F871E6350&rnd=RND
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame E290 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=972AF3CC-0F5F-44DC-A166-D97F871E6350&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 30 Dec 2023 14:48:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame E290
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELC1147cEPZgZr4tdYuCOrA&google_cver=1
42 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELC1147cEPZgZr4tdYuCOrA&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELC1147cEPZgZr4tdYuCOrA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E290
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D42EFDD7087845AF9680AB8957760C74
42 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D42EFDD7087845AF9680AB8957760C74
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sat, 30 Dec 2023 14:48:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D42EFDD7087845AF9680AB8957760C74
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 29 Dec 2023 14:48:20 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E290
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ae9fa611-1916-4d55-ab82-f7eea3328191&gdpr=0&gdpr_consent=
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ae9fa611-1916-4d55-ab82-f7eea3328191&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ae9fa611-1916-4d55-ab82-f7eea3328191&gdpr=0&gdpr_consent=
date
Sat, 30 Dec 2023 14:48:20 GMT
server
Kestrel
content-length
355
972AF3CC-0F5F-44DC-A166-D97F871E6350
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E290 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/972AF3CC-0F5F-44DC-A166-D97F871E6350?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.225.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-225-85.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame E290 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=972AF3CC-0F5F-44DC-A166-D97F871E6350&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame E290
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5424119b-601b-4303-9302-c674017cde11&gdpr=0&gdpr_consent=
1 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5424119b-601b-4303-9302-c674017cde11&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 30 Dec 2023 14:48:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5424119b-601b-4303-9302-c674017cde11&gdpr=0&gdpr_consent=
Date
Sat, 30 Dec 2023 14:48:21 GMT
Connection
keep-alive
X-CI-RTID
a1f0e637-dd8f-4bf2-91e7-dead8e1b6512
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame E290
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=972AF3CC-0F5F-44DC-A166-D97F871E6350&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=738f4e19a30e11d9&is_secure=true&networkId=17100&version=1&nuid=972AF3CC-0F5F-44DC-A166-D97F871E6350&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGYvwrWNKbyQNgAyp-AAAAAAA&expiration=1704034100&nuid=972AF3CC-0F5F-44DC-A166-D97F871E6350&...
42 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGYvwrWNKbyQNgAyp-AAAAAAA&expiration=1704034100&nuid=972AF3CC-0F5F-44DC-A166-D97F871E6350&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:20 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGYvwrWNKbyQNgAyp-AAAAAAA&expiration=1704034100&nuid=972AF3CC-0F5F-44DC-A166-D97F871E6350&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sn.ashx
pmp.mxptint.net/ Frame E290
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA5_10E820E69_24EE407E&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
HTTP/1.1
Server
38.68.201.140 Ashburn, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-386952500; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Sat, 30 Dec 2023 14:48:20 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-386952500; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Sat, 30 Dec 2023 14:48:20 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ Frame AA3C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1552256&asId=871837eb-91dc-86a4-fc86-9c9b3d1bbaf0&tv=%7Bc:ygbASd,time:4935,type:e,im:%7Bpci:%7Btdr:4884%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:4935,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.320.100,am:i,cc:NaN.NaN.320.100,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B4929~0%5D,as:%5B4929~320.100%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:139,fm:tZVYSKJ+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o.1298974-68196513%7C1o1%7C1o2%7C1o31%7C1o4%7C1p1*.1552256-76024099%7C1p11%7C1q%7C1r1%7C1t.1298974-68196516%7C1u.1298974-68196516,idMap:1p1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:27,sis:322%7D&br=c
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:21 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
butler
b.sharethrough.com/ Frame 203A 		95 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.sharethrough.com/butler?type=jsTrackerFailedToLoad&arid=cb3146ea-629a-4dcc-a98c-e1f8de1e9547&pkey=k4kjjO3O7TJj3fjbf3yufYeA&supplyId=47b99924&tkey=300x600&ckey=17CzF5ktQoN1vCLa3wP58vYU-418954249&umtime=1703947701250&sources=https%3A%2F%2Fs.update.sharethru.com%2F2%2F673815%2Fanalytics.js%3Fdt%3D6738151684949532477000%26di%3Dcnz.to%26pd%3Davt%26ac%3D14723314503%26pv%3D3418458a-e2ec-40b7-bf58-fbc57152df48%26to%3D3%26pp%3D47b99924%26sr%3Dsharethrough.com%26si%3Dk4kjjO3O7TJj3fjbf3yufYeA%26c1%3Dk4kjjO3O7TJj3fjbf3yufYeA%26ti%3Dcb3146ea-629a-4dcc-a98c-e1f8de1e9547%26de%3D2%26md%3D1&action=banner&awid=f7ec18a6-b0e7-4340-9c8a-7ab9d5cf3eb1&sourceId=17CzF5ktQoN1vCLa3wP58vYU&renderEnv=safeframe&version=gc-1097-e5d911a1
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.184.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-184-111.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:59:55 GMT
via
1.1 7c6d67660968d7bc9fe1773f0d83dce2.cloudfront.net (CloudFront)
last-modified
Fri, 12 May 2023 13:28:48 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P2
age
67707
x-amz-server-side-encryption
AES256
etag
"71a50dbba44c78128b221b7df7bb51f1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
Uxvj_bB3P5YSr2J-GLYeOrm0k25oj70IMEdBiqbD2i4q7_BCWZQawg==
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA3C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3009248525403&version=m202309260101&ct=76&x=13&cor=1803497362811815700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AA3C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3g0CaOVGUBxsagFz4ubPHdfW2hIOLAfyWsomjCwyOYd-p4mqBPrEW4Wr32WGDG7lZwBpTUsRcjHc7yaNmTrrqIhdSrmokE4UQW8CaA8h2WXr5smYRLIyNIkeaZDc&sig=Cg0ArKJSzIo2D0D5eacdEAE&id=lidar2&mcvt=1039&p=0,0,100,320&mtos=1039,1039,1039,1039,1039&tos=1039,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=2107871143&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703947695785&rpt=5204&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.update.sharethru.com/2/2.115.0/673815/AnYkryUHBBOM5Nl7/ Frame 203A 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.sharethru.com/2/2.115.0/673815/AnYkryUHBBOM5Nl7/postback?oz_pl=1&dt=6738151684949532477000&ac=14723314503&sr=sharethrough.com&c1=k4kjjO3O7TJj3fjbf3yufYeA&de=2&pd=avt&pv=3418458a-e2ec-40b7-bf58-fbc57152df48&to=3&di=cnz.to&pp=47b99924&si=k4kjjO3O7TJj3fjbf3yufYeA&ti=cb3146ea-629a-4dcc-a98c-e1f8de1e9547&md=1&ci=673815&psv=2.115.0&_x=1
Requested by
Host: s.update.sharethru.com
URL: https://s.update.sharethru.com/2/673815/analytics.js?dt=6738151684949532477000&di=cnz.to&pd=avt&ac=14723314503&pv=3418458a-e2ec-40b7-bf58-fbc57152df48&to=3&pp=47b99924&sr=sharethrough.com&si=k4kjjO3O7TJj3fjbf3yufYeA&c1=k4kjjO3O7TJj3fjbf3yufYeA&ti=cb3146ea-629a-4dcc-a98c-e1f8de1e9547&de=2&md=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.93.69.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-69-72.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 30 Dec 2023 14:48:21 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.update.sharethru.com/2/2.115.0/ Frame 203A 		143 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.sharethru.com/2/2.115.0/main.js
Requested by
Host: s.update.sharethru.com
URL: https://s.update.sharethru.com/2/673815/analytics.js?dt=6738151684949532477000&di=cnz.to&pd=avt&ac=14723314503&pv=3418458a-e2ec-40b7-bf58-fbc57152df48&to=3&pp=47b99924&sr=sharethrough.com&si=k4kjjO3O7TJj3fjbf3yufYeA&c1=k4kjjO3O7TJj3fjbf3yufYeA&ti=cb3146ea-629a-4dcc-a98c-e1f8de1e9547&de=2&md=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.93.69.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-69-72.compute-1.amazonaws.com
Software
/
Resource Hash
a630291d728d2fe86b14f8c6c4fddfcc89773ebc5336bf4f693f90e8644ffbd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 14:48:21 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin
*
Content-Length
46499
Expires
Tue, 07 Sep 2055 16:30:41 GMT
postback
s.update.sharethru.com/2/2.115.0/673815/AnYkryUHBBOM5Nl7/ Frame 203A 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.sharethru.com/2/2.115.0/673815/AnYkryUHBBOM5Nl7/postback?oz_pl=1&dt=6738151684949532477000&ac=14723314503&sr=sharethrough.com&c1=k4kjjO3O7TJj3fjbf3yufYeA&de=2&pd=avt&pv=3418458a-e2ec-40b7-bf58-fbc57152df48&to=3&di=cnz.to&pp=47b99924&si=k4kjjO3O7TJj3fjbf3yufYeA&ti=cb3146ea-629a-4dcc-a98c-e1f8de1e9547&md=1&ci=673815&psv=2.115.0&_x=1
Requested by
Host: s.update.sharethru.com
URL: https://s.update.sharethru.com/2/673815/analytics.js?dt=6738151684949532477000&di=cnz.to&pd=avt&ac=14723314503&pv=3418458a-e2ec-40b7-bf58-fbc57152df48&to=3&pp=47b99924&sr=sharethrough.com&si=k4kjjO3O7TJj3fjbf3yufYeA&c1=k4kjjO3O7TJj3fjbf3yufYeA&ti=cb3146ea-629a-4dcc-a98c-e1f8de1e9547&de=2&md=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.93.69.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-69-72.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 30 Dec 2023 14:48:21 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.sharethru.com/2/2.115.0/673815/AnYkryUHBBOM5Nl7/ Frame 203A 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.sharethru.com/2/2.115.0/673815/AnYkryUHBBOM5Nl7/postback?dt=6738151684949532477000&ac=14723314503&sr=sharethrough.com&c1=k4kjjO3O7TJj3fjbf3yufYeA&de=2&pd=avt&pv=3418458a-e2ec-40b7-bf58-fbc57152df48&to=3&di=cnz.to&pp=47b99924&si=k4kjjO3O7TJj3fjbf3yufYeA&ti=cb3146ea-629a-4dcc-a98c-e1f8de1e9547&md=1&ci=673815&sid=AnYkryUHBBOM5Nl7&oz_sc=a7277dc1a7d62cb3ed64be28&oz_df=1703947702242&oz_l=3654&cv=3
Requested by
Host: s.update.sharethru.com
URL: https://s.update.sharethru.com/2/2.115.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.93.69.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-69-72.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 30 Dec 2023 14:48:21 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
dt
dt.adsafeprotected.com/ Frame FCD9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1298974&asId=408a6d4a-259f-badd-b9cc-791dd0d5ea17&tv=%7Bc:ygbBc2,pingTime:5,time:6253,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:28%7D,%7Bpiv:64,vs:pp,r:,t:1234%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1234,n:0,pp:5019,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1227~0,0~50%5D,as:%5B1227~300.600%5D%7D%7D,%7Bsl:pp,t:1234,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:64,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5018~50%5D,as:%5B5018~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:90,fm:tZVYSKJ+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o*.1298974-68196513%7C1o1%7C1o2%7C1o31%7C1p1.1552256-76024099%7C1p11%7C1q%7C1r%7C1t.1298974-68196516%7C1u.1298974-68196516,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:29,sis:283%7D&br=c
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:22 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3183 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9492893059766&version=m202309260101&ct=76&x=101&cor=17808040720498630000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag
pandg.tapad.com/ Frame 6302
Redirect Chain
  • https://feed.pghub.io/tag?us_privacy=1---&referrer_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&page_url=https%3A%...
  • https://pandg.tapad.com/tag?us_privacy=1---&referrer_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&page_url=https%3...
