urlscan.io logo urlscan.io
SecurityTrails logo

www.komando.com Open in urlscan Pro
35.243.221.239  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR...
Submission: On February 07 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 122 IPs in 15 countries across 108 domains to perform 520 HTTP transactions. The main IP is 35.243.221.239, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.komando.com. The Cisco Umbrella rank of the primary domain is 166664.
TLS certificate: Issued by R3 on January 19th 2023. Valid for: 3 months.
This is the only time www.komando.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 35.243.221.239 396982 (GOOGLE-CL...)
14 99.86.4.102 16509 (AMAZON-02)
2 52.222.139.61 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 151.101.2.207 54113 (FASTLY)
3 2600:1901:0:4... 15169 (GOOGLE)
1 5 2001:4860:480... 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
4 185.24.11.18 60068 (CDN77 ^_^)
3 192.0.76.3 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 151.101.194.132 54113 (FASTLY)
11 151.101.1.44 54113 (FASTLY)
1 23.62.220.203 16625 (AKAMAI-AS)
5 34.160.110.8 15169 (GOOGLE)
1 2600:9000:230... 16509 (AMAZON-02)
6 54.161.174.12 14618 (AMAZON-AES)
11 209.58.133.68 7203 (LEASEWEB-...)
2 151.101.129.44 54113 (FASTLY)
2 6 65.9.86.105 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 116.202.150.116 24940 (HETZNER-AS)
1 2a02:2638::1c 44788 (ASN-CRITE...)
2 34.111.152.239 396982 (GOOGLE-CL...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
21 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 65.9.86.116 16509 (AMAZON-02)
1 99.86.4.31 16509 (AMAZON-02)
1 1 2a00:1450:402... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.180.230 15169 (GOOGLE)
1 54.87.52.15 14618 (AMAZON-AES)
11 141.226.228.48 200478 (TABOOLA-AS)
3 52.222.209.55 16509 (AMAZON-02)
1 52.213.152.139 16509 (AMAZON-02)
4 6 2620:116:800d... 16509 (AMAZON-02)
7 34.107.140.113 396982 (GOOGLE-CL...)
9 13 185.89.210.244 29990 (ASN-APPNEX)
2 52.57.157.161 16509 (AMAZON-02)
10 35.244.159.8 15169 (GOOGLE)
2 2602:803:c003... 26667 (RUBICONPR...)
6 13 216.52.2.91 30282 (AS-INAPCD...)
4 172.64.154.237 13335 (CLOUDFLAR...)
2 3.73.229.242 16509 (AMAZON-02)
11 3.70.105.175 16509 (AMAZON-02)
2 130.211.23.194 15169 (GOOGLE)
1 162.19.138.120 16276 (OVH)
1 2001:41d0:701... 16276 (OVH)
1 2600:9000:211... 16509 (AMAZON-02)
1 37.157.5.142 198622 (ADFORM)
4 6 162.19.138.83 16276 (OVH)
15 19 185.255.84.152 200271 (IGUANE-)
14 88.221.92.63 20940 (AKAMAI-ASN1)
3 13 104.96.145.246 16625 (AKAMAI-AS)
1 6 104.18.33.19 13335 (CLOUDFLAR...)
2 185.86.138.150 201081 (SMARTADSE...)
8 2.18.36.193 16625 (AKAMAI-AS)
7 2a00:1450:400... 15169 (GOOGLE)
22 22 3.76.151.8 16509 (AMAZON-02)
4 34.98.67.61 396982 (GOOGLE-CL...)
8 20 13.248.245.213 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 7 185.89.210.20 29990 (ASN-APPNEX)
14 195.244.31.11 63140 (IGUANA-WO...)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
1 18.66.15.14 16509 (AMAZON-02)
6 8 52.215.255.163 16509 (AMAZON-02)
1 2a02:6ea0:f40... 60068 (CDN77 ^_^)
13 15.197.193.217 16509 (AMAZON-02)
3 3 64.74.236.31 22075 (AS-OUTBRAIN)
1 1 109.206.161.21 50245 (SERVEREL-AS)
3 3 35.214.223.115 15169 (GOOGLE)
1 1 185.183.112.148 60350 (VP)
2 3 54.208.243.98 14618 (AMAZON-AES)
3 3 2.18.79.139 20940 (AKAMAI-ASN1)
1 1 146.0.227.110 20773 (GODADDY)
1 80.77.87.161 46636 (NATCOWEB)
2 2 188.42.34.64 7979 (SERVERS-COM)
2 2 3.75.3.113 16509 (AMAZON-02)
2 35.244.174.68 15169 (GOOGLE)
1 192.132.33.46 18568 (BIDTELLECT)
1 2a0c:5c81:513... 55081 (24SHELLS)
2 51.75.86.98 16276 (OVH)
2 18.65.35.220 16509 (AMAZON-02)
1 104.103.89.173 16625 (AKAMAI-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 44.207.220.40 14618 (AMAZON-AES)
3 8 185.86.138.142 201081 (SMARTADSE...)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
4 4 37.157.2.239 198622 (ADFORM)
11 22 142.250.185.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 9 185.80.39.216 27381 (CASALE-MEDIA)
2 6 52.46.151.131 16509 (AMAZON-02)
1 1 143.204.215.103 16509 (AMAZON-02)
2 2 72.251.245.181 32475 (SINGLEHOP...)
3 23.82.15.162 30633 (LEASEWEB-...)
1 2a00:1450:400... 15169 (GOOGLE)
2 5 62.149.1.122 15497 (COLOCALL ...)
3 98.98.134.243 21859 (ZEN-ECN)
6 6 213.19.147.45 26120 (RHYTHMONE)
2 2 35.227.252.103 15169 (GOOGLE)
1 14 52.94.223.167 16509 (AMAZON-02)
4 8.43.72.97 26667 (RUBICONPR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2600:9000:205... 16509 (AMAZON-02)
15 2a00:1450:400... 15169 (GOOGLE)
2 185.86.139.116 201081 (SMARTADSE...)
2 185.64.190.77 62713 (AS-PUBMATIC)
4 4 69.173.144.165 26667 (RUBICONPR...)
3 2620:1ec:21::14 8068 (MICROSOFT...)
3 6 2a05:d018:d29... 16509 (AMAZON-02)
2 4 69.173.144.139 26667 (RUBICONPR...)
4 69.173.144.138 26667 (RUBICONPR...)
6 2a00:1450:400... 15169 (GOOGLE)
2 2 18.144.106.164 16509 (AMAZON-02)
1 1 23.203.124.21 16625 (AKAMAI-AS)
2 151.101.129.108 54113 (FASTLY)
3 54.220.103.172 16509 (AMAZON-02)
2 172.64.151.162 13335 (CLOUDFLAR...)
3 52.29.94.204 16509 (AMAZON-02)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 20.127.253.7 8075 (MICROSOFT...)
2 2 2001:678:cb4:... 56396 (AMOBEE)
1 2a04:4e42::300 54113 (FASTLY)
2 2 193.0.160.129 54312 (ROCKETFUEL)
29 216.52.2.48 30282 (AS-INAPCD...)
4 4 3.122.125.162 16509 (AMAZON-02)
2 2 18.185.230.98 16509 (AMAZON-02)
5 5 185.29.134.244 30419 (MEDIAMATH...)
4 6 104.96.159.65 16625 (AKAMAI-AS)
2 2 35.204.74.118 396982 (GOOGLE-CL...)
2 2 198.148.27.139 19189 (PULSEPOINT)
1 1 34.202.66.243 14618 (AMAZON-AES)
2 2 35.210.53.219 19527 (GOOGLE-2)
11 34.98.64.218 396982 (GOOGLE-CL...)
5 5 54.216.196.145 16509 (AMAZON-02)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 2001:678:cb4:... 56396 (AMOBEE)
1 92.123.38.97 16625 (AKAMAI-AS)
2 2 79.125.68.7 16509 (AMAZON-02)
2 2 151.101.66.49 54113 (FASTLY)
1 1 18.134.84.26 16509 (AMAZON-02)
1 2a05:d018:cc3... 16509 (AMAZON-02)
1 209.58.147.67 394380 (LEASEWEB-...)
1 141.226.224.32 200478 (TABOOLA-AS)
1 185.86.139.102 201081 (SMARTADSE...)
3 2a00:1450:400... 15169 (GOOGLE)
4 4 3.126.58.16 16509 (AMAZON-02)
1 3.228.189.113 14618 (AMAZON-AES)
520 122
18    35.243.221.239 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.221.243.35.bc.googleusercontent.com
www.komando.com
14    99.86.4.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-102.fra6.r.cloudfront.net
cdn.privacy-mgmt.com
2    52.222.139.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-61.ams50.r.cloudfront.net
link.monetizer101.com
3    2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    151.101.2.207 (United States)

ASN54113 (FASTLY, US)
sdk.mrf.io
flowcards.mrf.io
3    2600:1901:0:4277::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
spookyexchange.com
5    2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)
g4tagging.komando.com
5    2606:4700::6812:15ce (United States)

ASN13335 (CLOUDFLARENET, US)
a.pub.network
4    185.24.11.18 (Vienna, Austria)

ASN60068 (CDN77 ^_^, GB)
PTR: 185-24-11-18.bunnyinfra.net
b1681952.smushcdn.com
3    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
7    2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    151.101.194.132 (United States)

ASN54113 (FASTLY, US)
player.ex.co
11    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    23.62.220.203 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-220-203.deploy.static.akamaitechnologies.com
api.pinterest.com
5    34.160.110.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.110.160.34.bc.googleusercontent.com
d.pub.network
c.pub.network
1    2600:9000:2304:ba00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
6    54.161.174.12 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-174-12.compute-1.amazonaws.com
prd-collector-anon.ex.co
11    209.58.133.68 (Alameda, United States)

ASN7203 (LEASEWEB-USA-SFO, US)
p.channelexco.com
s-110.channelexco.com
rtb.channelexco.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
widget.perfectmarket.com
6    65.9.86.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-105.ams1.r.cloudfront.net
sb.scorecardresearch.com
1    2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    116.202.150.116 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy01.cl03.het.mrf.io
events.newsroom.bi
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com
optimise.net
2    2606:4700::6812:116b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
21    2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
securepubads.g.doubleclick.net
adservice.google.com
1    2606:4700:20::681a:932 (United States)