13 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pandg.tapad.com/tag?us_privacy=1---&referrer_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&page_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&owner=P%26G&bp_id=sharethrough&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-security-policy
default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
content-type
text/html;charset=utf-8
date
Sat, 30 Dec 2023 14:48:22 GMT
server
Jetty(11.0.13)
strict-transport-security
max-age=31536000
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-length
0
date
Sat, 30 Dec 2023 14:48:22 GMT
location
https://pandg.tapad.com/tag?us_privacy=1---&referrer_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&page_url=https%3A%2F%2F8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&owner=P%26G&bp_id=sharethrough&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js
server
Jetty(11.0.13)
strict-transport-security
max-age=31536000
via
1.1 google
f62ebd46-1331-453a-94ee-ff32f92978d8
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/ Frame 203A 		817 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/f62ebd46-1331-453a-94ee-ff32f92978d8
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce1fbfa5046f54fb3cafdf7b6cbe0bb4cffd07d87a5545d779d35587ab11e75e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
817
Content-Type
18ecce90-5884-4fad-8f6d-39522defdc2d
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/ Frame 3591 		186 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/18ecce90-5884-4fad-8f6d-39522defdc2d
Requested by
Host: 8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
URL: https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
186
Content-Type
application/javascript
postback
s.update.sharethru.com/2/2.115.0/673815/AnYkryUHBBOM5Nl7/ Frame 203A 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.sharethru.com/2/2.115.0/673815/AnYkryUHBBOM5Nl7/postback?dt=6738151684949532477000&ac=14723314503&sr=sharethrough.com&c1=k4kjjO3O7TJj3fjbf3yufYeA&de=2&pd=avt&pv=3418458a-e2ec-40b7-bf58-fbc57152df48&to=3&di=cnz.to&pp=47b99924&si=k4kjjO3O7TJj3fjbf3yufYeA&ti=cb3146ea-629a-4dcc-a98c-e1f8de1e9547&md=1&ci=673815&sid=AnYkryUHBBOM5Nl7&oz_sc=a7277dc1a7d62cb3ed64be28&oz_df=1703947702517&oz_l=13420&cv=3
Requested by
Host: s.update.sharethru.com
URL: https://s.update.sharethru.com/2/2.115.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.93.69.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-69-72.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 30 Dec 2023 14:48:21 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
dt
dt.adsafeprotected.com/ Frame AA3C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1552256&asId=871837eb-91dc-86a4-fc86-9c9b3d1bbaf0&tv=%7Bc:ygbBjm,pingTime:1,time:6618,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:320,h:100,t:26%7D,%7Bpiv:100,vs:i,r:,t:5610%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1008,o:5610,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.320.100,am:i,cc:NaN.NaN.320.100,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5603~0,1~100%5D,as:%5B5604~320.100%5D%7D%7D,%7Bsl:i,t:5610,wc:0.0.1600.1200,ac:NaN.NaN.320.100,am:i,cc:NaN.NaN.320.100,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1007~100%5D,as:%5B1007~320.100%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:90,fm:tZVYSKJ+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o.1298974-68196513%7C1o1%7C1o2%7C1o31%7C1o4%7C1p1*.1552256-76024099%7C1p11%7C1q%7C1r1%7C1t.1298974-68196516%7C1u.1298974-68196516,idMap:1p1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:27,sis:322%7D&br=c
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:22 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame AA3C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1552256&asId=871837eb-91dc-86a4-fc86-9c9b3d1bbaf0&tv=%7Bc:ygbBjn,pingTime:1,time:6619,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:320,h:100,t:26%7D,%7Bpiv:100,vs:i,r:,t:5610%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1009,o:5610,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.320.100,am:i,cc:NaN.NaN.320.100,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5603~0,1~100%5D,as:%5B5604~320.100%5D%7D%7D,%7Bsl:i,t:5610,wc:0.0.1600.1200,ac:NaN.NaN.320.100,am:i,cc:NaN.NaN.320.100,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1008~100%5D,as:%5B1008~320.100%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:90,fm:tZVYSKJ+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o.1298974-68196513%7C1o1%7C1o2%7C1o31%7C1o4%7C1p1*.1552256-76024099%7C1p11%7C1q%7C1r1%7C1t.1298974-68196516%7C1u.1298974-68196516,idMap:1p1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:27,sis:322%7D&br=c
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.82.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-82-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:22 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
SPug
simage4.pubmatic.com/AdServer/ Frame E290 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157108&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame CAD9 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=84830027&p=157108&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157108&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b3eac4dfed5ce47afaf90abe1c144b793ff97fd2bac73c7c771eed49b8a09643

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 30 Dec 2023 14:48:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 8402 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=46120538&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
61de4cb1cdf16e28d1c3abc370502f2c18b4522bc1210d40f29b07c1dc84e857

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 30 Dec 2023 14:48:22 GMT
content-length
2016
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame A926 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=797571&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
61de4cb1cdf16e28d1c3abc370502f2c18b4522bc1210d40f29b07c1dc84e857

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 29 Dec 2023 15:19:31 GMT
content-length
2016
content-type
text/html; charset=UTF-8
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 62E1 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157108&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sat, 30 Dec 2023 14:48:23 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12822-YUL
x-timer
S1703947704.808552,VS0,VE14
Pug
image2.pubmatic.com/AdServer/ Frame 2C28
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-LAf9PzhR6DjsxWh9rML_PjjEPLjtUTzqOPEnCuX
42 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-LAf9PzhR6DjsxWh9rML_PjjEPLjtUTzqOPEnCuX
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157108&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sat, 30 Dec 2023 14:48:23 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-LAf9PzhR6DjsxWh9rML_PjjEPLjtUTzqOPEnCuX
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 24BD
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7ba6d1fc-a722-11ee-bdda-0ac735083d6b
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7ba6d1fc-a722-11ee-bdda-0ac735083d6b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157108&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Sat, 30 Dec 2023 14:48:24 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7ba6d1fc-a722-11ee-bdda-0ac735083d6b
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-7
sync
sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/ Frame 99E6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=0&gdpr_consent=&gdpr_pd=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 8B89
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188723640060651
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188723640060651
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157108&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sat, 30 Dec 2023 14:48:23 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188723640060651
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame D1C7
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=nBW3J1V4X1FJS-QQH9TL4bnVUCs&gdpr=0&gdpr_consent=
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=nBW3J1V4X1FJS-QQH9TL4bnVUCs&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157108&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sat, 30 Dec 2023 14:48:23 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=nBW3J1V4X1FJS-QQH9TL4bnVUCs&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 4FD7
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:IwFXRTno1RjADq5&gdpr=0&gdpr_consent=
42 B
221 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:IwFXRTno1RjADq5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157108&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 30 Dec 2023 14:48:23 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:IwFXRTno1RjADq5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0cbc67370dba70ec4@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
i.match
a.tribalfusion.com/ Frame 9C92 		43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157108&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.173 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
83db155cfd3f36ae-YYZ
content-length
43
content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:23 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 38E1
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=f97c712f-8434-4736-8165-dff7fb9eb5a8&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=972AF3CC-0F5F-44DC-A166-D97F871E6350
42 B
515 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=972AF3CC-0F5F-44DC-A166-D97F871E6350
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157108&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.0.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-0-32.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Sat, 30 Dec 2023 14:48:24 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 30 Dec 2023 14:48:23 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=972AF3CC-0F5F-44DC-A166-D97F871E6350
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
insync
thrtle.com/ Frame CAD9
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=972AF3CC-0F5F-44DC-A166-D97F871E6350&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=972AF3CC-0F5F-44DC-A166-D97F871E6350&vxii_pid=12&vxii_pid1=10067&vxii_rcid=54fa1451-1f39-45d4-b813-a9d7252af799
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=972AF3CC-0F5F-44DC-A166-D97F871E6350&vxii_pid=12&vxii_pid1=10067&vxii_rcid=54fa1451-1f39-45d4-b813-a9d7252af799
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Server
54.158.15.169 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Sat, 30 Dec 2023 14:48:23 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=972AF3CC-0F5F-44DC-A166-D97F871E6350&vxii_pid=12&vxii_pid1=10067&vxii_rcid=54fa1451-1f39-45d4-b813-a9d7252af799
date
Sat, 30 Dec 2023 14:48:23 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame CAD9 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=972AF3CC-0F5F-44DC-A166-D97F871E6350&gdpr=0&gdpr_consent=