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
1    2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    65.9.86.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-116.ams1.r.cloudfront.net
pagestates-tracking.crazyegg.com
1    99.86.4.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-31.fra6.r.cloudfront.net
assets-tracking.crazyegg.com
1    2a00:1450:4025:401::9a (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400d:802::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.co.uk
2    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.180.230 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f6.1e100.net
ad.doubleclick.net
1    54.87.52.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-52-15.compute-1.amazonaws.com
gpv.ex.co
11    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-trc-events.taboola.com
3    52.222.209.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-55.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    52.213.152.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-152-139.eu-west-1.compute.amazonaws.com
tracking.crazyegg.com
6    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
7    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
13    185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    52.57.157.161 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-157-161.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
10    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
freestar-d.openx.net
u.openx.net
playbuzzltd-d.openx.net
eu-u.openx.net
us-u.openx.net
2    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
13    216.52.2.91 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
4    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
2    3.73.229.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-229-242.eu-central-1.compute.amazonaws.com
tlx.3lift.com
11    3.70.105.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-105-175.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
2    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
1    162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    2001:41d0:701:1000::96f (France)

ASN16276 (OVH, FR)
lbs.eu-1-id5-sync.com
1    2600:9000:211e:0:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
6    162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
id5-sync.com
19    185.255.84.152 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
14    88.221.92.63 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a88-221-92-63.deploy.static.akamaitechnologies.com
cdn.ex.co
mcd.ex.co
13    104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
6    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum.casalemedia.com
2    185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
8    2.18.36.193 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-36-193.deploy.static.akamaitechnologies.com
ads.pubmatic.com
7    2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
22    3.76.151.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-151-8.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
20    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    2606:4700::6812:13d1 (United States)

ASN13335 (CLOUDFLARENET, US)
mma.prnewswire.com
7    185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
14    195.244.31.11 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor-usa02.omnitagjs.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    18.66.15.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-14.vie50.r.cloudfront.net
api-2-0.spot.im
8    52.215.255.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-255-163.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    2a02:6ea0:f400::4 (Zagreb, Croatia)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
13    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
3    64.74.236.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    109.206.161.21 (United States)

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.161.21.serverel.net
sync.e-volution.ai
3    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
1    185.183.112.148 (Meaux, France)

ASN60350 (VP, FR)
sync.adotmob.com
3    54.208.243.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-243-98.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    2.18.79.139 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-139.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
1    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    188.42.34.64 (Odesa, Ukraine)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    3.75.3.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-3-113.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.46.bidtellect.com
bttrack.com
1    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.spotim.market
2    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
2    18.65.35.220 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-35-220.ams1.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    104.103.89.173 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-89-173.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    44.207.220.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-220-40.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
8    185.86.138.142 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    2a05:d018:24:b001:dd08:e1ef:6d82:479c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
4    37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
22    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
1    2a00:1450:400d:80a::2006 (Ireland)

ASN15169 (GOOGLE, US)
s0.2mdn.net
9    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
6    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    143.204.215.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-103.fra53.r.cloudfront.net
cm.smadex.com
2    72.251.245.181 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
3    23.82.15.162 (The Colony, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
e.channelexco.com
1    2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)
69c3be3f32e2a22dbed17869481edb0c.safeframe.googlesyndication.com
5    62.149.1.122 (Kyiv, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
sync.spotim.market
3    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
6    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
14    52.94.223.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2600:9000:2057:a00:a:e047:752:5701 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
15    2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    185.86.139.116 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
2    185.64.190.77 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
6    2a05:d018:d29:3605:3a35:c032:6d7e:7081 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
6    2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
2    18.144.106.164 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-144-106-164.us-west-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    23.203.124.21 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-21.deploy.static.akamaitechnologies.com
cs.media.net
2    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
3    54.220.103.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-103-172.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
2    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
3    52.29.94.204 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-94-204.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
amazon-tam-match.dotomi.com
prebid-match.dotomi.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
2    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
29    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
4    3.122.125.162 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-125-162.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
2    18.185.230.98 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-230-98.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
5    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    104.96.159.65 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-159-65.deploy.static.akamaitechnologies.com
px.owneriq.net
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    34.202.66.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-66-243.compute-1.amazonaws.com
aorta.clickagy.com
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
11    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
eu-u.openx.net
playbuzzltd-d.openx.net
5    54.216.196.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-196-145.eu-west-1.compute.amazonaws.com
ads.avct.cloud
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
1    92.123.38.97 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-38-97.deploy.static.akamaitechnologies.com
contextual.media.net
2    79.125.68.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-68-7.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    18.134.84.26 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-84-26.eu-west-2.compute.amazonaws.com
1f2e7.v.fwmrm.net
1    2a05:d018:cc3:fe05:8000:e806:9e7:1bec (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    209.58.147.67 (Dallas, United States)

ASN394380 (LEASEWEB-USA-DAL, US)
a.channelexco.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync-global.smartadserver.com
3    2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    3.126.58.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-58-16.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    3.228.189.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-189-113.compute-1.amazonaws.com
pe.ex.co
Apex Domain
Subdomains		 Transfer
44 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
ad.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
pubads.g.doubleclick.net — Cisco Umbrella Rank: 429
186 KB
42 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 592
ce.lijit.com — Cisco Umbrella Rank: 874
89 KB
33 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 756
visitor-usa02.omnitagjs.com — Cisco Umbrella Rank: 4110
8 KB
31 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 454
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 842
eus.rubiconproject.com — Cisco Umbrella Rank: 537
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1079
token.rubiconproject.com — Cisco Umbrella Rank: 548
pixel.rubiconproject.com — Cisco Umbrella Rank: 308
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2119
60 KB
25 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 291
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 488
s.amazon-adsystem.com — Cisco Umbrella Rank: 271
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 902
66 KB
24 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 864
x.bidswitch.net — Cisco Umbrella Rank: 281
7 KB
24 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 886
trc.taboola.com — Cisco Umbrella Rank: 639
trc-events.taboola.com — Cisco Umbrella Rank: 1293
am-trc-events.taboola.com — Cisco Umbrella Rank: 18047
pips.taboola.com — Cisco Umbrella Rank: 1489
cds.taboola.com — Cisco Umbrella Rank: 1573
277 KB
23 openx.net
freestar-d.openx.net — Cisco Umbrella Rank: 9222
u.openx.net — Cisco Umbrella Rank: 640
rtb.openx.net — Cisco Umbrella Rank: 1634
playbuzzltd-d.openx.net — Cisco Umbrella Rank: 31959
us-u.openx.net — Cisco Umbrella Rank: 417
eu-u.openx.net — Cisco Umbrella Rank: 2146
5 KB
23 ex.co
player.ex.co — Cisco Umbrella Rank: 12042
prd-collector-anon.ex.co — Cisco Umbrella Rank: 10859
gpv.ex.co — Cisco Umbrella Rank: 12668
cdn.ex.co — Cisco Umbrella Rank: 13612
mcd.ex.co — Cisco Umbrella Rank: 14140
pe.ex.co — Cisco Umbrella Rank: 30885
2 MB
23 komando.com
www.komando.com — Cisco Umbrella Rank: 166664
g4tagging.komando.com — Cisco Umbrella Rank: 462480
406 KB
22 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 499
eb2.3lift.com — Cisco Umbrella Rank: 329
10 KB
22 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
secure.adnxs.com — Cisco Umbrella Rank: 409
acdn.adnxs.com — Cisco Umbrella Rank: 534
55 KB
19 googlesyndication.com
69c3be3f32e2a22dbed17869481edb0c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
234 KB
19 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 472
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 416
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524
dsum.casalemedia.com — Cisco Umbrella Rank: 1385
13 KB
15 channelexco.com
p.channelexco.com — Cisco Umbrella Rank: 12293
s-110.channelexco.com — Cisco Umbrella Rank: 91691
rtb.channelexco.com — Cisco Umbrella Rank: 17194
e.channelexco.com — Cisco Umbrella Rank: 11470
a.channelexco.com — Cisco Umbrella Rank: 12099
25 KB
14 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 931
match.sharethrough.com — Cisco Umbrella Rank: 502
8 KB
14 privacy-mgmt.com
cdn.privacy-mgmt.com — Cisco Umbrella Rank: 4857
146 KB
13 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 304
data.adsrvr.org — Cisco Umbrella Rank: 4711
3 KB
13 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 782
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 560
prg.smartadserver.com — Cisco Umbrella Rank: 1538
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1833
8 KB
10 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 463
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 450
47 KB
10 pub.network
a.pub.network — Cisco Umbrella Rank: 4808
d.pub.network — Cisco Umbrella Rank: 5217
c.pub.network — Cisco Umbrella Rank: 4970
446 KB
10 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
imasdk.googleapis.com — Cisco Umbrella Rank: 432
1 MB
9 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com Failed
171 KB
8 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 414
ups.analytics.yahoo.com — Cisco Umbrella Rank: 274
4 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 470
3 KB
8 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 389
cdn.id5-sync.com — Cisco Umbrella Rank: 948
41 KB
7 t13.io
s2s.t13.io — Cisco Umbrella Rank: 4257
2 KB
7 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 1669
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 3272
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 3418
tracking.crazyegg.com — Cisco Umbrella Rank: 3205
32 KB
6 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 923
2 KB
6 spotim.market
s.spotim.market — Cisco Umbrella Rank: 5352
sync.spotim.market — Cisco Umbrella Rank: 2216
3 KB
6 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 979
pixel.quantserve.com — Cisco Umbrella Rank: 676
cms.quantserve.com — Cisco Umbrella Rank: 632
12 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 186
267 KB
6 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 148
6 KB
5 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 3490
2 KB
5 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 453
3 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 507
2 KB
5 adform.net
cm.adform.net — Cisco Umbrella Rank: 1400
c1.adform.net — Cisco Umbrella Rank: 568
2 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 693
3 KB
4 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 898
3 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 748
d.turn.com — Cisco Umbrella Rank: 1147
2 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 518
1 KB
4 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1006
629 B
4 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 70
1001 B
4 smushcdn.com
b1681952.smushcdn.com — Cisco Umbrella Rank: 434235
48 KB
3 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 626
34 B
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 353
991 B
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 601
573 B
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 629
2 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 651
1 KB
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 835
793 B
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 512
1 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 789
api.btloader.com — Cisco Umbrella Rank: 909
79 KB
3 wp.com
stats.wp.com — Cisco Umbrella Rank: 2634
pixel.wp.com — Cisco Umbrella Rank: 2462
3 KB
3 spookyexchange.com
spookyexchange.com — Cisco Umbrella Rank: 517350
23 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 556
653 B
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 885
872 B
2 bing.com
c.bing.com — Cisco Umbrella Rank: 241
881 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4461
743 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 522
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 767
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2177
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 741
1 KB
2 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 4735
prebid-match.dotomi.com — Cisco Umbrella Rank: 2261
103 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 577
3 KB
2 media.net
cs.media.net — Cisco Umbrella Rank: 1349
contextual.media.net — Cisco Umbrella Rank: 563
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1283
957 B
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1402
678 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
451 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 725
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 596
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 996
661 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1564
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1097
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1314
631 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 912
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
234 B
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1347
99 KB
2 optimise.net
optimise.net — Cisco Umbrella Rank: 18631
833 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
136 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3064
35 KB
2 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 12995
flowcards.mrf.io — Cisco Umbrella Rank: 13269
26 KB
2 monetizer101.com
link.monetizer101.com — Cisco Umbrella Rank: 134070
3 KB
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1473
181 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 3041
532 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1813 Failed
646 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1123
630 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2391
2 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2726
8 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 359
1 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
506 B
1 smadex.com
cm.smadex.com — Cisco Umbrella Rank: 1822
610 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 283
17 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1177
17 KB
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 712
163 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 917
199 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2446
542 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1452
743 B
1 e-volution.ai
sync.e-volution.ai — Cisco Umbrella Rank: 2512
506 B
1 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 2287
1 spot.im
api-2-0.spot.im — Cisco Umbrella Rank: 2588
191 B
1 prnewswire.com
mma.prnewswire.com — Cisco Umbrella Rank: 37841
17 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 904
1 KB
1 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3254
441 B
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 5966
464 B
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 388
288 B
1 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 10395
851 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
44 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 616
466 B
1 pinterest.com
api.pinterest.com — Cisco Umbrella Rank: 2822
459 B
520 108
Domain Requested by
29 ce.lijit.com ap.lijit.com
us-u.openx.net
22 cm.g.doubleclick.net 11 redirects eus.rubiconproject.com
www.komando.com
ap.lijit.com
u.openx.net
eb2.3lift.com
22 x.bidswitch.net 22 redirects
20 eb2.3lift.com 8 redirects a.pub.network
eb2.3lift.com
19 visitor.omnitagjs.com 15 redirects a.pub.network
visitor.omnitagjs.com
18 www.komando.com www.komando.com
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
14 aax-eu.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
eus.rubiconproject.com
aax-eu.amazon-adsystem.com
ap.lijit.com
u.openx.net
ssum-sec.casalemedia.com
14 visitor-usa02.omnitagjs.com visitor.omnitagjs.com
ssbsync.smartadserver.com
s.spotim.market
14 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.komando.com
14 cdn.privacy-mgmt.com www.komando.com
cdn.privacy-mgmt.com
13 ap.lijit.com 6 redirects a.pub.network
aax-eu.amazon-adsystem.com
ap.lijit.com
13 ib.adnxs.com 9 redirects a.pub.network
acdn.adnxs.com
12 mcd.ex.co www.komando.com
cdn.ex.co
11 match.adsrvr.org visitor.omnitagjs.com
ssum-sec.casalemedia.com
s.spotim.market
eus.rubiconproject.com
ap.lijit.com
u.openx.net
eb2.3lift.com
www.komando.com
11 btlr.sharethrough.com a.pub.network
10 eus.rubiconproject.com player.ex.co
visitor.omnitagjs.com
eus.rubiconproject.com
a.pub.network
aax-eu.amazon-adsystem.com
10 am-trc-events.taboola.com www.komando.com
cdn.taboola.com
9 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
8 rtb-csync.smartadserver.com 3 redirects ssbsync.smartadserver.com
www.komando.com
8 match.prod.bidr.io 6 redirects us-u.openx.net
8 ads.pubmatic.com player.ex.co
visitor.omnitagjs.com
s.spotim.market
aax-eu.amazon-adsystem.com
ap.lijit.com
8 cdn.taboola.com www.komando.com
cdn.taboola.com
7 eu-u.openx.net u.openx.net
us-u.openx.net
7 secure.adnxs.com 7 redirects
7 imasdk.googleapis.com player.ex.co
imasdk.googleapis.com
7 s2s.t13.io a.pub.network
visitor.omnitagjs.com
www.komando.com
7 fonts.gstatic.com fonts.googleapis.com
6 us-u.openx.net u.openx.net
ap.lijit.com
us-u.openx.net
6 px.owneriq.net 4 redirects ap.lijit.com
6 pubads.g.doubleclick.net imasdk.googleapis.com
6 pr-bh.ybp.yahoo.com 3 redirects ssum-sec.casalemedia.com
us-u.openx.net
6 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
eus.rubiconproject.com
eb2.3lift.com
6 id5-sync.com 4 redirects player.ex.co
cdn.ex.co
6 www.googletagservices.com a.pub.network
securepubads.g.doubleclick.net
6 sb.scorecardresearch.com 2 redirects cdn.taboola.com
www.komando.com
widget.perfectmarket.com
6 p.channelexco.com player.ex.co
6 prd-collector-anon.ex.co player.ex.co
5 ads.avct.cloud 5 redirects
5 sync.mathtag.com 5 redirects
5 sync.1rx.io 5 redirects
5 sync.spotim.market 2 redirects s.spotim.market
5 a.pub.network www.komando.com
a.pub.network
5 g4tagging.komando.com 1 redirects www.komando.com
g4tagging.komando.com
4 pm.w55c.net 4 redirects
4 rtb.mfadsrvr.com 4 redirects
4 cms.quantserve.com 4 redirects
4 pixel-eu.rubiconproject.com eus.rubiconproject.com
ap.lijit.com
aax-eu.amazon-adsystem.com
4 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
4 token.rubiconproject.com 4 redirects
4 pixel-us-east.rubiconproject.com eus.rubiconproject.com
ap.lijit.com
4 c1.adform.net 4 redirects
4 creativecdn.com 4 redirects
4 u.openx.net www.komando.com
a.pub.network
aax-eu.amazon-adsystem.com
4 odr.mookie1.com www.komando.com
visitor.omnitagjs.com
ap.lijit.com
4 ssum-sec.casalemedia.com 1 redirects player.ex.co
ssum-sec.casalemedia.com
aax-eu.amazon-adsystem.com
4 c.pub.network a.pub.network
4 htlb.casalemedia.com a.pub.network
cdn.ex.co
4 script.crazyegg.com g4tagging.komando.com
script.crazyegg.com
4 b1681952.smushcdn.com www.komando.com
3 pagead2.googlesyndication.com www.googletagservices.com
3 match.sharethrough.com www.komando.com
aax-eu.amazon-adsystem.com
3 ads.yieldmo.com a.pub.network
www.komando.com
3 px.ads.linkedin.com eus.rubiconproject.com
eb2.3lift.com
3 pixel-sync.sitescout.com s.spotim.market
ap.lijit.com
3 e.channelexco.com player.ex.co
3 ads.stickyadstv.com 3 redirects
3 sync.srv.stackadapt.com 2 redirects www.komando.com
3 csync.loopme.me 3 redirects
3 b1sync.zemanta.com 3 redirects
3 rtb.channelexco.com www.komando.com
ssum-sec.casalemedia.com
3 secure-assets.rubiconproject.com 3 redirects
3 c.amazon-adsystem.com a.pub.network
c.amazon-adsystem.com
3 trc.taboola.com cdn.taboola.com
3 www.google.com 1 redirects securepubads.g.doubleclick.net
3 spookyexchange.com www.komando.com
spookyexchange.com
3 fonts.googleapis.com www.komando.com
client
2 sync-tm.everesttech.net 2 redirects
2 bcp.crwdcntrl.net 2 redirects
2 d.turn.com 2 redirects
2 c.bing.com eb2.3lift.com
2 pool.admedo.com 2 redirects
2 bh.contextweb.com 2 redirects
2 um.simpli.fi 2 redirects
2 data.adsrvr.org ap.lijit.com
2 a.sportradarserving.com 2 redirects
2 p.rfihub.com 2 redirects
2 ad.turn.com 2 redirects
2 js-sec.indexww.com a.pub.network
2 acdn.adnxs.com a.pub.network
2 ups.analytics.yahoo.com 2 redirects
2 hbopenbid.pubmatic.com cdn.ex.co
2 prg.smartadserver.com cdn.ex.co
2 playbuzzltd-d.openx.net cdn.ex.co
2 rtb.openx.net 2 redirects
2 cm.adgrx.com 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 sync.tidaltv.com 2 redirects
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 cdn.id5-sync.com www.komando.com
securepubads.g.doubleclick.net
2 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
2 onetag-sys.com visitor.omnitagjs.com
s.spotim.market
2 id.rlcdn.com visitor.omnitagjs.com
www.komando.com
2 cs.emxdgt.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 ssbsync.smartadserver.com player.ex.co
visitor.omnitagjs.com
2 cdn.ex.co player.ex.co
2 s-110.channelexco.com www.komando.com
2 api.btloader.com freestar-io.videoplayerhub.com
2 tlx.3lift.com a.pub.network
2 fastlane.rubiconproject.com a.pub.network
2 freestar-d.openx.net a.pub.network
2 grid.bidswitch.net a.pub.network
2 ad-delivery.net www.komando.com
2 www.facebook.com www.komando.com
2 cdn.confiant-integrations.net a.pub.network
cdn.confiant-integrations.net
2 optimise.net a.pub.network
2 connect.facebook.net www.komando.com
connect.facebook.net
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 pixel.wp.com www.komando.com
2 www.gstatic.com www.komando.com
2 link.monetizer101.com www.komando.com
link.monetizer101.com
1 pe.ex.co player.ex.co
1 ssbsync-global.smartadserver.com www.komando.com
1 prebid-match.dotomi.com www.komando.com
1 cds.taboola.com cdn.taboola.com
1 a.channelexco.com www.komando.com
1 d.adroll.com ssum-sec.casalemedia.com
1 1f2e7.v.fwmrm.net 1 redirects
1 contextual.media.net ap.lijit.com
1 aorta.clickagy.com ap.lijit.com
1 pips.taboola.com cdn.taboola.com
1 sync.inmobi.com 1 redirects
1 amazon-tam-match.dotomi.com aax-eu.amazon-adsystem.com
1 cs.media.net 1 redirects
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 sync.targeting.unrulymedia.com 1 redirects
1 69c3be3f32e2a22dbed17869481edb0c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cm.smadex.com 1 redirects
1 adservice.google.com imasdk.googleapis.com
1 s0.2mdn.net imasdk.googleapis.com
1 secure.cdn.fastclick.net www.komando.com
1 s.spotim.market visitor.omnitagjs.com
1 bttrack.com visitor.omnitagjs.com
1 cs.admanmedia.com visitor.omnitagjs.com
1 inv-nets.admixer.net 1 redirects
1 sync.adotmob.com 1 redirects
1 sync.e-volution.ai 1 redirects
1 vid.vidoomy.com visitor.omnitagjs.com
1 api-2-0.spot.im visitor.omnitagjs.com
1 mma.prnewswire.com www.komando.com
1 pixel.quantserve.com www.komando.com
1 cm.adform.net www.komando.com
1 rules.quantcount.com secure.quantserve.com
1 lbs.eu-1-id5-sync.com player.ex.co
1 lb.eu-1-id5-sync.com player.ex.co
1 secure.quantserve.com a.pub.network
1 tracking.crazyegg.com script.crazyegg.com
1 trc-events.taboola.com cdn.taboola.com
1 gpv.ex.co player.ex.co
1 ad.doubleclick.net www.komando.com
1 www.google.co.uk www.komando.com
1 stats.g.doubleclick.net 1 redirects
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 btloader.com www.komando.com
1 freestar-io.videoplayerhub.com 1 redirects
1 gum.criteo.com cdn.taboola.com
1 flowcards.mrf.io www.komando.com
1 events.newsroom.bi sdk.mrf.io
1 www.google-analytics.com g4tagging.komando.com
1 static.adsafeprotected.com spookyexchange.com
1 d.pub.network a.pub.network
1 api.pinterest.com www.komando.com
1 player.ex.co www.komando.com
1 stats.wp.com www.komando.com
1 sdk.mrf.io www.komando.com
0 csi.gstatic.com Failed imasdk.googleapis.com
520 180
Subject Issuer Validity Valid
www.komando.com
R3		 2023-01-19 -
2023-04-19		 3 months crt.sh
*.privacy-mgmt.com
Amazon RSA 2048 M02		 2022-11-07 -
2023-12-06		 a year crt.sh
*.monetizer101.com
Amazon		 2022-10-24 -
2023-11-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
sdk.mrf.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-10-23 -
2023-11-24		 a year crt.sh
spookyexchange.com
R3		 2023-02-04 -
2023-05-05		 3 months crt.sh
g4tagging.komando.com
GTS CA 1D4		 2022-12-18 -
2023-03-18		 3 months crt.sh
*.pub.network
E1		 2022-12-29 -
2023-03-29		 3 months crt.sh
*.smushcdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-08 -
2023-03-08		 a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2022-06-06 -
2023-07-08		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-01 -
2023-08-08		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.channelexco.com
R3		 2022-11-28 -
2023-02-26		 3 months crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-27 -
2023-10-29		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-12-30 -
2024-01-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-08 -
2023-04-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-11-16 -
2023-02-14		 3 months crt.sh
ssl03.cert.cl03.k8s.mrf.io
R3		 2023-02-01 -
2023-05-02		 3 months crt.sh
flowcards.mrf.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-10-23 -
2023-11-24		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
optimise.net
GTS CA 1D4		 2023-01-28 -
2023-04-28		 3 months crt.sh
*.confiant-integrations.net
GTS CA 1P5		 2023-01-27 -
2023-04-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
crazyegg.com
Amazon		 2022-06-27 -
2023-07-26		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
s2s.t13.io
GTS CA 1D4		 2023-01-18 -
2023-04-18		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2022-12-18 -
2023-03-18		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
quantserve.com
R3		 2023-01-10 -
2023-04-10		 3 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
*.id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
cdn.ex.co
R3		 2023-01-18 -
2023-04-18		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.spot.im
Amazon		 2022-10-04 -
2023-11-01		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2022-04-21 -
2023-05-23		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-21 -
2023-04-20		 a year crt.sh
s.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2023-02-01 -
2023-05-02		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
sync.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2023-01-24 -
2023-04-24		 3 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-01-29 -
2023-04-29		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2022-11-29 -
2023-02-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.yieldmo.com
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
*.srv.stackadapt.com
Amazon		 2022-10-09 -
2023-11-07		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-01-05 -
2023-07-05		 6 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-12-28 -
2024-01-26		 a year crt.sh