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame CAD9 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=972AF3CC-0F5F-44DC-A166-D97F871E6350&gdpr=0&gdpr_consent=
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.28.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-28-76.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:23 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame CAD9 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=972AF3CC-0F5F-44DC-A166-D97F871E6350&gdpr=0&gdpr_consent=
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.26.141 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 30 Dec 2023 14:48:23 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame CAD9 		0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.44.12 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:23 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CAD9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4241110474002595656&gdpr=0&gdpr_consent=&us_privacy=
1 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4241110474002595656&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 30 Dec 2023 04:26:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4241110474002595656&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 30 Dec 2023 14:48:23 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame CAD9
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ea0cb69f-fd08-4957-b853-f508bc735d02-65902db0-5553&gdpr=0&gdpr_consent=
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ea0cb69f-fd08-4957-b853-f508bc735d02-65902db0-5553&gdpr=0&gdpr_consent=
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:23 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ea0cb69f-fd08-4957-b853-f508bc735d02-65902db0-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
insync
thrtle.com/ Frame 8402
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=972AF3CC-0F5F-44DC-A166-D97F871E6350&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=972AF3CC-0F5F-44DC-A166-D97F871E6350&vxii_pid=12&vxii_pid1=10067&vxii_rcid=bdecbb53-7e7b-4d70-8027-cceca8fd54ee
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=972AF3CC-0F5F-44DC-A166-D97F871E6350&vxii_pid=12&vxii_pid1=10067&vxii_rcid=bdecbb53-7e7b-4d70-8027-cceca8fd54ee
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
H2
Server
54.158.15.169 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Sat, 30 Dec 2023 14:48:23 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=972AF3CC-0F5F-44DC-A166-D97F871E6350&vxii_pid=12&vxii_pid1=10067&vxii_rcid=bdecbb53-7e7b-4d70-8027-cceca8fd54ee
date
Sat, 30 Dec 2023 14:48:23 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame 8402 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=972AF3CC-0F5F-44DC-A166-D97F871E6350&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 8402 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=972AF3CC-0F5F-44DC-A166-D97F871E6350&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.28.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-28-76.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:23 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 8402 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=972AF3CC-0F5F-44DC-A166-D97F871E6350&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.26.141 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 30 Dec 2023 14:48:23 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 8402 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.44.12 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:23 GMT
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame F3E4 		85 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sat, 30 Dec 2023 14:48:23 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12822-YUL
x-timer
S1703947704.866424,VS0,VE14
Pug
image2.pubmatic.com/AdServer/ Frame 0202
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-LAf9PzhR6DjsxWh9rML_PjjEPLjtUTzqOPEnCuX
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-LAf9PzhR6DjsxWh9rML_PjjEPLjtUTzqOPEnCuX
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sat, 30 Dec 2023 14:48:23 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-LAf9PzhR6DjsxWh9rML_PjjEPLjtUTzqOPEnCuX
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 8402
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4241110474002595656&gdpr=0&gdpr_consent=&us_privacy=
1 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4241110474002595656&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 30 Dec 2023 04:14:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4241110474002595656&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 30 Dec 2023 14:48:23 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame C9A0
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7ba6d1fc-a722-11ee-bdda-0ac735083d6b
42 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7ba6d1fc-a722-11ee-bdda-0ac735083d6b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 04:27:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Sat, 30 Dec 2023 14:48:24 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7ba6d1fc-a722-11ee-bdda-0ac735083d6b
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-7
Pug
simage2.pubmatic.com/AdServer/ Frame 5AEB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=969188723640060651&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 30 Dec 2023 14:48:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 30 Dec 2023 14:48:24 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 8402
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ea0cb69f-fd08-4957-b853-f508bc735d02-65902db0-5553&gdpr=0&gdpr_consent=
42 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ea0cb69f-fd08-4957-b853-f508bc735d02-65902db0-5553&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:23 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ea0cb69f-fd08-4957-b853-f508bc735d02-65902db0-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
image2.pubmatic.com/AdServer/ Frame DB0F
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188723640060651
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188723640060651
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sat, 30 Dec 2023 14:48:23 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188723640060651
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame D52C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=nBW3J1V4X1FJS-QQH9TL4bnVUCs&gdpr=0&gdpr_consent=
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=nBW3J1V4X1FJS-QQH9TL4bnVUCs&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sat, 30 Dec 2023 14:48:23 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=nBW3J1V4X1FJS-QQH9TL4bnVUCs&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame A581
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:IwFXRTno1RjADq5&gdpr=0&gdpr_consent=
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:IwFXRTno1RjADq5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 30 Dec 2023 14:48:23 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:IwFXRTno1RjADq5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0cbc67370dba70ec4@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
usersync
usersync.gumgum.com/ Frame 2728 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=972AF3CC-0F5F-44DC-A166-D97F871E6350
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 30 Dec 2023 14:48:23 GMT
Expires
0
Pragma
no-cache
insync
thrtle.com/ Frame A926
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=972AF3CC-0F5F-44DC-A166-D97F871E6350&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=972AF3CC-0F5F-44DC-A166-D97F871E6350&vxii_pid=12&vxii_pid1=10067&vxii_rcid=57e65f1e-d414-4e0a-a921-49f96f8399da
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=972AF3CC-0F5F-44DC-A166-D97F871E6350&vxii_pid=12&vxii_pid1=10067&vxii_rcid=57e65f1e-d414-4e0a-a921-49f96f8399da
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
54.158.15.169 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Sat, 30 Dec 2023 14:48:23 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=972AF3CC-0F5F-44DC-A166-D97F871E6350&vxii_pid=12&vxii_pid1=10067&vxii_rcid=57e65f1e-d414-4e0a-a921-49f96f8399da
date
Sat, 30 Dec 2023 14:48:23 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame A926 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=972AF3CC-0F5F-44DC-A166-D97F871E6350&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame A926 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=972AF3CC-0F5F-44DC-A166-D97F871E6350&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.28.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-28-76.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:23 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame A926 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=972AF3CC-0F5F-44DC-A166-D97F871E6350&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.26.141 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 30 Dec 2023 14:48:22 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame A926 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.44.12 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:23 GMT
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame A1E0 		85 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sat, 30 Dec 2023 14:48:23 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12822-YUL
x-timer
S1703947704.866512,VS0,VE14
Pug
image2.pubmatic.com/AdServer/ Frame 654B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-LAf9PzhR6DjsxWh9rML_PjjEPLjtUTzqOPEnCuX
42 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-LAf9PzhR6DjsxWh9rML_PjjEPLjtUTzqOPEnCuX
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sat, 30 Dec 2023 14:48:23 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-LAf9PzhR6DjsxWh9rML_PjjEPLjtUTzqOPEnCuX
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame A926
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4241110474002595656&gdpr=0&gdpr_consent=&us_privacy=
1 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4241110474002595656&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 30 Dec 2023 04:27:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4241110474002595656&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 30 Dec 2023 14:48:23 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 45E2
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7ba6d1fc-a722-11ee-bdda-0ac735083d6b
42 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7ba6d1fc-a722-11ee-bdda-0ac735083d6b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Sat, 30 Dec 2023 14:48:24 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7ba6d1fc-a722-11ee-bdda-0ac735083d6b
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-7
bsw_sync
sync.aralego.com/ Frame 7F98
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=0&gdpr_consent=&gdp...
0
0
Pug
image2.pubmatic.com/AdServer/ Frame A926
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ea0cb69f-fd08-4957-b853-f508bc735d02-65902db0-5553&gdpr=0&gdpr_consent=