This page contains 64 frames:

Primary Page: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Frame ID: C6761CABD5B7C33B91D6535D2716994E
Requests: 237 HTTP requests in this frame

Frame: https://cdn.privacy-mgmt.com/index.html?message_id=609453&consentUUID=null&requestUUID=b98ad9d0-a27e-4afe-b083-ef96ccbad00e&preload_message=true&hasCsp=true&version=v1
Frame ID: E9F1827D53EC8D625E163B3E1B722605
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 22EAD281E7292A8A6F79224BBB407FF8
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Frame ID: B0D8BD2C1625E6ECF13AFC6F90EAA690
Requests: 24 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Frame ID: 8B3461D1A7ECD1A2C4981FF96F0839D6
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3D&s=190719&C=1
Frame ID: 04ECE1FDCFBDC8D407A04C065612D8FF
Requests: 10 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=35
Frame ID: CD703A75F39884A700170D14831396C7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D17163%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3DPM_UID
Frame ID: 8514A28BD103DF13B2F69ABDAAA2A972
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ex.co/player/prebid/pb-7.2.21.js
Frame ID: 989DB3F46FB74F101C12E24BE39D736F
Requests: 15 HTTP requests in this frame

Frame: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Frame ID: C85F6AD1DA6F5EFCCA1B854326A309DF
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Frame ID: 9BCC45CD37860CF1B727A415AF5A4E93
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Frame ID: 62FDF22DEED623CEC1CBB1AFA26EB4E3
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Frame ID: C891B7B4A296C1F1D4C788A693BB3F0E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Frame ID: 1B7932CEAA198DBE9111201EE7057C20
Requests: 3 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Frame ID: 4363E17979C142E1F913659D42F7D685
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Frame ID: 26984D38F4A750FBA9EE4CDA1E41FB92
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Frame ID: C687A2692B7600BF34439667BBA20FAF
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Frame ID: 9B64F3A627C4AE3815FC62F7C5CFE761
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Frame ID: 2F234A6E8A767A6BC854A63810712C1C
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Frame ID: 4FFDA118652DC147FAA9856DEAF592D6
Requests: 4 HTTP requests in this frame