42 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ea0cb69f-fd08-4957-b853-f508bc735d02-65902db0-5553&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:23 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ea0cb69f-fd08-4957-b853-f508bc735d02-65902db0-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
image2.pubmatic.com/AdServer/ Frame B2FB
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188723640060651
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188723640060651
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sat, 30 Dec 2023 14:48:23 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188723640060651
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame 146F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=nBW3J1V4X1FJS-QQH9TL4bnVUCs&gdpr=0&gdpr_consent=
42 B
398 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=nBW3J1V4X1FJS-QQH9TL4bnVUCs&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 04:14:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sat, 30 Dec 2023 14:48:23 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=nBW3J1V4X1FJS-QQH9TL4bnVUCs&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 37CD
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:IwFXRTno1RjADq5&gdpr=0&gdpr_consent=
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:IwFXRTno1RjADq5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 30 Dec 2023 14:48:23 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:IwFXRTno1RjADq5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-08680844020733eca@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
usersync
usersync.gumgum.com/ Frame 8818 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=972AF3CC-0F5F-44DC-A166-D97F871E6350
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 30 Dec 2023 14:48:23 GMT
Expires
0
Pragma
no-cache
PugMaster
image6.pubmatic.com/AdServer/ Frame E290 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=68838922&p=157108&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a94c1722739fa0928125afaa3aa3d2401f357f1075cda46a7a3c62be1166c9aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 30 Dec 2023 14:48:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
i.match
a.tribalfusion.com/ Frame 3398 		43 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.173 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
83db155d8ef6a1f6-YYZ
content-length
43
content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 14:48:24 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
Pug
simage2.pubmatic.com/AdServer/ Frame 4A63
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=f97c712f-8434-4736-8165-dff7fb9eb5a8&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
568 B
642 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=f97c712f-8434-4736-8165-dff7fb9eb5a8&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Sat, 30 Dec 2023 14:48:23 GMT
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sat, 30 Dec 2023 14:48:23 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=f97c712f-8434-4736-8165-dff7fb9eb5a8&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID}
Server
Kestrel
Pug
simage2.pubmatic.com/AdServer/ Frame 681E
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 03:56:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 14:48:23 GMT
expires
Sat, 30 Dec 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1037306
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
pubmatic
ad.mrtnsvr.com/sync/ Frame 8CDB 		0
0
sync
t.adx.opera.com/pub/ Frame A627 		0
0
tum
ums.acuityplatform.com/ Frame C029 		0
0
/
csync.loopme.me/ Frame 239B 		0
0
pubmatic&gdpr=0&gdpr_consent=
sync.1rx.io/usersync2/ Frame 9B62 		0
0
pubmatic
gocm.c.appier.net/ Frame D27B 		0
0
img
sync.mathtag.com/sync/ Frame 82C3 		0
0
cm
ipac.ctnsnet.com/int/ Frame 86D7 		0
0
redirect
exchange.mediavine.com/usersync/ Frame 2C21 		0
185 B 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=pubmatic&uuid=7427dc00-a722-11ee-9bd0-e5d8c377681f&s2sVersion=production&partnerId=972AF3CC-0F5F-44DC-A166-D97F871E6350
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157108&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.254.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-254-189.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 30 Dec 2023 14:48:23 GMT
vary
Origin, Accept-Encoding
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame E290 		0
0
396846.gif
idsync.rlcdn.com/ Frame E290
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=972AF3CC-0F5F-44DC-A166-D97F871E6350&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=e1e3582e-9af3-0db0-137b-cddb1c422e29
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=e1e3582e-9af3-0db0-137b-cddb1c422e29
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:24 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 30 Dec 2023 14:48:23 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=e1e3582e-9af3-0db0-137b-cddb1c422e29
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=972AF3CC-0F5F-44DC-A166-D97F871E6350/gdpr=0/ Frame E290 		0
0
receive
pixel.tapad.com/idsync/ex/ Frame E290 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=972AF3CC-0F5F-44DC-A166-D97F871E6350&gdpr=0&gdpr_consent=
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:48:23 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
Pug
simage2.pubmatic.com/AdServer/ Frame E290
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1179816859700053156
42 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1179816859700053156
Requested by
Host: cnz.to
URL: https://cnz.to/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 30 Dec 2023 04:26:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 30 Dec 2023 14:48:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1179816859700053156
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.youtube.com
URL
https://www.youtube.com/s/player/da154528/www-player.css
Domain
www.youtube.com
URL
https://www.youtube.com/s/player/da154528/player_ias.vflset/en_US/embed.js
Domain
www.youtube.com
URL
https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js
Domain
www.youtube.com
URL
https://www.youtube.com/s/player/da154528/player_ias.vflset/en_US/base.js
Domain
www.youtube.com
URL
https://www.youtube.com/embed/TfcsN2nBDyU
Domain
acdn.adnxs.com
URL
https://acdn.adnxs.com/dmp/async_usersync.html
Domain
ads.yieldmo.com
URL
https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dyieldmo%26uuid%3D7427dc00-a722-11ee-9bd0-e5d8c377681f%26s2sVersion%3Dproduction%26partnerId%3D%24UID
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.20.0&referrer=https%3A%2F%2Fcnz.to%2F&tmax=2801&us_privacy=1---
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/openrtb/pbjs?s=179871
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/openrtb/pbjs?s=179871
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17404&site_id=168624&zone_id=812700&size_id=15&alt_size_ids=9%2C8%2C10&us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&rp_schain=1.0,1!mediavine.com,1f277cd5df52f199bf29610999d7dfb6,1,,,&tpid_tdid=ae9fa611-1916-4d55-ab82-f7eea3328191&eid_adserver.org=ae9fa611-1916-4d55-ab82-f7eea3328191&eid_pubcid.org=7f2885e3-7ba9-45c0-92d2-70ce1033e4f0%5E1&eid_criteo.com=8sch3V9jeU5Yd2RrVk5TeE9EeXNZVlBhcTE2djBucVozMHhxN3kxUWs3eGt1Nms4cVViTm1PJTJGRkw5RlNFd3QxMFRvT1E1ZmMlMkJTaGtjS0VvR1FTaFY1YUt6eXclM0QlM0Q%5E1&rf=https%3A%2F%2Fcnz.to%2F&kw=paris%20kitchen%2Cchocolate%2Czucchini%2Csimple%20recipes%2Cblack%20sesame%2Ckind%2Csabl%C3%A9s%2Cbutter%2Cissue%2Ctoasty%20flavor%2Crecipe%2Cfrench%20man%2Ceasy%20meal%2Ccoconut%2Cshatter-prone&tg_i.domain=cnz.to&tg_i.page=https%3A%2F%2Fcnz.to%2F&tg_i.name=Chocolate%20and%20Zucchini&tg_i.cat=IAB8&tg_i.sectioncat=IAB8&tg_i.pagecat=IAB8&tg_i.privacypolicy=1&tg_i.mobile=1&tg_i.iab=210%2C211%2C216%2C217&tg_i.category=food-and-drink&tg_i.pbadslot=%2F1030006%2C22697653334%2Fchocolateandzucchini%2Fsidebar&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=27dad49d509d5db&p_screen_res=1600x1200&rp_floor=0.27&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7678464516414014
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17404&site_id=168624&zone_id=812702&size_id=2&alt_size_ids=1%2C55%2C117&us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&rp_schain=1.0,1!mediavine.com,1f277cd5df52f199bf29610999d7dfb6,1,,,&tpid_tdid=ae9fa611-1916-4d55-ab82-f7eea3328191&eid_adserver.org=ae9fa611-1916-4d55-ab82-f7eea3328191&eid_pubcid.org=7f2885e3-7ba9-45c0-92d2-70ce1033e4f0%5E1&eid_criteo.com=8sch3V9jeU5Yd2RrVk5TeE9EeXNZVlBhcTE2djBucVozMHhxN3kxUWs3eGt1Nms4cVViTm1PJTJGRkw5RlNFd3QxMFRvT1E1ZmMlMkJTaGtjS0VvR1FTaFY1YUt6eXclM0QlM0Q%5E1&rf=https%3A%2F%2Fcnz.to%2F&kw=paris%20kitchen%2Cchocolate%2Czucchini%2Csimple%20recipes%2Cblack%20sesame%2Ckind%2Csabl%C3%A9s%2Cbutter%2Cissue%2Ctoasty%20flavor%2Crecipe%2Cfrench%20man%2Ceasy%20meal%2Ccoconut%2Cshatter-prone&tg_i.domain=cnz.to&tg_i.page=https%3A%2F%2Fcnz.to%2F&tg_i.name=Chocolate%20and%20Zucchini&tg_i.cat=IAB8&tg_i.sectioncat=IAB8&tg_i.pagecat=IAB8&tg_i.privacypolicy=1&tg_i.mobile=1&tg_i.iab=210%2C211%2C216%2C217&tg_i.category=food-and-drink&tg_i.pbadslot=%2F1030006%2C22697653334%2Fchocolateandzucchini%2Fadhesion&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=29234f63faacabf&p_screen_res=1600x1200&rp_floor=0.27&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2423131288210123
Domain
log.pinterest.com
URL
https://log.pinterest.com/?type=pidget&guid=G_KSofD4KZw7&tv=2021110201&event=init&sub=www&button_count=1&follow_count=1&pin_count=0&button_hover=1&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fcnz.to%2F&viaSrc=canonical
Domain
connectid.analytics.yahoo.com
URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Domain
sdk.sharethrough.com
URL
https://sdk.sharethrough.com/adchoice.png
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-CjtswqmCI5RMbFXdTT8orD0MrrWtUtkP97iDww&gdpr=0&gdpr_consent=&us_privacy=1---
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=DgeRQgpWyRYVBJsXAASFSg5UnkQVAspFXlTa3sww
Domain
bttrack.com
URL
https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DFGhqNjC2WnFmmvNpTL32LMME%26source_user_id%3D%7Bglobalid%7D%26gdpr%3D0%26gdpr_consent%3D&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=ae9fa611-1916-4d55-ab82-f7eea3328191&gdpr=0&gdpr_consent=
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=7a46d275-e5f0-063d-09a9-6b622f12ed99
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=tYyXe2fcCnEgDUj176HQNZKu&source_user_id=6172223941383628484&gdpr=0&gdpr_consent=
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-9c15b727-5578-5f51-494b-e4101fd4cbe1$ip$185.213.80.43&gdpr=0&gdpr_consent=
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=ZZAtrgAKzRwSbwBd
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=2963816996209011993&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?st=ShareThrough&rurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DYnUBs5Yz9Zqjy9VCcoCxquFP%26source_user_id%3D_wfivefivec_&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Domain
stx-match.dotomi.com
URL
https://stx-match.dotomi.com/match/bounce/current?networkId=44410&version=1&nuid=ba9b48bc-5c48-4ff3-91fe-26d9ebe2e270&gdpr=0&gdpr_consent=&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/sharethrough?gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=BVbSRuzbUWjBEF6bQrmLHKkX&source_user_id=y-6ZgXPoFE2oM4OZK6UsjgcJemeVf47OAncXxYOhAZ2TI2~A&gpp=DBABzw~1---~BqgAAAAAAgA
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7rkJAhPCWXbw9Lq5dZxc6TvN%26source_user_id%3D%24UID&partner=sharethrough&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=47&gdpr=0&gdpr_consent=&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Domain
sid.storygize.net
URL
https://sid.storygize.net/ccm/c9dd71b6-fd13-4133-bf5d-b88619cef491?gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/?adExInit=s&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DxTFJbLbs37tyhbKsPP9VC2cm%26source_user_id%3D%24UID&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=2309&gdpr=0&gdpr_consent=&us_privacy=1---&r=https://www.me.back/server?id=ba9b48bc-5c48-4ff3-91fe-26d9ebe2e270
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent=&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=sharethrough&user_id=ba9b48bc-5c48-4ff3-91fe-26d9ebe2e270&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=1---&expires=365&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=sharethrough&gdpr=0&gdpr_consent=&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent=&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/c01d0246d79eba64b8a7cca07e5b7dc7.gif?puid=ba9b48bc-5c48-4ff3-91fe-26d9ebe2e270&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DqUVJTHutDLcyGRS8xfsW2M4g%26source_user_id%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=558357&ev=1&rurl=https%3a%2f%2fmatch.sharethrough.com/sync/v1?source_id=790d3e0174b12a86f1cbebf4&source_user_id=%%VGUID%%
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent=&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=ba9b48bc-5c48-4ff3-91fe-26d9ebe2e270&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Domain
c.bing.com
URL
https://c.bing.com/c.gif?Red3=STMS_pd&uid=ba9b48bc-5c48-4ff3-91fe-26d9ebe2e270&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBYEmCf84URCM7ux67UZ0b0&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
sonata-notifications.taptapnetworks.com
URL
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=0&gdpr_consent=&gdpr_pd=
Domain
sync.aralego.com
URL
https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1b5adac0-e56f-4876-8fdb-b83d18162df4&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy=
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
t.adx.opera.com
URL
https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/tum?umid=6
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
Domain
gocm.c.appier.net
URL
https://gocm.c.appier.net/pubmatic
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Domain
ipac.ctnsnet.com
URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Domain
synchroscript.deliveryengine.adswizz.com
URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=972AF3CC-0F5F-44DC-A166-D97F871E6350&gdpr=0&gdpr_consent=
Domain
bcp.crwdcntrl.net
URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=972AF3CC-0F5F-44DC-A166-D97F871E6350/gdpr=0/gdpr_consent=

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| documentPictureInPicture string| mi_version boolean| mi_track_user string| mi_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| MonsterInsightsDualTracker function| gtag function| __gaTracker object| _wpemojiSettings undefined| $ function| jQuery object| html5 object| Modernizr function| yepnope object| addthis_config function| getScreenResolution function| getCalendar function| openPic function| MonsterInsights object| MonsterInsightsObject object| monsterinsights_frontend function| documentInitOneSignal function| OneSignal function| fbq function| _fbq object| mediavineLocalModel object| amcLocalModel object| localModel object| localModelOverrides object| proxyHandler object| $adManagementConfig object| $mediavine object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| j7rbmw0hoknne0tw5wio function| j7rbmw0hoknne0tw5wio_poll object| bsjy5naqqzhaupai3v2y function| bsjy5naqqzhaupai3v2y_poll object| unikcmxmddlgao4z5ehw function| unikcmxmddlgao4z5ehw_poll object| uwarec7euolpwvxlgkrt function| uwarec7euolpwvxlgkrt_poll object| qfsc2tyjca3tyuhqygib function| qfsc2tyjca3tyuhqygib_poll object| hkjfip4swfygzvgowo3s function| hkjfip4swfygzvgowo3s_poll object| dxnycgolcexutgs3e2q5 function| dxnycgolcexutgs3e2q5_poll object| zsyyldtljx1b4dgihjkb function| zsyyldtljx1b4dgihjkb_poll object| hx6zoggob1vmbywplxkn function| hx6zoggob1vmbywplxkn_poll object| w14vp0mvwvw30xiq function| w14vp0mvwvw30xiq_poll object| xvmzhpficridhpvm function| xvmzhpficridhpvm_poll object| k5vfauwi7hkrx0gb function| k5vfauwi7hkrx0gb_poll object| pdv89x5gvxkcwqyn function| pdv89x5gvxkcwqyn_poll object| ozowlcurswfqb1jh function| ozowlcurswfqb1jh_poll object| dexapplu11asmjvn function| dexapplu11asmjvn_poll boolean| j7rbmw0hoknne0tw5wio_shortcode boolean| bsjy5naqqzhaupai3v2y_shortcode boolean| unikcmxmddlgao4z5ehw_shortcode boolean| uwarec7euolpwvxlgkrt_shortcode boolean| qfsc2tyjca3tyuhqygib_shortcode boolean| hkjfip4swfygzvgowo3s_shortcode boolean| dxnycgolcexutgs3e2q5_shortcode boolean| zsyyldtljx1b4dgihjkb_shortcode boolean| hx6zoggob1vmbywplxkn_shortcode boolean| w14vp0mvwvw30xiq_shortcode boolean| xvmzhpficridhpvm_shortcode boolean| k5vfauwi7hkrx0gb_shortcode boolean| pdv89x5gvxkcwqyn_shortcode boolean| ozowlcurswfqb1jh_shortcode boolean| dexapplu11asmjvn_shortcode object| countVars string| disqus_shortname object| OMAPI_Helper object| omapi_localized object| omapi_data object| win function| zlrPrint object| twemoji object| wp object| google_tag_manager object| google_tag_data number| PIN_19721 function| convertToGeoRiotLinks function| extractItunesLinkFromAffiliateUrl function| getLinkType object| Georiot object| Genius string| GoogleAnalyticsObject function| ga object| mvWrapperJsonp object| DISQUSWIDGETS undefined| disqus_domain object| gaplugins object| gaGlobal object| gaData number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| webpackChunkom_api_js object| _omapp function| OptinMonsterApp boolean| om_loaded object| _omq function| omq function| __gpp_addFrame function| __gpp_stub function| __gpp_msghandler function| __gpp function| __uspapi object| PIN_1703947690788 string| value object| key object| PinUtils object| recaptcha object| closure_lm_250110 object| pbjs object| _pbjsGlobals object| googletag object| headertag object| ggeac object| google_js_reporting_queue object| apstag undefined| google_measure_js_timing object| _comscore function| ope object| _aps boolean| apstagLOADED object| apscustom object| regeneratorRuntime object| ox_esp function| Tapad object| COMSCORE object| ns_p object| sovrn number| google_unique_id object| criteo_pubtag object| criteo_identitytag_146 object| Criteo object| Criteo_identitytag_146 object| _33across object| signal_decrypted object| criteo_syncframe_state string| waypointContextKey

168 Cookies

Domain/Path Name / Value
scripts.mediavine.com/sync Name: s
Value: 1
.3lift.com/sync Name: sync
Value: CgoIoQEQ0YvK2csxCgoIkQIQ0YvK2csxCgoItAIQ0YvK2csxCgoI5gEQ0YvK2csxCgoIhwIQ0YvK2csxCgoItwIQ0YvK2csxCgkIOhDRi8rZyzEKCgiMAhDRi8rZyzEKCQhfENGLytnLMQoJCB8Q0YvK2csx
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARDtFg
.onesignal.com/ Name: __cf_bm
Value: N_P_p8vRsxU59EYyUGNPHCDfCOc0uXvJs8k.PdpCIi8-1703947690-1-AclQ8B+/G9+Abj+zzdicOqwV9F2Fu76VH4lSwtex2UIrx2+gYxDSWVcEhX4nsfVFwqtxz50woT0NOzMR56Zt+6A=
.youtube.com/ Name: YSC
Value: pXjO_EbAZtQ
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: ItORBndRkdc
.cnz.to/ Name: _gid
Value: GA1.2.2101863569.1703947691
.cnz.to/ Name: _gat_gtag_UA_277034_3
Value: 1
.cnz.to/ Name: _fbp
Value: fb.1.1703947690631.588189588
cnz.to/ Name: _omappvp
Value: UU1cHeV7y4f71CMsEP8EOifeHWEsG6Hh2oSagL0oEDMo64Mme1UnIq0tJQnlnQrzRtQ7K7f1PTCMa0xwjkhoQPocVnaJfpIB
cnz.to/ Name: _omappvs
Value: 1703947690727
.cnz.to/ Name: _ga_WHT1MYT8SZ
Value: GS1.1.1703947690.1.0.1703947690.0.0.0
.cnz.to/ Name: _ga
Value: GA1.1.88848028.1703947691
cnz.to/ Name: am_gpp
Value: DBABzw~1---~BqgAAAAAAgA
cnz.to/ Name: am_gpp_cmp_version
Value: v2test
cnz.to/ Name: utm_source
Value:
cnz.to/ Name: utm_campaign
Value:
.sda.fyi/ Name: mv_sda
Value: 2023-12-30_368_1_369_1_371_1_372_1
.cnz.to/ Name: _pubCommonId
Value: 7f2885e3-7ba9-45c0-92d2-70ce1033e4f0
.cnz.to/ Name: _pubCommonId_cst
Value: VyxHLMwsHQ%3D%3D
cnz.to/ Name: _lr_retry_request
Value: true
cnz.to/ Name: _lr_env_src_ats
Value: false
cnz.to/ Name: mediavine_session
Value: {%22depth%22:1%2C%22referrer%22:%22DIRECT%22%2C%22wrapperVersionGroup%22:{%22version%22:%222.94.31%22%2C%22name%22:%222.94.31%22}%2C%22videoVersionGroup%22:{%22name%22:%22default%22%2C%22version%22:%229.1.10%22}}
.33across.com/ Name: check
Value: true
.adsrvr.org/ Name: TDID
Value: ae9fa611-1916-4d55-ab82-f7eea3328191
.cnz.to/ Name: cto_bidid
Value: 8sch3V9jeU5Yd2RrVk5TeE9EeXNZVlBhcTE2djBucVozMHhxN3kxUWs3eGt1Nms4cVViTm1PJTJGRkw5RlNFd3QxMFRvT1E1ZmMlMkJTaGtjS0VvR1FTaFY1YUt6eXclM0QlM0Q
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%227427dc00-a722-11ee-9bd0-e5d8c377681f%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: mv_tokens_invalidate-verizon-pushes
Value: %7B%22mv_uuid%22%3A%227427dc00-a722-11ee-9bd0-e5d8c377681f%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%227427dc00-a722-11ee-9bd0-e5d8c377681f%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: am_tokens_invalidate-verizon-pushes
Value: %7B%22mv_uuid%22%3A%227427dc00-a722-11ee-9bd0-e5d8c377681f%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
cnz.to/ Name: am_tokens
Value: {%22mv_uuid%22:%227427dc00-a722-11ee-9bd0-e5d8c377681f%22%2C%22version%22:%22invalidate-verizon-pushes%22}
cnz.to/ Name: am_tokens_invalidate-verizon-pushes
Value: {%22mv_uuid%22:%227427dc00-a722-11ee-9bd0-e5d8c377681f%22%2C%22version%22:%22invalidate-verizon-pushes%22}
.lijit.com/ Name: ljt_reader
Value: H6HYiLZHd5pThMccSmegS3gY
.openx.net/ Name: i
Value: 67891811-fe33-0427-16d4-85c041fe7c0c|1703947691
.scorecardresearch.com/ Name: UID
Value: 1FFd9e836b921b4fdba4e541703947691
.openx.net/ Name: univ_id
Value: 537072971|ae9fa611-1916-4d55-ab82-f7eea3328191|1703947691858368
.360yield.com/ Name: tuuid
Value: 669f73d2-b4d0-43df-9fbc-0799d95effcd
.360yield.com/ Name: tuuid_lu
Value: 1703947691
.smartadserver.com/ Name: pid
Value: 2833654250881570906
.criteo.com/ Name: uid
Value: b88e34e8-ef93-4d51-afac-7b807bd1ac74
.rqtrk.eu/ Name: browser_id
Value: 1:81546add-9382-4b59-a844-70a7ed827241
.pippio.com/ Name: did
Value: vbvVqvb7maXUX0q1
.pippio.com/ Name: didts
Value: 1703947692
.pippio.com/ Name: nnls
Value:
.bidr.io/ Name: bito
Value: AACVt07LIFsAABOibw3ZwQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.doubleclick.net/ Name: IDE
Value: AHWqTUm48AJV7la7onVSG6agb3Qq2DldN5ZX2YR7LqLz_HgHgqlLuM0kpCtyZ7ye2JM
.pippio.com/ Name: pxrc
Value: CKzbwKwGEgQIAhAAEgYI7OsBEAA=
.linksynergy.com/ Name: rmuid
Value: 0b61be16-f575-498c-bd89-0fdf40e6b9ce
.linksynergy.com/ Name: icts
Value: 2023-12-30T14:48:12Z
.media.net/ Name: visitor-id
Value: 3469492926465194000V10
.media.net/ Name: data-mv
Value: 7427dc00-a722-11ee-9bd0-e5d8c377681f~~19
.bidswitch.net/ Name: tuuid
Value: 1b5adac0-e56f-4876-8fdb-b83d18162df4
.bidswitch.net/ Name: c