Frame: https://69c3be3f32e2a22dbed17869481edb0c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 60F718031475182A3E2A09DC07CE5E1B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Frame ID: 777A4A7D25D2E20FACC224CBF0DD601C
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Frame ID: 48C3D5719C0359023093EDB84F99685D
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=271858&extuid=827309512431448119
Frame ID: A90F2464980C4120C1FAD04673CB36C6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: C9649DBA526B194DAA6E4D780EB31C03
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=644680&extuid=2272446932012285602134
Frame ID: 03BF1EFA57D8437B8E978472C5802AD2
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_n-LoopMe_n-MediaNet_ox-db5_cnv_n-inmobi_n-amobee_n-sharethrough_pm-db5_rbd_n-nativo_sovrn_3lift
Frame ID: A07053766411DAA962A1CBB252EA8498
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSGXhwFUIlptK7Ff3p5g2j_vHp6uC0dVY1BEsWc8AcXe2HJ_6hWi-TQa4EO6ahh3akIs0bjTtTxC7JEziw3NjDm4L0ZkVvIaTceb9z-FIXbOY-TJnBZNAcgAHzM-kq77wcB0Q6IXxPc1gvjRJCS0bUm3Ra94yWa8mfQplMJUY5sXFFJrd8BOmiOh64MUcHERSgarfNGaVdWl_SSrHqXqY9D9vQGeFfg3cHe1AT0YjiJ657YAdo4nPhlqnqJb7BDXG_O4hON6sUoN6mrcZrNTFisGMcvZabprESBOZf0ccw-sY69DvV05NGikSJOYL2S3FNRwtIPA&sai=AMfl-YT47etNv0DCfl7-OGsXXve_26Vfd8jXpLMfgdTdxOeHqwHgUOgHYc-45E9FsSopfFyWD_EQ7MkjeSfDvvhFVOjNsZV_WGvlJ2P2ni_fZeC4zQ0-qTMenSVhTwZ1y3jjsKyqdPI5L0-wQVxVoLQ&sig=Cg0ArKJSzItEBrHQzFrZEAE&uach_m=[UACH]&adurl=
Frame ID: DADC06790223EFED1E6C2F938BF1F196
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAFNzUNuVU1GUByZNlU4KCX1xBmeIiLN7FAtEV2usmHrvAaUUbDanVLbyDzN57NN013fp2-LhtEyBPl2PSpqYQY5WHK58xtNhMxjhp8O4yoxEowOa36Jx1SXWix1k2E4vyk0WT0nGX6LhT2ATudum38lGYXspC3Zd-kYnFgXI-3WSR_zNBCvFK4NoR5nLQOYlmOARXF3sUuEa6VjfPhaq2do2DQXL3Gg_iVMP_vsKSSsVDMAu-j65c23LAwaKan_ZcyEFI4I5sXrsQlHyrQ1KI7i-LfyaqmeasE6y68sofh6bL9kjG5_k6uFa3ftcG7aN6lLozRPWtqZjX&sai=AMfl-YSdmiDUU4S8viWQQRI0VGGAfCk6mr1s2GcpUbbO5mk6TvaWmQz9vBleRf2fXycebvZluBbLEju5W8NwCiam-syqpWC7KxDDSrld4IHxYh5lQT8bZKKoTHSwJjnO9A&sig=Cg0ArKJSzAsc_BtqfO2KEAE&uach_m=[UACH]&adurl=
Frame ID: AB70981095F66607AC75C00B5143892C
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1vlD0P837tun67vHfTQI4D4KhS0RRi2jsfmxfyR1NUWTX-MWnCmbXOD2lAL8-6xtriPI-a9wv1OKZpOqgEPlF1_y1-xvpJKVoOpQkLWKegNv1_0ptd7AYL9tOQhHFhEmQmoJBaik5j79xq6A8QH1N_Bm64Q6APEDX70yG_CVvuTk5qGe5xOuEiKu6FA5hMsZyc71-duRrISjgLPhMUC0QDvTw5L7A0Jb0IBzAB4oj7gStsnX4w8AkAcGrtRxTv8nI9LJ_F822HIXQ5zs79pjXxRaZHvSTAQvgBdVu975B4ok1Y1jpBOZEJq8sHNjpTkCZKg9vTJ9OfMY&sai=AMfl-YQsEdJ7DkUPsnbREHh6U6TCxA1EPJsWY_Qnptxx--nurO0bOUV6Xogq9shyHHI0MkDlV69LlUvxH1ylFtWLs2EwsLWT91pfXroj6wrk_gydE7tSoCyeaHeaqYLETQ&sig=Cg0ArKJSzDH5gsezBgPJEAE&uach_m=[UACH]&adurl=
Frame ID: ED407F6DFA54993AE7D97D4CC2C356EA
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDSzAQ4L9IBunkH3VvxbQb_hFIFOGFdRkDiQlOTQJwe5WRRdJfkaAvf3UJF8J_6-M60c2H6-na7vn-ZCtdgcTdNXrKmUq6pU0CQbS4VnvCVP_JtzjDZQzgpB89NlkQf1nav3Qq9rG7QLOTey0jv49YT_Yl8W6RTSRoKv5jQ64sfg6ZcLqOsLb7qrcS2P334_aHAyAL-wQ-RShnulRuAziI8BizPK53M5cLYC-xnBfJ-p6LuGdY9rllU8rQHCZ4SQrOd3zPogvdCvUJaBuz9CSZRTzV2FMj1msbinRoYYiSyqRVjN7EtNvIq3Ks7LfyydGY4eVQ8FX-Vlk&sai=AMfl-YSjZTc53CWnH2Ea69jh5Xof0_b7erxUIQ3nLkMBYrSnlWqsRTm_5FJgionClGq_egZJ0WknWdgWLWY3BIweZo_tunFftm17TRiATPTsCBVopMI_0B2r34jJshYqig&sig=Cg0ArKJSzNoAou7ULh07EAE&uach_m=[UACH]&adurl=
Frame ID: 3C07934FFEFF4083D3BC0D1B8C86DDB0
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVbRDd94sl2reuAvZRwA7IJV4_O4XGDPseiOqM_kiwD41HTDGcuPbY75NZ6y8pKtOQrDtpbZXxOyK6VglNQQhwlOh1JY9JwAYXTaU5lwfuF6-Hh1zcY3RR_odep1Sh1f7m2HBsvuODtgc2itZ94WMO4H2GFmrMRem3_QIGXszva6HjgqEdsasztIi9FNcTpcfNIN-5eaLYBYLqPLf-O3cvY46nNGdUyailRV_ZiWgAdL3WkqP_8mgOkTZtGlqfnHvGWssnmXiiyb8_beNjd7r2zM9q8eTqeYLIy6UAUKkAu7yNKzhQIE3e7nSsFsLOj3otGu7Hdob70qM&sai=AMfl-YQi8EwJWckCVjbpQz4G235stLQXeBO4S449Wn9HoRv47ToRnHH-09jbKPOvw1EwsFKr9R6QShjaodgf-24YjjXGmHJXj0Kih0c2dseV85_1r1hiOAJt6r5tB_GGBg&sig=Cg0ArKJSzNIz4eknPYaSEAE&uach_m=[UACH]&adurl=
Frame ID: 470EB79502FEFD4670353CD3E69616BC
Requests: 8 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-LoopMe_n-MediaNet_ox-db5_cnv_n-inmobi_n-amobee_n-sharethrough_pm-db5_rbd_n-nativo_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: A3113AAB721F66B1F3EBFC0EAFDFD7F8
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3DF45A98A0CE5CB4C02B01FA85811FE2
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?us_privacy=1YNN
Frame ID: 632D029580293FEFAB27B8E57BC5F2C5
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7EB91ECAEF8149F596E3FE945D9F7DDA
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Frame ID: 01A71C91DE98EC57A4D96EFDA44D0803
Requests: 23 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1YNN
Frame ID: B773FF78F95BC3956434C45FD9C64F07
Requests: 2 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=1YNN&gdpr=0&gdpr_consent=&type=iframe
Frame ID: F7A4A06B4DEBF50DA6951D7111595D3F
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?us_privacy=1YNN
Frame ID: 5710786F2F34AFD0FFB1B2A5A2227E90
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Frame ID: B2AC1323C9B98BC241DCA2AA733CDC54
Requests: 23 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1YNN&
Frame ID: 27760DF771F555EC86342B3E6AA47F16
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 82A0100194294BA8102B26401B9933CC
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=1YNN&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 1A59789C5D9640A9BF77A16BEB6A248B
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1YNN&
Frame ID: CAC85D4E05406AFA9C7852A04A9A86B4
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8D75487CB095CBD1BCBD20FD056B069B
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Frame ID: A9DF337FD6E3826BC65A855B5A3428AA
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Frame ID: 6B6AB6EB359F9BDAF47959ABFA740DAC
Requests: 7 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
Frame ID: E6FE351ABB1B467EA0DA02439821A1EA
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=inmobi.com&id=ID5-c9d9xYWjIPgvvvNc2wMupGPjSxScmJdgTqYBixyIsA
Frame ID: D0A574517F72C9C92254FDBA3A996F0F
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=2732890162731889582
Frame ID: 560C65E224CD84A67D79C139434C88E2
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Frame ID: C4F410E7334563E4409A4F19328757B9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Frame ID: BD55711B94CD49437C98B7EBBAA83F7E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Frame ID: 9D411760BA2D6196D2DC6D4B15DA1987
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Frame ID: 739625C3649C39752390796686B91D51
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=2272446932012285602134
Frame ID: D0DCB39CC60CA96B60FAD53A5647CB44
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Frame ID: 71F393AF1CF08B626F8E2781C304DFCD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 646653121E95E9B69EDD0D97C11E2A8A
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 6525D02A385A9501019A08A468A08D36
Requests: 8 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=3386055214060011398&gdpr=0&gdpr_consent=
Frame ID: DD2AD3C04FF4B82C5E9649A703B053C6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Frame ID: B0957088C536EBFD021C86A13B3E548F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 095C48EBB31B67494730CF574360FB5F
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=3313997620022083462&gdpr=0&gdpr_consent=
Frame ID: 249A86F4BE8D7B4A104A7279B26C7791
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 15857DB852DB38C2155F5C6CEF0F5C07
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

How to tell if your computer or phone has been hackedGroup 3Group 3Group 3Group 3