Value: 1703947692
.bidswitch.net/ Name: tuuid_lu
Value: 1703947692
.rubiconproject.com/ Name: khaos
Value: LQS6GMOO-13-GYA2
.quantserve.com/ Name: mc
Value: 65902dad-63e86-86f66-0b7ff
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.linkedin.com/ Name: bcookie
Value: "v=2&92fc6264-70fc-4771-848e-23541349400f"
.linkedin.com/ Name: lidc
Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2792:u=1:x=1:i=1703947693:t=1704034093:v=2:sig=AQGVtFSt9FJnqZen-vdakvdgFWRU5Vmx"
.yahoo.com/ Name: A3
Value: d=AQABBK0tkGUCEKOblJB6KCl-d-ew-wTVqVYFEgEBAQF_kWWaZQAAAAAA_eMAAA&S=AQAAAleaHQuDTA1a-zc7gchTEHs
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: A4IX414bwUYttGbnIbpQsy0
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.openx.net/ Name: pd
Value: v2|1703947691.3|iKbwvPvMgahEgKkWg2gy.mmuYeSwrf8
cnz.to/ Name: TAPAD
Value: %7B%22id%22%3A%220ba9adf3-12db-4f8d-938a-f6e75ae47664%22%7D
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZZAtrgAKzRwSbwBd
.connatix.com/ Name: cnx_userId
Value: ae5041c697324014b4c9cd8cc534cbea
.ipredictive.com/ Name: cu
Value: 5424119b-601b-4303-9302-c674017cde11|1703947695117
.turn.com/ Name: uid
Value: 4241110474002595656
.cnz.to/ Name: __gads
Value: ID=8eb997a522143a69:T=1703947694:RT=1703947694:S=ALNI_MY-d_AijHSgCYvANmWi6-7bKf94VQ
.cnz.to/ Name: __gpi
Value: UID=00000a057286812f:T=1703947694:RT=1703947694:S=ALNI_MaoHc7xFpwnaf_Wjxdy1ZcIunRTZA
.bidswitch.net/ Name: google_push
Value: AXcoOmRW8p-NfmVcC39tNQtchVQt23Nq1O_R5Kur-xj_P-0sFM-vZxB-mcpI2ezxlFPBezRT9_8bGji8U7bihtrOXZJnOYhvgeA
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.pangle-ads.com/ Name: _pangle
Value: 2aGb7ZVkVvalv7fYXZyVogJO19W
.cnz.to/ Name: cto_bundle
Value: NVciwF9PJTJCeTFKSzhza09iVjJLMks2VmpqVjhieDA4RkY0JTJCM2o4TmZ4OTJJWXFwOGVteU5PTWtSZEFuOSUyQmFDU2olMkJQaVI0YWdoUHJrUnh6bEZoY0s5Tms5ZzY4WUFsdExDN2xsZWxNMVhZbm92UXhpJTJGNnByRTVZJTJGWm9lMGdnSkI1OEk2UiUyQnNlJTJCdmdDQ21JWDZ0aDJmdnRsbjZnJTNEJTNE
.doubleclick.net/ Name: APC
Value: AfxxVi7Ze78Kqtg7DdMBhHsVZUUV_Bvz81KzJzJYqyWnsB3g0li-CQ
.sitescout.com/ Name: ssi
Value: ea0cb69f-fd08-4957-b853-f508bc735d02#1703947696056
.sitescout.com/ Name: _ssuma
Value: eyIxNyI6MTcwMzk0NzY5NjA4NH0
.casalemedia.com/ Name: CMPS
Value: 1420
.casalemedia.com/ Name: CMID
Value: ZZAtsDWU3MR7QbQeOCmP9AAA
.casalemedia.com/ Name: CMPRO
Value: 1420
.liadm.com/ Name: lidid
Value: 172f0ee4-dc51-4afd-9bb1-280f435372c7
.teads.tv/ Name: tt_viewer
Value: 22518042-8192-4bed-b678-3738607c317d
.quantserve.com/ Name: d
Value: EBIBFAHkKoir0Qu9jBA
.lkqd.net/ Name: lkqdidts
Value: 1703947697
.lkqd.net/ Name: sr59
Value: 1|CAESECh4cNY4aUpNyOH72Dl7M0w|1703947697
.lkqd.net/ Name: lkqdid
Value: CVsna5r7ZIM
.inmobi.com/ Name: idsp_c
Value: 4b39e047-1a66-4eaf-9128-231ab9fd1ddf
.c.appier.net/ Name: _auid
Value: lvDZ6mhNAWCGjBtvsS2QZQ
.c.appier.net/ Name: _gu
Value: CAESEFuSgjO-vd8na0_DotWdNV4
.gumgum.com/ Name: vst
Value: u_8de9abd7-6253-4d9b-96b2-646cf244fae8
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-9c15b727-5578-5f51-494b-e4101fd4cbe1.40l5F2MejJF5m5jrX3xgMYMPdNkjj0ZNYzgJUaBr3bk
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-9c15b727-5578-5f51-494b-e4101fd4cbe1.40l5F2MejJF5m5jrX3xgMYMPdNkjj0ZNYzgJUaBr3bk
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AnBW3J1V4X1FJS-QQH9TL4bnVUCs.LHABuJySxvbUN5MEYYEoCe2wjYW%2BJaFygVTwY5G465U
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AnBW3J1V4X1FJS-QQH9TL4bnVUCs.LHABuJySxvbUN5MEYYEoCe2wjYW%2BJaFygVTwY5G465U
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGxGBF1QguxgPmCFjuSik92B7LtM9QFuqZoLzqcp88tbEHwYBCCx28CsBjABOgQ8w7t9QgTJDP2f.O2JBvLfUczYpVUtONGToe7P2FLcwctIysu42Oz2If38
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGxGBF1QguxgPmCFjuSik92B7LtM9QFuqZoLzqcp88tbEHwYBCCx28CsBjABOgQ8w7t9QgTJDP2f.O2JBvLfUczYpVUtONGToe7P2FLcwctIysu42Oz2If38
.simpli.fi/ Name: suid
Value: D42EFDD7087845AF9680AB8957760C74
.rezync.com/ Name: zync-uuid
Value: 48b12a2e-bad8-4687-af8f-2e19bbf7b62b:1703947698.0510182
.tapad.com/ Name: TapAd_TS
Value: 1703947698080
.tapad.com/ Name: TapAd_DID
Value: 7457a107-ff24-47bb-9883-05820d7eb0cc
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 1179816859700053156
.server.cpmstar.com/ Name: USER_ID
Value: %ef%05w%a6%0f%ec%8c%24%06%b42x0%e4%a9
.adfarm1.adition.com/ Name: UserID1
Value: 7318399637020932253
.adnxs.com/ Name: uuid2
Value: 2896712593121374864
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 972AF3CC-0F5F-44DC-A166-D97F871E6350
.kargo.com/ Name: ktcid
Value: f72e9182-dc72-0093-5298-2d8156c1023e
.socdm.com/ Name: SOC
Value: ZZAts8Co8X0AAKa-QNQAAAAA
.eqads.com/ Name: EQUser
Value: UID=8dcf15ef-e7fa-4910-9b99-301f709ccc14
.deepintent.com/ Name: CDIUSER
Value: di_cb216b4e293447c4b00c9
.3lift.com/ Name: tluid
Value: 3610331112224181422439
.adnxs.com/ Name: anj
Value: dTM7k!M40*e8)4*ghqdmU(7TG`e7j!!]tck8i_iqf!oN/@E'zz<*Z2$N@a<[J2-Sgx5A<t3XzsY^H@rZ<hx[A`m$UOTD._*Pl[h>o'uTXn^*dj%t[5%u'V(v4yLk4JBWXO<U.Rl*2o))4K_6m4hM3O4/UIw59jyu5e:kw5eHF'%wP%G>w-/6dPS$C
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxRUzZHTU9PLTEzLUdZQTIiLCJleHBpcmVzIjoiMjAyNC0wMy0yOVQxNDo0ODoxOFoifSwidHJpcGxlbGlmdF9uYXRpdmUiOnsidWlkIjoiMjQ4MTcyNzIxMzk1NDkxNzUwOTc3MiIsImV4cGlyZXMiOiIyMDI0LTAzLTI5VDE0OjQ4OjE5WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTEyLTMwVDE0OjQ4OjE4WiJ9
.linkedin.com/ Name: li_sugr
Value: 3e63eea9-5579-4d25-b5c2-bfd632b0b405
beacon.lynx.cognitivlabs.com/ Name: UID
Value: f97c712f-8434-4736-8165-dff7fb9eb5a8
beacon.lynx.cognitivlabs.com/ Name: ss
Value: FpDYDXdXHDYjE8%2FHr5xlRm1roiHaw1KNrJ4Ek4ufhUQIki31lHMCz84Oiaf%2Bdg5uei96S5aRv%2FXeVm3O1EOgLQ%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESELC1147cEPZgZr4tdYuCOrA&KRTB&23025-CAESELC1147cEPZgZr4tdYuCOrA&KRTB&23386-CAESELC1147cEPZgZr4tdYuCOrA
.csync.loopme.me/ Name: viewer_token
Value: 654e5941-747b-486c-a326-9c9cd8f9789b
.nrich.ai/ Name: _nauid
Value: d5a10885-e7e9-48af-aefc-6b6be8bf5457
.w55c.net/ Name: wfivefivec
Value: IwFXRTno1RjADq5
.w55c.net/ Name: matchgoogle
Value: 5
.sharethrough.com/ Name: stx_user_id
Value: 8dc14733-d81f-4a7f-a650-e0238f9f8d4b
.smartadserver.com/ Name: csync
Value: 49:7318399637020932253|79:b88e34e8-ef93-4d51-afac-7b807bd1ac74|80:td36KrGMon6u3vB_u97uIrWO9Syu2KEt5Y7vG0Xr|86:2963816996209011993|127:AACVt07LIFsAABOibw3ZwQ|134:OB_OK|147:cd35ffb1-22a8-4e8c-916d-a6e93d3b2077
.go.sonobi.com/ Name: __uis
Value: a922f506-4180-4c4c-97fe-693780e706eb
.go.sonobi.com/ Name: HAPLB8G
Value: s86150|ZZAtt
.creativecdn.com/ Name: ts
Value: 1703947700
.creativecdn.com/ Name: u
Value: qYUvMY1yPPi4ev26GMYx
.creativecdn.com/ Name: g
Value: qYUvMY1yPPi4ev26GMYx_1703947700655
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzNLSwMDcyNjMxMDAzMDM1FOIz1PUOKfczcTIuzQv2dAEAbvoFTyQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzNLSwMDcyNjMxMDAzMDM1FOIz1PUOKfczcTIuzQv2dAEAbvoFTyQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_13IsRGAMAwEsAmoMoc5vwl5h23sIxmIkpJJaagopauwesLChmScLrU5JaZPsYGeOZnN8gB165Wt-6o7FG53Wb6kKoHn5xfagOo_WgAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4ABGOOyGG0MhVu7ud-QCzdu3sF_ICqT0YMS3FTnJcD6WetXKKJx6mxr8BzsWAKI6AAAA
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 157108:3
.pubmatic.com/ Name: DPSync3
Value: 1705104000%3A201_263%7C1703980800%3A248%7C1704499200%3A265
.pubmatic.com/ Name: SyncRTB3
Value: 1704499200%3A15_223%7C1705104000%3A220_13_231_166_104_3_48_21_54_250_71
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220231230%22%2C%22141%22%3A%2220231230%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_cb216b4e293447c4b00c9
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:D42EFDD7087845AF9680AB8957760C74&KRTB&23486-uid:D42EFDD7087845AF9680AB8957760C74&KRTB&23489-uid:D42EFDD7087845AF9680AB8957760C74&KRTB&23539-uid:D42EFDD7087845AF9680AB8957760C74
live.rezync.com/ Name: sd-session-id
Value: .eJwNylEOgyAMANC79FsWilgKlzF0loRsskX0Z8a7z8-XvBPmr25rbtp2SPt26ADPd73VIZ3Q62_VFySIFJE5uJG8tWRpQrgG6Np7_bS5LnfxLOiyUyN5YeOJg8mFi3GKUaQEIScJgx2jDxT5YSe0yA6uP6WVJf8.ZZAttA.JZdC-rfV6wSHGJ8uFs7Je5vsVi8
.dotomi.com/ Name: DotomiTest
Value: 738f4e19a30e11d9
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCOaujp2M1MQ8EAUSFQoGY2FzYWxlEgsI4JDCuozUxDwQBRIbCgxzaGFyZXRocm91Z2gSCwiuhd2_jNTEPBAFEhYKB3N2eDl0NTASCwiMno7ZjNTEPBAFEhcKCHB1Ym1hdGljEgsImu6o44zUxDwQBRIUCgV0YXBhZBILCKSp5OOM1MQ8EAUYASABKAIyCwjSn-eQo9TEPBAFOAFaBXRhcGFkYAI.
.mxptint.net/ Name: mxpim
Value: R35CA5_10E820E69_24EE407E.1.000000000000000065902DB4
.rlcdn.com/ Name: rlas3
Value: ieTpe5qMHmrvqOlSk/jRc6ytNv0H70HgJVz56bSHcNk=
.rlcdn.com/ Name: pxrc
Value: CKvbwKwGEgUI6AcQABIFCOhHEAASBgi66gEQCQ==
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8750
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2896712593121374864&KRTB&23339-2896712593121374864
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAGYvwrWNKbyQNgAyp-AAAAAAA&KRTB&22713-AAAGYvwrWNKbyQNgAyp-AAAAAAA&KRTB&22715-AAAGYvwrWNKbyQNgAyp-AAAAAAA&KRTB&23519-AAAGYvwrWNKbyQNgAyp-AAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R35CA5_10E820E69_24EE407E&KRTB&23092-R35CA5_10E820E69_24EE407E
.rubiconproject.com/ Name: audit
Value: 1|5z6wTUsM+Nj2QcZhMekfpJZPMa7PY2pJ/BWNs+/zl/e3JrY54CFgCE/WA7sIxjMVPOHGxqJT4QfqFTrNE4+z9qDrxqInxg513OlDu/ORdD8=
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-5424119b-601b-4303-9302-c674017cde11&KRTB&23011-5424119b-601b-4303-9302-c674017cde11&KRTB&23355-5424119b-601b-4303-9302-c674017cde11
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: 2fd0df74-5919-4c8d-9017-8f70d4cd7888
.prebid.a-mo.net/ Name: sd_amuid2
Value: 2fd0df74-5919-4c8d-9017-8f70d4cd7888
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1ou9|7bq.0.1
.contextweb.com/ Name: V
Value: jCQgeKmpJZtm
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4daf88170209cb76
.technoratimedia.com/ Name: tads_uidp_73
Value: AACVt07LIFsAABOibw3ZwQ
.technoratimedia.com/ Name: tads_uid
Value: 2256C19F18EE421DAF857A505503C3B3
.technoratimedia.com/ Name: tads_uid_cd
Value: 20231230144822+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uidp_82
Value: ZZAtsDWU3MR7QbQeOCmP9AAA&1420
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACVt07LIFsAABOibw3ZwQ
.pubmatic.com/ Name: PugT
Value: 1703947702
.pubmatic.com/ Name: SPugT
Value: 1703947702

25 Console Messages

Source Level URL
Text
network error URL: https://api.omappapi.com/v2/embed/15285/599073
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.omappapi.com/v2/embed/15285/491269
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.omappapi.com/v2/embed/15285/491268
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.omappapi.com/v2/embed/15285/651155
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.omappapi.com/v2/embed/15285/642203
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.omappapi.com/v2/embed/15285/754336
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.omappapi.com/v2/embed/15285/642253
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.omappapi.com/v2/embed/15285/491276
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.omappapi.com/v2/embed/15285/488361
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.omappapi.com/v2/embed/15285/485908
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.omappapi.com/v2/embed/15285/665126
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=2
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://api.omappapi.com/v2/embed/15285/735607
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.omappapi.com/v2/embed/15285/641421
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.omappapi.com/v2/embed/15285/491271
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.omappapi.com/v2/embed/15285/641435
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://idsync.rlcdn.com/712068.gif?partner_uid=ba9b48bc-5c48-4ff3-91fe-26d9ebe2e270&gpp=DBABzw%7E1---%7EBqgAAAAAAgA&gpp_sid=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBYEmCf84URCM7ux67UZ0b0&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ae9fa611-1916-4d55-ab82-f7eea3328191&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20972AF3CC-0F5F-44DC-A166-D97F871E6350&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
worker error URL: blob:https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/18ecce90-5884-4fad-8f6d-39522defdc2d
Message:
Mixed Content: The page at 'blob:https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/18ecce90-5884-4fad-8f6d-39522defdc2d' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/18ecce90-5884-4fad-8f6d-39522defdc2d
Message:
Mixed Content: The page at 'blob:https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/18ecce90-5884-4fad-8f6d-39522defdc2d' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/18ecce90-5884-4fad-8f6d-39522defdc2d
Message:
Mixed Content: The page at 'blob:https://8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com/18ecce90-5884-4fad-8f6d-39522defdc2d' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=f97c712f-8434-4736-8165-dff7fb9eb5a8&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID}
Message:
Failed to load resource: the server responded with a status of 502 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8e1e11668075f2c65a89f0e4ccc60d5a.safeframe.googlesyndication.com
a.c.appier.net
a.omappapi.com
a.tribalfusion.com
a938.casalemedia.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.pubmatic.com
ads.yieldmo.com
analytics.pangle-ads.com
aorta.clickagy.com
ap.lijit.com
api.omappapi.com
api.rlcdn.com
assets.pinterest.com
b.sharethrough.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bid.g.doubleclick.net
bttrack.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
capi.connatix.com
casale-match.dotomi.com
cdn-ima.33across.com
cdn.onesignal.com
cdn.opecloud.com
choczuc.os.tc
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
cnz.disqus.com
cnz.to
config.aps.amazon-adsystem.com
connect.facebook.net
connectid.analytics.yahoo.com
contextual.media.net
crb.kargo.com
creativecdn.com
cs.admanmedia.com
cs.lkqd.net
csync.loopme.me
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
esp.rtbhouse.com
eus.rubiconproject.com
exchange.mediavine.com
fastlane.rubiconproject.com
feed.pghub.io
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
geniuslinkcdn.com
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i.ytimg.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
invstatic101.creativecdn.com
ipac.ctnsnet.com
jnn-pa.googleapis.com
js-sec.indexww.com
keywords.mediavine.com
lexicon.33across.com
live.rezync.com
log.pinterest.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mweb.ck.inmobi.com
native.sharethrough.com
oa.openxcdn.net
oajs.openx.net
onesignal.com
onetag-sys.com
p.rfihub.com
p.typekit.net
pagead2.googlesyndication.com
pandg.tapad.com
partners.tremorhub.com
pdmp.profiles.tagger.opecloud.com
pdmp.tagger.opecloud.com
pghub.io
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s.update.sharethru.com
s.uuidksinc.net
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
scripts.mediavine.com
sda.fyi
sdk.sharethrough.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
server.cpmstar.com
sid.storygize.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
stx-match.dotomi.com
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.bfmio.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.teads.tv
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
tags.rd.linksynergy.com
tg.socdm.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
um4.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
use.typekit.net
usersync.gumgum.com
wt.rqtrk.eu
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
acdn.adnxs.com
ad.360yield.com
ad.mrtnsvr.com
ads.yieldmo.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bttrack.com
c.bing.com
connectid.analytics.yahoo.com
creativecdn.com
cs.admanmedia.com
csync.loopme.me
fastlane.rubiconproject.com
gocm.c.appier.net
htlb.casalemedia.com
image2.pubmatic.com
ipac.ctnsnet.com
log.pinterest.com
match.prod.bidr.io
match.sharethrough.com
pixel.rubiconproject.com
pm.w55c.net
s.ad.smaato.net
s.amazon-adsystem.com
sdk.sharethrough.com
sid.storygize.net
sonata-notifications.taptapnetworks.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
stx-match.dotomi.com
sync.1rx.io
sync.aralego.com
sync.mathtag.com
sync.search.spotxchange.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
tlx.3lift.com
ums.acuityplatform.com
www.youtube.com
x.bidswitch.net
104.16.143.23
104.18.214.59
104.18.24.173
104.18.36.155
104.18.41.104
104.36.115.111
107.178.254.65
107.23.135.200
108.156.172.23
108.156.172.34
108.156.184.111
124.146.153.169
13.107.42.14
138.199.40.58
142.250.80.98
142.251.16.156
147.75.195.55
15.197.193.217
15.235.42.104
151.101.1.181
151.101.130.49
159.127.43.169
162.248.18.34
162.248.18.37
169.197.150.7
172.104.105.5
172.217.13.102
172.217.13.130
172.217.13.138
172.217.13.142
172.217.13.161
172.217.13.162
172.217.13.163
172.217.13.168
172.217.13.170
172.217.13.193
172.217.13.195
172.217.13.196
172.217.13.198
172.217.13.214
172.217.13.98
172.253.63.155
172.64.149.180
172.64.151.101
172.64.152.89
172.67.164.44
173.231.178.115
174.138.117.212
18.205.135.201
18.214.11.191
18.238.25.89
18.238.25.98
185.167.164.49
185.184.8.90
192.184.68.149
193.122.128.135
198.148.27.131
198.24.170.51
199.232.196.134
199.38.167.130
20.253.86.149
207.198.113.88
209.204.227.110
23.105.12.136
23.22.36.112
23.223.209.41
23.223.209.69
23.44.201.169
23.51.57.13
23.51.57.155
23.56.162.28
23.56.163.106
23.56.163.9
23.66.228.170
23.66.229.147
23.83.76.39
3.160.22.10
3.160.22.80
3.160.23.31
3.160.3.135
3.160.5.46
3.214.33.241
3.222.229.145
3.225.218.10
3.93.69.72
31.13.71.36
31.13.71.7
31.220.27.155
34.102.146.192
34.102.243.38
34.111.113.62
34.120.107.143
34.120.155.137
34.195.28.76
34.204.123.217
34.226.253.159
34.233.0.32
34.96.70.87
34.98.64.218
34.98.67.3
35.190.39.111
35.194.66.159
35.211.178.172
35.214.242.163
35.227.252.103
35.241.45.217
35.244.154.8
35.244.193.51
38.68.201.140
40.76.134.238
44.215.45.69
44.241.82.97
50.116.194.21
51.161.66.85
51.222.39.185
51.255.68.171
52.200.12.121
52.203.123.191
52.203.254.189
52.22.225.85
52.223.22.214
52.23.26.141
52.45.219.8
52.46.151.131
52.87.108.188
52.95.126.138
54.156.159.24
54.158.15.169
54.174.90.242
54.243.90.71
63.251.86.50
64.74.236.159
68.67.160.132
68.67.179.166
69.166.1.67
69.173.151.100
69.173.151.96
69.20.43.192
72.44.44.12
74.119.119.131
74.119.119.139
74.119.119.150
8.28.7.81
8.28.7.82
8.28.7.83
8.43.72.42
8.43.72.97
85.114.159.118
019f58a048456fd2482af43617819c9c0066d1d61f853483e12eb0237c69c0ca
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
032d3b1ae4d2c64ef963000cd2ca67039cd645059ce4efecbfd64238f1618c12
045fbd67064a7994e38eccd3dd0be6773ced45c093d1011baed44a6d23ee5047
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
053a87db56b9f9bdd8d95548754022c044a9ac63721953e23deea5b967029805
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
071ab86e7fd2fd640b8b57a67e9a70e1e7ec5b3074ee6b6545ae7fd8eeac3ffb
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b3726ec900826d08eb02b76e62bafc5442a32809003c76b43a8268876fc4d1d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
0ff4fe886c21f09a3ba144b93e3eb818a5152eaac69c25fce50a31677078c533
106339c42b1e49713a1d6d9ed26ed4b6d52fbe4267c9aba5f0bfe289bdbda199
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
1159e43303c4a7a8257ee78b056cd107c83eeef074f5a15878c3fc7ba758a74c
118460ae26de819d775e7d384434a2afd2b7b048013e47e385dc302b33b6c3bd
12a257aaa7d4145d0681594fdb8b98c2440ac00e81806a2ce777cd82201b313b
135f1dd493460ff5b59f79a6d90ff4937f83b135333ea54e50a2f83c18289a78
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
168642741cf6acd34501d09c8cc1c7e6be332ca9222f3223419bd1664b381839
16e81fe5eb8e62440c8208fe13409e40ec141b75547a35b7a79655935b409b9f
16ec18d8f68aede3d00e56cf0a481bdbf23b46c8a51488c56db63d482a4057dc
1779a397750dac1412b68b673aeb2b6471e7491463309b08494715c278bda13e
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19cc066eaee5ba8344d103d2271579e045f1206b59593a5b2acd4564de288fc3
1a4c38810f1e5fb61b5f027e2d01b3de3d6c6351ff8f35c28fb7d32bc4d5d685
1ac7875370ad693799d60ec5df8c2e6e0659755d072a2d0cc94a78ec00eca772
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c2173ff480baef3a5c004be30f1c9a0b5698e36af666606e926f813e9a5e968
1c9c11d16363f8bc064882200f5261b12bad52e5fb01771c0339a1cc7c96b89e
1d0cfc1e6b72899045e718452c438fb6a9c913ac42813910397834edfed3e10d
1e33c3ad92a20349f5226b53176be4a3af25a42fd78f5e4f593f74361132c34f
1f1d91dd79f22852adfb2b0f1cf616c700dcb2ac982ee62959746b79b5da7f3e
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
22215d5fe62312c1ef69f2de8b6b06dd8ea9a44f0e6be7f8ef4fbc742fb51564
234595572b74d58cd52917208142b3131ad7992126358ee0d917a40cd1240e83
2364d71e2d786b2da8d73b625541ebd98a1d1e96d1b156faec4aa9763b034b09
241d80503f2c90bbe544d429b1eb12199f5e5e120119341dcfafdb448f637c49
24d5bc29cf8d5021fdeaafafd4c9871fc124163ea2d72adfb994aba8c883abe7
27187c5790cf7c3b226792b2c3197ce4f996b1a7ccb9b766f88e0b771fff9cf1
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
285ee81ccebfbb0f5cbda88427582e3a10f05dc5abd1e228c0376eef5e9694a7
2872dbd28d723d897e1d79e2c419707ec827c87356183ccf0791c3dad5a98045
2890052d7681e41619a41556f585712cc20cea3fcbb19480de840f39c785bce7
29696df9ed6c48222770e98e10178787964ab2de3803dc7213cd24149c4c0f58
2a2b0017348eefd0a334362250a1a98451892763dde21be398a4e3c371e97b77
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e42835474bed76108be3a8ab1de4095bd3ea32386e75758109723071699b9a8
2e6fb6342f15f8c92092db2e29c8cc401c8f6a03cb906befe017980e8516fcae
30fe2b25061c04e45888d4eccbe63e113ad09715a8ee40d87485f188a526aa2d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
335400ab47dfcc9e87d9e3a0749118070f2be6fb4d5f58e9aa2b52fcb1f265e0
3356e040e8d1bbe6e865bf0a287f7a8732a4692da0b98e1caba34b0f6a00576e
339190ec304bd927dca44088df9acf2b6cebe2b2adbbed7504d5f6e85509e63a
345c48b53db49f4ac7c824dec7e8399bc84c87de16b3880fc0a812c0b2322ae5
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
34f76b8ec6ecba4e4fc556dd3b237f117577201af369ec620da6176ef8f9e79e
36945ba11775e05e6696a2d2ff02e2c2ac108b3e3189f651417223a7ee351562
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36e8d658af8b6f2725da4523cadb36d0b79ccdbb4b8bf73bb0231be0a41d2acc
378c6c792ec64cc2769a33491b2ad8463a0a4c539779329ca6b1760d8848cd02
37afe63caf6ac4aa70e635de51e477d81ee1270d4a51d02f54defe08274340a2
3815796784b33b1dc536b0db68c65308a5d6e39dbd2033ae0bcc59703a85e165
388a1ecf6a0486415083da26b9e5bb4c5550201a8d1a8a79667a9fd9d8933b0d