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

520
Requests

74 %
HTTPS

28 %
IPv6

108
Domains

180
Subdomains

122
IPs

15
Countries

6253 kB
Transfer

17000 kB
Size

170
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1675760226535&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&c8=How%20to%20tell%20if%20your%20computer%20or%20phone%20has%20been%20hacked&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1675760226535&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&c8=How%20to%20tell%20if%20your%20computer%20or%20phone%20has%20been%20hacked&c9=
Request Chain 85
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1675760226536&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&c8=How%20to%20tell%20if%20your%20computer%20or%20phone%20has%20been%20hacked&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1675760226536&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&c8=How%20to%20tell%20if%20your%20computer%20or%20phone%20has%20been%20hacked&c9=
Request Chain 93
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 111
  • https://g4tagging.komando.com/j/collect?v=1&_v=j99&a=606119063&t=pageview&_s=1&dl=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&ul=en-us&de=UTF-8&dt=How%20to%20tell%20if%20your%20computer%20or%20phone%20has%20been%20hacked&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABQAAAACAAII~&jid=80022134&gjid=1169530341&cid=1063574874.1675760227&tid=UA-230639-2&_gid=926592009.1675760228&_r=1&gtm=45Fe3210n71PWK6RF&z=53906696 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-230639-2&cid=LE0Shoa6D6qVF7kF7k7Bspt3ZGEU7QsXj7R18eniwsA%3D.1675760227&jid=80022134&_gid=926592009.1675760228&gjid=1169530341&_v=j99&z=53906696 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-230639-2&cid=LE0Shoa6D6qVF7kF7k7Bspt3ZGEU7QsXj7R18eniwsA%3D.1675760227&jid=80022134&_v=j99&z=53906696 HTTP 302
  • https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-230639-2&cid=LE0Shoa6D6qVF7kF7k7Bspt3ZGEU7QsXj7R18eniwsA%3D.1675760227&jid=80022134&_v=j99&z=53906696&slf_rd=1&random=1141178418
Request Chain 174
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Request Chain 175
  • https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3D&s=190719&C=1
Request Chain 179
  • https://x.bidswitch.net/sync?ssp=exco&user_id=de516f26-165d-4881-9cfe-b5cfc903fcdb HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=exco&user_id=de516f26-165d-4881-9cfe-b5cfc903fcdb HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=be201fa6-bcd1-480d-a189-43032ee69875&ssp=exco&gdpr=&gdpr_consent=
Request Chain 181
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D15611%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3D$UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D15611%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3D%24UID HTTP 302
  • https://rtb.channelexco.com/cookie_sync?bid=15611&srv=channelexco.com&cuid=de516f26-165d-4881-9cfe-b5cfc903fcdb&uid=2272446932012285602134
Request Chain 182
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D8197%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3D%24UID HTTP 307
  • https://rtb.channelexco.com/cookie_sync?bid=8197&srv=channelexco.com&cuid=de516f26-165d-4881-9cfe-b5cfc903fcdb&uid=GHa5pBZH2hb0a5YeRua0chUU
Request Chain 195
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID&gdpr=0&gdpr_consent= HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fname%253DXandr%252B%2525E2%252580%252593%252BInvest%252BDSP%252B-%252BBanner%2526ttl%253D720%2526uid%253D75d56568a11564bfb79a01d2fa9fdb29%2526visitor%253D%2524UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=827309512431448119&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=827309512431448119
Request Chain 196
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID&gdpr=0&gdpr_consent= HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fname%253DXandr%252B%2525E2%252580%252593%252BInvest%252BDSP%2526ttl%253D720%2526uid%253D48d5713d5c563cba2049f505b2d944b6%2526visitor%253D%2524UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=827309512431448119&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=827309512431448119
Request Chain 197
  • https://creativecdn.com/cm-notify?pi=adyoulike HTTP 302
  • https://creativecdn.com/cm-notify?pi=adyoulike&tc=1 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=grcaNIDtjzV7lYLAp5sK&name=RTB_HOUSE&pi=adyoulike&tc=1 HTTP 307
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=RTB_HOUSE&pi=adyoulike&tc=1&uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=grcaNIDtjzV7lYLAp5sK
Request Chain 199
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=be201fa6-bcd1-480d-a189-43032ee69875&ssp=adyoulike&gdpr=0&gdpr_consent=
Request Chain 200
  • https://match.prod.bidr.io/cookie-sync/aul HTTP 303
  • https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1 HTTP 303
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AATRo07HxCUAAB-hrsYcNA&name=BEESWAX HTTP 307
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=BEESWAX&uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AATRo07HxCUAAB-hrsYcNA
Request Chain 203
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=&gdpr=0
Request Chain 204
  • https://sync.e-volution.ai/4460e88f3323cf4d9f4263656a846075.gif?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dfcd0c0bfff5af32579cdcdb6ff804bf8%26visitor%3D%5BUID%5D%26name%3Devolution&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=6bf25c91-c93c-444c-bcec-1fd1167e778f&name=evolution HTTP 307
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=evolution&uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=6bf25c91-c93c-444c-bcec-1fd1167e778f
Request Chain 205
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=94284fc5-c28b-4351-a79f-0ed55f8db690%20&gdpr_consent=null&gdpr=0 HTTP 307
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=null&name=LOOPME&uid=68c72dd412a8d0f3f6d2276db2509939&visitor=94284fc5-c28b-4351-a79f-0ed55f8db690+
Request Chain 206
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=&gdpr=0
Request Chain 207
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=08b42204020ea2dc9467ac4c&gdpr=0&gdprConsent= HTTP 307
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdprConsent=&name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=08b42204020ea2dc9467ac4c
Request Chain 208
  • https://sync.srv.stackadapt.com/sync?nid=33 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-f8f4f902-6f7f-40b8-78b4-7c108d0a17dc$ip$5.187.21.102&name=STACKADAPT HTTP 307
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=STACKADAPT&uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-f8f4f902-6f7f-40b8-78b4-7c108d0a17dc%24ip%245.187.21.102
Request Chain 209
  • https://ads.stickyadstv.com/user-matching?id=3538&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=7ab967d40b91570ff51c4cdaa51fe5d6&name=FREEWHEEL&visitor=b439fbe8f6f2d3a5ff975beeb8cff842&gdpr_consent=&gdpr=0 HTTP 307
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&name=FREEWHEEL&uid=7ab967d40b91570ff51c4cdaa51fe5d6&visitor=b439fbe8f6f2d3a5ff975beeb8cff842
Request Chain 210
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D171e1b3d878c5443361586e41274318e%26name%3DADMIXER%26visitor%3D%24%24visitor_cookie%24%24&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=171e1b3d878c5443361586e41274318e&name=ADMIXER&visitor=f31693b3f1b54cb1aaa8e3cfa6e14099
Request Chain 212
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX&gdpr=0&gdpr_consent=&crf=1 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=860cce07-f64e-5226-9781-b95ff463ab3a&name=BETWEENX HTTP 307
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=BETWEENX&uid=bf39a6af2a15b80f82f7ff725f351919&visitor=860cce07-f64e-5226-9781-b95ff463ab3a
Request Chain 213
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbe453ed4b5ea70e69a4b241eeebc9b6f%26name%3DEMX%26visitor%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbe453ed4b5ea70e69a4b241eeebc9b6f%26name%3DEMX%26visitor%3D%24EMXUID&b64_redirect=aHR0cHM6Ly92aXNpdG9yLm9tbml0YWdqcy5jb20vdmlzaXRvci9zeW5jP3VpZD1iZTQ1M2VkNGI1ZWE3MGU2OWE0YjI0MWVlZWJjOWI2ZiZuYW1lPUVNWCZ2aXNpdG9yPSRFTVhVSUQ= HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=827309512431448119&redirect=https://visitor.omnitagjs.com/visitor/sync?uid=be453ed4b5ea70e69a4b241eeebc9b6f&name=EMX&visitor=$EMXUID&b64_redirect=aHR0cHM6Ly92aXNpdG9yLm9tbml0YWdqcy5jb20vdmlzaXRvci9zeW5jP3VpZD1iZTQ1M2VkNGI1ZWE3MGU2OWE0YjI0MWVlZWJjOWI2ZiZuYW1lPUVNWCZ2aXNpdG9yPSRFTVhVSUQ= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=be453ed4b5ea70e69a4b241eeebc9b6f&name=EMX&visitor=827309512431448119brt57491675760229932974f1 HTTP 307
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=EMX&uid=be453ed4b5ea70e69a4b241eeebc9b6f&visitor=827309512431448119brt57491675760229932974f1
Request Chain 214
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D4b30a0b1f289a261ab592e1e53c126eb%26name%3DSOVRN%26visitor%3D%24UID&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor.omnitagjs.com/visitor/sync?uid=4b30a0b1f289a261ab592e1e53c126eb&name=SOVRN&visitor=GHa5pBZH2hb0a5YeRua0chUU HTTP 307
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=SOVRN&uid=4b30a0b1f289a261ab592e1e53c126eb&visitor=GHa5pBZH2hb0a5YeRua0chUU
Request Chain 221
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Request Chain 223
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Request Chain 236
  • https://visitor.omnitagjs.com/visitor/sync?uid=9276a8c8d010b77af50144c60047b781&visitor=7396329761718876590&name=SMARTADSERVER&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&name=SMARTADSERVER&uid=9276a8c8d010b77af50144c60047b781&visitor=7396329761718876590
Request Chain 237
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=10423f93e6ccecbae2bf7d8b2c0f6526&gdpr=0&gdpr_consent=0
Request Chain 238
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=ebf6e778-689d-45ea-8ac6-7b4c59e346ed&gdpr=0&gdpr_consent=
Request Chain 239
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4670916618109018858&gdpr=0&gdpr_consent=
Request Chain 240
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NzM5NjMyOTc2MTcxODg3NjU5MA==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFex6hFs_ItCysKy_B5AUw8&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 250
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y-ISZM-ZfDK4qRZpDs27vgAAB9cAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y-ISZM-ZfDK4qRZpDs27vgAAB9cAAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIi-4XdAW7ear05uf4-UTo8&google_cver=1
Request Chain 252
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y.ISZM.ZfDK4qRZpDs27vgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIH7kj8f0qvTS6Pfxm11FUs&google_cver=1&google_hm=2
Request Chain 253
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y-ISZM-ZfDK4qRZpDs27vgAAB9cAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y-ISZM-ZfDK4qRZpDs27vgAAB9cAAAAB&dcc=t
Request Chain 254
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=index&bds_param=be201fa6-bcd1-480d-a189-43032ee69875 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=250209e7-da98-4f25-b629-0447840758b0&expires=10&ssp=index&bsw_param=be201fa6-bcd1-480d-a189-43032ee69875 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=be201fa6-bcd1-480d-a189-43032ee69875&gdpr=&gdpr_consent=&us_privacy=
Request Chain 255
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 256
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=67cccad2-a6c5-11ed-a258-2ccbc8064eef
Request Chain 257
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4670916618109018858&expiration=1676969829
Request Chain 264
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=827309512431448119
Request Chain 266
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=644680&extuid=2272446932012285602134
Request Chain 268
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1675760229686 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4290780436
Request Chain 269
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=2ccd8a11-ebc5-41d2-a1b3-65e335331ba7
Request Chain 270
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Fredir%3Dhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fuid%253D9f93135e824096b627ff609f5cdee636%2526visitor%253D%257Buid%257D%2526name%253DOPENWEB HTTP 302
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D9f93135e824096b627ff609f5cdee636%26visitor%3D%7Buid%7D%26name%3DOPENWEB HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=bb3355bd6d59a692&name=OPENWEB HTTP 307
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=OPENWEB&uid=9f93135e824096b627ff609f5cdee636&visitor=bb3355bd6d59a692
Request Chain 274
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=1YNN&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Di%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8a302368-9057-4ff5-927b-e618376766bd-003?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Di%26uid%3DRX-8a302368-9057-4ff5-927b-e618376766bd-003 HTTP 302
  • https://s2s.t13.io/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1YNN&f=i&uid=RX-8a302368-9057-4ff5-927b-e618376766bd-003
Request Chain 314
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDU0DFGQ-1N-E132&gdpr=0
Request Chain 315
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERVMERGR1EtMU4tRTEzMg==&gdpr=0
Request Chain 316
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmIwODU4MDcyYzJhNzhhM2Y2NzdkYjRiZGRlODY4NmYxMTg2MDJjOQ&gdpr=0
Request Chain 318
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/yC6vm1H_weg_A_E1D_FVd8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-r8u5._xE2oIFNxjx8Bm.e5YsAVdEoU7YIioUYQ--~A
Request Chain 319
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJbRHI7KEB5GA7HM26zpw5Y&google_cver=1
Request Chain 320
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=wM0yFHaVQLuSrev4yC2TUA&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=wM0yFHaVQLuSrev4yC2TUA&gdpr=0
Request Chain 321
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9W6lwO_ZTwmzgVWT4R79Hw&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=9W6lwO_ZTwmzgVWT4R79Hw&gdpr=0
Request Chain 340
  • https://ups.analytics.yahoo.com/ups/58690/occ?gdpr=&gdpr_consent=&us_privacy=1YNN HTTP 302
  • https://ups.analytics.yahoo.com/ups/58690/occ?gdpr=&gdpr_consent=&us_privacy=1YNN&verify=true HTTP 302
  • https://s2s.t13.io/setuid?bidder=yahoossp&uid=y-QXd5HFRE2uG74x73uXTQdcmFGiKIcnYc64QYsHI-~A
Request Chain 342
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D&gdpr=0 HTTP 307
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=b87d2501-7ff5-44b3-a5b5-82124bb956af&gdpr=0
Request Chain 343
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3187618314679037000V10
Request Chain 362
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1YNN HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=be201fa6-bcd1-480d-a189-43032ee69875&ssp=themediagrid&gdpr=&gdpr_consent=
Request Chain 363
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=8ec1de74-6f11-4c3c-8dc4-186c42006abc&gdpr=0&gdpr_consent=&gdpr_pd=1&usprivacy=1YNN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sharethrough&bsw_param=be201fa6-bcd1-480d-a189-43032ee69875&google_hm=YmUyMDFmYTYtYmNkMS00ODBkLWExODktNDMwMzJlZTY5ODc1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPWUmX-irzLaP9hsDnRYCbA&google_cver=1&ssp=sharethrough&bsw_param=be201fa6-bcd1-480d-a189-43032ee69875 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=be201fa6-bcd1-480d-a189-43032ee69875&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Request Chain 369
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr=0 HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=inmobi.com&id=ID5-c9d9xYWjIPgvvvNc2wMupGPjSxScmJdgTqYBixyIsA
Request Chain 370
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=2732890162731889582
Request Chain 375
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=2272446932012285602134
Request Chain 381
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R0hhNXBCWkgyaGIwYTVZZVJ1YTBjaFVV&gdpr=0
Request Chain 383
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2163634693
Request Chain 386
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=5133329524178837653
Request Chain 387
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=G5uROxyawj0AnpdqHZjZMR_Nx2sAzMI5G5u5ZjmT
Request Chain 388
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=b9c6c29a-60c3-4518-922f-785bb3a169db
Request Chain 389
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=64277ce9-3d9c-41fc-8c8b-852bdca079ea&ssp=fmx HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=be201fa6-bcd1-480d-a189-43032ee69875&gdpr=&gdpr_consent=
Request Chain 390
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=GHa5pBZH2hb0a5YeRua0chUU&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=14f963e2-1268-4800-b303-fa5309b90bab&gdpr=0&gdpr_consent=
Request Chain 392
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent= HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q7290466321473257370&ref=%2Feucm%2Fp%2Fsv HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 393
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=grcaNIDtjzV7lYLAp5sK&pi=sovrn&gdpr=0&gdpr_consent=
Request Chain 396
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AATRo07HxCUAAB-hrsYcNA&gdpr=0
Request Chain 398
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=827309512431448119&gdpr=0&gdpr_consent=
Request Chain 399
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R0hhNXBCWkgyaGIwYTVZZVJ1YTBjaFVV&gdpr=0
Request Chain 400
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=827309512431448119&gdpr=0&gdpr_consent=
Request Chain 401
  • https://um.simpli.fi/lj_match?r=1675760231759&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=2E8F22B8B7E44B2794413FD3E0B82834
Request Chain 402
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=fu7hxjSQpWep&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 404
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=GHa5pBZH2hb0a5YeRua0chUU&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=Y-ISaIkp7r3xPXInHhO-F9a3
Request Chain 406
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AATRo07HxCUAAB-hrsYcNA&gdpr=0
Request Chain 407
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=5141210823507070690
Request Chain 408
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent= HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q7290466331036472501&ref=%2Feucm%2Fp%2Fsv HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 409
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=827309512431448119&gdpr=0&gdpr_consent=
Request Chain 411
  • https://um.simpli.fi/lj_match?r=1675760231769&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=22B2DB403AA34FC089835CCD9ADDD15C
Request Chain 412
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=G5uROxyawj0AnpdqHZjZMR_Nx2sAzMI5G5u5ZjmT
Request Chain 413
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=be201fa6-bcd1-480d-a189-43032ee69875 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=be201fa6-bcd1-480d-a189-43032ee69875 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=72531c07-0572-4bbd-9f4c-b0fa4b456ae6&user_group=1&ssp=fmx&bsw_param=be201fa6-bcd1-480d-a189-43032ee69875 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=be201fa6-bcd1-480d-a189-43032ee69875&gdpr=&gdpr_consent=
Request Chain 414
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=b9c6c29a-60c3-4518-922f-785bb3a169db
Request Chain 415
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=GHa5pBZH2hb0a5YeRua0chUU&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=628263e2-1268-4600-a748-7784a9459397&gdpr=0&gdpr_consent=
Request Chain 416
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=827309512431448119&gdpr=0&gdpr_consent=
Request Chain 418
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5304602246
Request Chain 419
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R0hhNXBCWkgyaGIwYTVZZVJ1YTBjaFVV&gdpr=0
Request Chain 422
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=df0Wzw7gVUUq&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 423
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=grcaNIDtjzV7lYLAp5sK&pi=sovrn&gdpr=0&gdpr_consent=
Request Chain 424
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R0hhNXBCWkgyaGIwYTVZZVJ1YTBjaFVV&gdpr=0
Request Chain 426
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=1-cW9tDmRfDM4hCn0eRe_NOxQKbMsEX01-eP_Rg5
Request Chain 427
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4670916618109018858
Request Chain 430
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDsd_TMrn-9q8H59g4MEKKQ&google_cver=1
Request Chain 433
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI3MjQ0NjkzMjAxMjI4NTYwMjEzNA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 434
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELJAWW9NDr0d93akCFWGIb8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 435
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI3MjQ0NjkzMjAxMjI4NTYwMjEzNA%3D%3D
Request Chain 437
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2272446932012285602134&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=3028f327-e339-4130-867b-be879dcc1607&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=be201fa6-bcd1-480d-a189-43032ee69875&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 438
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2272446932012285602134?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-TtNWIwpE2oR9BP_1DKnLiNQ444w53Sn7Aq89gy2Nwg--~A&dongle=0883
Request Chain 441
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=827309512431448119&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 443
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI3MjQ0NjkzMjAxMjI4NTYwMjEzNA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 444
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELJAWW9NDr0d93akCFWGIb8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 445
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI3MjQ0NjkzMjAxMjI4NTYwMjEzNA%3D%3D
Request Chain 447
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2272446932012285602134&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=3028f327-e339-4130-867b-be879dcc1607&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=be201fa6-bcd1-480d-a189-43032ee69875&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 448
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2272446932012285602134?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-TtNWIwpE2oR9BP_1DKnLiNQ444w53Sn7Aq89gy2Nwg--~A&dongle=0883
Request Chain 451
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=827309512431448119&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 462
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=3386055214060011398&gdpr=0&gdpr_consent=
Request Chain 465
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=3313997620022083462&gdpr=0&gdpr_consent=
Request Chain 470
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=G5uROxyawj0AnpdqHZjZMR_Nx2sAzMI5G5u5ZjmT
Request Chain 471
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=be201fa6-bcd1-480d-a189-43032ee69875&ssp=fmx&gdpr=0&gdpr_consent=
Request Chain 473
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=GHa5pBZH2hb0a5YeRua0chUU/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=GHa5pBZH2hb0a5YeRua0chUU/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=5001&3pid=e72d9e2bff48a074585eb286d81a16b2&gdpr=0&gdpr_consent=
Request Chain 476
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=827309512431448119&gdpr=0
Request Chain 477
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=0 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AATRo07HxCUAAB-hrsYcNA&expiration=1676969832&gdpr=0
Request Chain 478
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=0 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=0&_test=Y_ISaAAAA-7kPgAh HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_ISaAAAA-7kPgAh&gdpr=0&_test=Y_ISaAAAA-7kPgAh
Request Chain 479
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Y.ISZM.ZfDK4qRZpDs27vgAA%262007&gdpr_consent=&us_privacy=&gdpr=0 HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=b439fbe8f6f2d3a5ff975beeb8cff842&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l1e30_7197335392378338193&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 481
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=0 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=827309512431448119&gdpr=0
Request Chain 482
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d54063e2-1268-4900-b503-7db97c0c3b64&gdpr=0&gdpr_consent=
Request Chain 495
  • https://ad.turn.com/r/cs?pid=56 HTTP 302
  • https://s2s.t13.io/setuid?bidder=amobee&gdpr=&gdpr_consent=&us_privacy=&uid=2732890162731889582
Request Chain 503
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Cer6myRP1PpjMR5
Request Chain 504
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=3028f327-e339-4130-867b-be879dcc1607&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=be201fa6-bcd1-480d-a189-43032ee69875&gdpr=&gdpr_consent=&us_privacy=
Request Chain 505
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=827309512431448119
Request Chain 507
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f28363e2-1269-4c00-a9ab-0a25e9006deb
Request Chain 510
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Cer6myRP1PpjMR5
Request Chain 511
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=openx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=-PT5Am9_QLh4tHwQjQoX3AW7FWY&user_group=1&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=be201fa6-bcd1-480d-a189-43032ee69875&gdpr=&gdpr_consent=&us_privacy=
Request Chain 512
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=827309512431448119
Request Chain 514
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=28f563e2-1269-4e00-b4a5-308058b4ad1a
Request Chain 521
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-c9d9xYWjIPgvvvNc2wMupGPjSxScmJdgTqYBixyIsA&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/102/8/2.gif?puid=7396329761718876590&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AATRo07HxCUAAB-hrsYcNA HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 522
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NzM5NjMyOTc2MTcxODg3NjU5MA==&gdpr=0&gdpr_consent=
Request Chain 524
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=e7d9888b-b1e7-421d-8e2c-267f36f45b20&gdpr_consent=null&gdpr=0

520 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/ 		516 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.243.221.239 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.221.243.35.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
9ea945329a959858c03e0a695e71d57caf05cae37a780c84226bc00fd40af9df
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 07 Feb 2023 08:57:04 GMT
link
<https://www.komando.com/wp-json/>; rel="https://api.w.org/" <https://www.komando.com/wp-json/wp/v2/posts/456930>; rel="alternate"; type="application/json" <https://www.komando.com/?p=456930>; rel=shortlink
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 2
x-cache-group
normal
x-cacheable
SHORT
x-elasticpress-query
true
x-frame-options
SAMEORIGIN
x-powered-by
WP Engine
wrapperMessagingWithoutDetection.js
cdn.privacy-mgmt.com/unified/ 		120 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2dee4d08a598d7777c8c5f70bab11cda670f35407a912749bfd62fdd4e76ef9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:04:03 GMT
content-encoding
br
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
last-modified
Thu, 12 Jan 2023 16:13:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
3183
etag
W/"edc84ad8e167e279d31e9dfbf70f2080"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
EMrK93QVqBkrqiyaM3vSrT0-RZUhNqLP6lfaQwYr60aTjy_6gDTV7A==
1511.js
link.monetizer101.com/widget/code/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://link.monetizer101.com/widget/code/1511.js
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-61.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f7686dfc0581720f0f08b379ae24ebb16255f212abcf558301b01d8077416c6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
nCR6olQDqi9Awc7oOZN2r9tcUdeuW05W
Content-Encoding
gzip
Via
1.1 5345148f0ba8ae3c67b69d035acdbfc4.cloudfront.net (CloudFront)
Date
Tue, 07 Feb 2023 08:57:05 GMT
Last-Modified
Wed, 23 Nov 2022 18:16:28 GMT
Server
AmazonS3
X-Amz-Cf-Pop
AMS50-C1
Age
162
ETag
W/"10eff53bab054546ef1634ed59243150"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
UKu6dtNAlTVPgIjIEPaqaeWYLI0xYKqGFl1slt_g80SG0mOYD11uHA==
css
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,700,700i,900&display=swap
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8dcdf3d0af3384ef3c86dea8a51e3ef45372f50785db9b23f147e549caa6e92f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Feb 2023 08:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 08:57:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Feb 2023 08:57:05 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ 		94 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1718
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4109c9d972d4651eaef82fcd54e4b218c39eab3c762287614dd0c20bd0de379b

Request headers

Referer
https://www.komando.com/
Origin
https://www.komando.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:05 GMT
content-encoding
br
x-b3-traceid
9b9ee55fc4cd4bc6ac228047fe42013e
x-amz-cf-pop
LHR61-C1
x-cache
Hit from cloudfront, HIT
mrf-cache-status
H
x-b3-traceid-primal
82e3026df88a466b93f8c41a22ed12e2
content-length
25971
x-served-by
cache-lcy-eglc8600034-LCY
last-modified
Mon, 06 Feb 2023 10:35:42 GMT
server
AmazonS3
x-timer
S1675760226.553283,VS0,VE2
etag
W/"70f0913dd85a0aafd0366bddf38956d6"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
NyrXP2QlHP2n8MYXmogwzaqjiRenMB0RepJv1a3soHuNtvWp8-bgdA==
x-cache-hits
1
v2ceqPgIhSD4PfVW58UdnQ_7GstrM9QW2HpqKxuQ_-j6_jwniyDeo2ok
spookyexchange.com/ 		60 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spookyexchange.com/v2ceqPgIhSD4PfVW58UdnQ_7GstrM9QW2HpqKxuQ_-j6_jwniyDeo2ok
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e6934a9a6a983d3e16ab4119ad093f886cb41fe49eed4f8ff7cb06ed3ba1d9be
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Tue, 07 Feb 2023 08:57:05 GMT
x-datacenter
gce-europe-west1
etag
"64d83cb8541c6082e52f6835037c1387b3046c1bc5ef88a999d7b843d6926305"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-g0bs
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
757822166
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gtm.js
g4tagging.komando.com/ 		214 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g4tagging.komando.com/gtm.js?id=GTM-PWK6RF
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
057e7bc38701f46a49cfcf6ad65f5774a633b82ebfa82d25cd0bd9a12970340d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:05 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 07 Feb 2023 06:00:00 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=900
expires
Tue, 07 Feb 2023 09:12:05 GMT
jquery.min.js
www.komando.com/wp-includes/js/jquery/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.komando.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.243.221.239 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.221.243.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:04 GMT
content-encoding
br
last-modified
Mon, 19 Sep 2022 14:16:24 GMT
server
nginx
etag
W/"632879b8-15e54"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=2630000
autoptimize_single_e7cba94c1ad3b87075c6b51e2ee0c346.js
www.komando.com/wp-content/cache/autoptimize/js/ 		1 KB
677 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.komando.com/wp-content/cache/autoptimize/js/autoptimize_single_e7cba94c1ad3b87075c6b51e2ee0c346.js?ver=10.8.3
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.243.221.239 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.221.243.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f3a0a60c73c3170eb91a49081e375dfebdd1b750df35661600187907b0e925b5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:04 GMT
content-encoding
br
last-modified
Wed, 09 Nov 2022 19:58:45 GMT
server
nginx
etag
W/"636c0675-515"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=2630000
utils.min.js
www.komando.com/wp-includes/js/ 		2 KB
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.komando.com/wp-includes/js/utils.min.js?ver=6.1.1
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.243.221.239 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.221.243.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a2687fe8e299a3aad2d4701478f7a7ea3689ef4f470372e3484cf28b84b019b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:04 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 19:55:30 GMT
server
nginx
etag
W/"632e0f32-748"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=2630000
cls.css
a.pub.network/core/pubfig/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/cls.css
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:05 GMT
content-encoding
gzip
cf-cache-status
HIT
age
733
x-guploader-uploadid
ADPycdtKHhbp5EjiOKFdATvWgIXFAqBECU_5mZd_VURJah-GKDmR5uXpApJ_mnLNge0tbyLKWaTtiAS0-XMfMtkvZYAdig
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Fri, 28 Oct 2022 14:36:10 GMT
server
cloudflare
etag
W/"816783146b3907e634d0e822ca759864"
vary
Accept-Encoding
x-goog-generation
1666967770269941
content-type
text/css
access-control-allow-origin
*
x-goog-hash
crc32c=4G+Zdg==, md5=gWeDFGs5B+Y00OgiynWYZA==
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
2096
cf-ray
795aea81bdb872fd-LHR
expires
Tue, 07 Feb 2023 09:57:05 GMT
dreamstime_m_99198014-1.jpg
b1681952.smushcdn.com/1681952/wp-content/uploads/2018/04/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1681952.smushcdn.com/1681952/wp-content/uploads/2018/04/dreamstime_m_99198014-1.jpg?lossy=0&strip=1&webp=1
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.24.11.18 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
185-24-11-18.bunnyinfra.net
Software
BunnyCDN-AT1-1046 /
Resource Hash
1dffe36e9d4d870dbf7c798cc1d1f3d219897f2a985a69224f557a9fb3031a6b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:05 GMT
cdn-edgestorageid
1046
cdn-cachedat
02/07/2023 08:57:05
cdn-pullzone
1090387
content-length
20012
x-amz-expiration
expiry-date="Thu, 20 Oct 2022 11:54:55 GMT", rule-id="expire"
last-modified
Tue, 20 Sep 2022 11:54:55 GMT
server
BunnyCDN-AT1-1046
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"edd2b824f3e66e4cd1eff1b070d8f248"
content-type
image/webp
smushed
origFmt=jpg, origSize=86598, smushRatio=76.89, skipped=0, originCache=HIT
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control
public, max-age=31919000
cdn-requestid
b19d23b70172a01355de2ee03e3b3ad2
accept-ranges
bytes
cdn-requestcountrycode
GB
cdn-status
200
cdn-requestpullsuccess
True
lazysizes.min.js
www.komando.com/wp-content/plugins/autoptimize/classes/external/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.komando.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.3
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.243.221.239 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.221.243.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:05 GMT
content-encoding
br
last-modified
Mon, 24 May 2021 17:35:41 GMT
server
nginx
etag
W/"60abe3ed-2655"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=2630000
regenerator-runtime.min.js
www.komando.com/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.komando.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.243.221.239 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.221.243.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:04 GMT
content-encoding
br
last-modified
Mon, 11 Apr 2022 12:04:30 GMT
server
nginx
etag
W/"6254194e-194b"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=2630000
wp-polyfill.min.js
www.komando.com/wp-includes/js/dist/vendor/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.komando.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.243.221.239 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.221.243.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:05 GMT
content-encoding
br
last-modified
Tue, 20 Sep 2022 15:43:29 GMT
server
nginx
etag
W/"6329dfa1-459f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=2630000
hooks.min.js
www.komando.com/wp-includes/js/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.komando.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.243.221.239 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.221.243.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:05 GMT
content-encoding
br
last-modified
Mon, 11 Apr 2022 12:04:30 GMT
server
nginx
etag
W/"6254194e-132e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=2630000
i18n.min.js
www.komando.com/wp-includes/js/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.komando.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.243.221.239 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.221.243.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:05 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 19:55:30 GMT
server
nginx
etag
W/"632e0f32-27f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=2630000
url.min.js
www.komando.com/wp-includes/js/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.komando.com/wp-includes/js/dist/url.min.js?ver=bb0ef862199bcae73aa7
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.243.221.239 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.221.243.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
3a5473b62e71d3164b95391e8342e6abe3215428bcaf828a72dc2f23fc540337

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:05 GMT
content-encoding
br
last-modified
Wed, 19 Oct 2022 11:30:32 GMT
server
nginx
etag
W/"634fdfd8-23bb"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=2630000
api-fetch.min.js
www.komando.com/wp-includes/js/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.komando.com/wp-includes/js/dist/api-fetch.min.js?ver=bc0029ca2c943aec5311
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.243.221.239 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.221.243.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0598e98bc97e5b9aeb32aa40cae407814d13a7333e055071107519d7b4fcb0d7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:05 GMT
content-encoding
br
last-modified
Tue, 12 Apr 2022 15:12:47 GMT
server
nginx
etag
W/"625596ef-14cd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=2630000
autoptimize_single_53d79c3e8659edd5fd822b273ff8b224.js
www.komando.com/wp-content/cache/autoptimize/js/ 		127 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.komando.com/wp-content/cache/autoptimize/js/autoptimize_single_53d79c3e8659edd5fd822b273ff8b224.js?ver=