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
39b8040e99ed258fdd8d51bbf92cc9bb8ce8a68809fae8e91253971479dd8bff
39fd587b0089a6a25a4742cb7c98043bb9a375ccb1b178545742e78b5f1e0b9e
3b0700d982298fdc944422457387899a83f0e7d371cd68c883fb488a17d99e35
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f01b01e36564401efed719dfd6420d11ae72ffa4b69c951b168211db8b877c4
3f6dc6b11e17942888dd37430886bdd58f39fb8847b231b5cdc820a16e3c3695
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40ec67865cc9c65f0ce39a8eb9e7d35f06c544d85b7f2b13607962abaa2c7078
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
41946d688c5783094bcbe709067b5fd5dcbd81364473c6bcefb2dc5aadd19872
41a23ef1bcd8162ad53e411eded278b23d15f8c3aaa403711cb8af5cc307d2cf
41f85c566a0dbe139d4f9c9c244f83b287edced6fcf24736ddf27e91584a3629
428f350bd53281aeb92b949ccc048356f66823858401537ef57c712bf179fe3e
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43cdbb1985231afab309de0be719ef8fe3a81228be641de8b454d1127209f6a7
44b4e03f46cee6ae80b1e79f40466589b6e442712d1addc14044584adbbb5f7b
45bd57a08f2ab75688b262993ca9687a1997df152860a1c146b863751719a6e6
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46bf2987c83e22bd6bb782658762840e43c3389176ab927ff6da4029f567a7a7
47c4f6f4b1714fa507e962fdba1252afc452c293c1fdc76a7ea747d8ddbb0201
48624b95958abdc5cce2c48ba8b3a5a17e0a9e70f1335bb0e40d7367f257159e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5150d54b70c76a0397d97a93b42ac834d32381b9f1659a4b4d28ddbb30569c36
52100762441ce7d48c9b720b42f5f62d5f691ed5e6fede874f4eb0dc327ecd3f
52a81cc44904eac8d8d3d8aa4d66fa18c2ed0c537a2a170547d94534476cd188
5442131fb8e00b6cf40add31f12ca2de70f0151300a4a8a7a9460c8daf146bc4
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5837b81f37ccca7e5a03a8898bf629d997e7c188ad5ecba3e08793e79c01f879
5898643489601e99b69677cf21487205b3c0357bc4803b7ee7a392ea1bcab2d4
58cc196d11d355db996638034106778ef7c5cb20a7122783ae9b85f1ccda8e90
58fa43ae9450923e73f0bbb2acd96efd04f4f6da9c6c227669dbf919f0226ac8
592b1627edb42210d91ebe730f62069cb082f04dd25c4a63da955ac597b8c432
597286e3bce960a6a5e1a893ac3c5375afecf53a47b92c8c1c0895dfdbca779b
5a4135612a99221d0fa21b270bc8723b871cb695e2d712bd5770c90bea59c67b
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c2c98824751be38ca3cba68e63a9210ceb5e79dfce50f35c6f4eb791b30e19d
5e922f7175050613517b8944534ba4dd68837aa690e9fb12e6513d8465e84cc4
5fd8d82240d3e26d9172cbb614fc678c36149712a599be756c9751cda9aaaab8
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60aae95b9cd589ab6c83454739147be1fe481b9ea71d14f3b1a6b509d02a6e36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61de4cb1cdf16e28d1c3abc370502f2c18b4522bc1210d40f29b07c1dc84e857
626d3910c1bebfb805a062511b7a3ddc0da9731896a291daf80830db0944b3b9
6354c4ec800f1d1d7affba1c099e916ab2c55ecadd4fcbd1493d3a28ab776e41
64a4ed8872228e80f2ef6519ae6f19200ddd5da2670cdbcb30eeb8ac46e09a63
65ece8eb458cfbc49ac09ba446fe4550caa833f50ffae92288a1ac06477f7157
66fe1de06cac20055aaa94e4a901262f203082f38b97a0495e32138ce91a0a2a
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68d315867b21afa712c8c662510e4db04d1b4282a3c581d711b87c6855c82dd1
69886dddae62f719eb04d328159de91fc414dc015c770fd3dd5afe8ef4f0d35f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ec0a341e8e985e726de0f08c522271523761ec352f1b07adb5129da7225c20c
6fd805002127e4de71701b6023ded3ec0843559d89a92bd206ef5562690a9e65
6fdadaacd40057633d19ce14868b83ab76f781214f860e5b93d5e8f37ba1f606
6feedee0b3ff656231324e97f80eac7feb981ba46b89187f0daaa9e058e6f6b9
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
73737a4ea074b9a142dce919f28b812cfe103dc521f78b16ecb3d550f2b00616
7473f661bdedc64ecb16194dfaf50a4173d44f535fc1f3459ad8e19fb692698f
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
77d2b97f29e5d9705d421bd772d651459a1dec3c0dc1b44bdedfb062872cfd05
784a81d7abbd8e4670546720eb51f5c55607597aa5189f7674558148c08dea21
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
790a641195160a109673107f3cdfd955e038a362ba6d64e3dba9843eba0b2f7b
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
7ac2f7828b4078bff5327ba88354499450401f01d669d03fb02d0e6ef102aea7
7ae4c978fe0997597c99e7c7c5f4062280aaa344768ff6022ac6115d3d40a49d
80763d110b552ceef6f5c4737adce35fc01ce13f2dc1152da61bab4ba9265609
80c323dd4df46e2e39e719475263dd85ab66d6e999df021d6522fab5df2d802e
83c03c13ae512aeaf45b9a54c62dad09b5d833edae4f2459d3f71f2a3f2744aa
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96
87afaa444ea097b755eade6b34d1a5afc16531244d4081f8e3d33079d71a21a3
883fa9745390489e86fc6cb70805527a3ca2d558fdd02ec649b90c3944fbc14c
89e53c14f48b9cc3cb5fa5ddca1d0b73f109fe1e345e7aff3a2489e4bfa58861
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4
8acc57dd546a438f5fee493fb8f716c243f6c1530fe3c558bdbe1af0ee7c2faf
8c1a5733b2830f10e5f1d5b727bfc5e963379c939feabae4c4e8fa95bd19fc41
8c4fc04634a28970e4a08a3f3a9e5b605fe4bafbc4a91ba48ecd48a486a61825
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8dd846b760e7325c652a093a1f446cbddb4edbb2da418f84ac67d186c69b6585
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e631166725db81a1885cbc3332777d5a2a7d9af0414000c270412c2817a755a
8e678c2fb72fda1769db364e9f3430fce64c5d66d1acffaf13467fcab181f33a
9374de83a1ae003a6d2b760104087e3911f91d4d7de336b2ac5ab7b35e38b1a9
93d9a8bb1bc0c533f83c02ef72845a803d273cb2dee096b1c003e8a8cff78811
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
984b06744b3f4dad2b827b4f4dd7693574ebb06856dd7bafbdc6994e3dbc6a90
985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9a9a9ac1896c842ea8a6bb4a544ff2a33a4c9bb07b9f910c094cc65da69a1661
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c26d98737a773d4e29c2b539e05cce37eb8aa92b6026b8a1e6d1db6062ff10f
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
9e1ebfc7e3e311af891b9615f70de2860009319f9c5b22fa063cc133c396e878
9f59408f19a75086b0d83d73baefeeff7585dce8c5f2aee89f5d73fdd3a1a5d9
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00c2435d3641f05cf8654bd0f2bb96e4334c66720dd4a0cfd6ab306dc2547ac
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b824fb00f0c50b765512317bc0e93daa203d1b9e2916dad6827fa5fbf45fe5
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a4af3ea6ff18bab36043bbb0c7de1d9e01150241334ceab412c9fe4b8961c2f7
a4d32a636e53dc9171fa27726cd8de02f1290cb72bc8f4497e8e467afc43ffb7
a630291d728d2fe86b14f8c6c4fddfcc89773ebc5336bf4f693f90e8644ffbd0
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a7b84c22955a599195b5b1f0f81a856301da7a989b360f268277d4c3ce01a0b8
a94c1722739fa0928125afaa3aa3d2401f357f1075cda46a7a3c62be1166c9aa
aa863b1f24ed086ab7aa5de96df09eb6587c469c752a797c4ee0ff85d1f5fac0
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
abd3328d01e4d867f4f56d97288fe35e273103f3cef7d6785d3f550c738dbd49
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
af17d4cff542b33c97ee3a95f82a21d8993c87fd3472dff534fa855828a3b615
af1c051c3908dc4161c2a908444b469d8931560e3d09e8533a475ef6b7ff595e
afe9c3cbc980202176a0e1e99a357b605ab1c151f2e4479f405b9989fe41282c
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b26bbd8c396b7a212573cf763b1365a5ca0216be246d24d3a35e398a008bd71e
b2b3b691360be91324019c0b40152380c20a1d1b179b2573955a5c7505a06ebf
b3eac4dfed5ce47afaf90abe1c144b793ff97fd2bac73c7c771eed49b8a09643
b4208c430fb204fc4903653c1c36f9832e2c3bfb742a6828e96878e328d8e26e
b4de15b69acb58d5a5907d860d610dfd8941b0b54ff9b1ff6f65a1cff4805e59
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b66cf52223472cda1ffbcb97746faf7b29e7564a00b40142e1b81c1be06af2a6
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
b6c68f825285a77566f508f60e14056f036308cbd75cdda648a82d6d51002e84
b9d12fd3a53413ed7ec99fb4e090fcf3c316566b649334822df8a4aae2f414d4
ba24896725c75f555776ee09b1ba000865f1c59b82098d665b893685fc528e79
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb43371a3fe794ecc3d97a4ac77eacee71d2fe54bc626df474778fb1f4bee476
bc34e6a3b885e2c355cc95c15f5e620571ee7d2c6d2ec95a26ec8c7b0f151a2b
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be62c9b9abdbc021fab50fc3f4cb88c6bdd1e0a3c17a88fa73e638071b6b543d
bfb4556940bda97e7ce78b9561c74bbfa59f22a1e449f9cdc634d9fcb9e4254a
c09f5b094951b3bd874cf2d54a3c929ebf3412b6165471e01da648b74ed07f75
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c646c6161515be66e77913fe1f54eeb7bf14e9c39d55b0b8b2370cc77ca822c8
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255
c759c8d031f86a043d2326d9b28d2f95d5d84339ca91d32129652bfb67404c1f
c914ebd74a7b41862cc64bef9bede4a3f6f308c3dae90627ec18745c617f4ec8
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
c9d8d3dbe63b469a0ac002502475465742ce4c2f7cc60beb1d5d4a69c63c0b85
cb932d07aec8805e7181ebd8548c37bf60d29ba139ddb8ddc80165cbdde0368a
ce1fbfa5046f54fb3cafdf7b6cbe0bb4cffd07d87a5545d779d35587ab11e75e
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
ceaf78ad1b28ab450e1ea15ae58c12dab4b2443ba0d0114fc30498a396e69699
cfa2a8ba24e6321ca3488d746dfd6bbc82faa38c6c3da09a581b6d82c037fba8
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d18a3560a67608ea3c73bcd9658cbe2a70a0493d98c8888c307404a50b0a2259
d2052d156ae64a1c75bff9546010dd13d09f6ccba3932f28b548a635ad206531
d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842
d610dabc67e887c42adeae2620a970f34dea4dd8039f36bb056bfd7d8674a5c9
d749a992f0eb365b9a7f569f47bce5d5a4bbfbf0f977d3e9eef2c51bd990d1f0
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d854531f9c3833536d6971b4fd7617dafe1a2c6fd0bbed9469122e73ff3b13a1
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f
dfb3b42576276140e6cb0f820c26240408d7b0c2a09db6e7d7de5b303f5202f2
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
e225b81fbcf0a25b3fce3191d7098ff4b4416eacba7789d049f83ac0bd2bb660
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7ccf008248b90ffa7c0e9cdca06f9fd7afd39d291c1327f23dc96b8b0a8aad1
e7dc2d96e7b17036114e965bc4fd20227f0285f0e0a7530015fb57e6ee3a959c
e878848ad649d0b771d44453abd0ae8e4aa7a2b93298641ed0c26fff581dcb4f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ed5413685378401839d0b05c232052d58018dc1a581d0db1411af0cc57e5e57e
ed839d9fae4a8e722e9c408c2716a6f1eb789b99ef16722cd39ff4965749d8fb
edca91aa72640c4450f408ce4e6cb8d7442a84cd03128936c1d48ee03e56705b
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee918de21d584e237cbde44c0c934956741607a048f9cf14652afd6cfd633d19
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb8b69af53301063c91ea5840e4c1a0a1f8f0297b30ea27b5eb62792d19e058
f0a5bc2020eef2cb7796a178c3034546cfc6cd9262e5cac607ab83555963c8ef
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f4dd805c4f7961ff41eeb2cf8dfc005073d976155bb560a8e07337e80910baec
f673e5a948e8d720292cda8b8fb94439863ceac962b6f65f0e033cde1ceb2893
f7b3649f3de96765a234a0daaff2fd4322924a2904604b416ea4817d850f07d0
f880e65695685e810257bdbecabb72b9d6d198cd251b2bbed82ffab7f31c3761
fb371db66244b0729c3a71e0ac435ce47c415f4d6b7ee5a662058dc67e7f7b96
fb52c6a4691c4c183a50921b788be2bd1b704e18e7603c31ee103106a6c1a190
fd1b926388e49250150b716e263b13df666c3757c4430210b5d9b0861667b797
fd8d118fe8ac283b6e6ece58b4bcbbc06cd734f11761faa7c46ff08069f711f5
fdc69bf1c222971ec2ceeba6ad162aeb0433e842ee0d6d1e0b685194c3185e7f
fe23f9304c2fe4b3b97fb6223ea13be406a3a3044de905a854e9d374d1487a43
ffb80624264fb2038baf8456a09804e1e009afe7d642235beaf65dfea1de6fae
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc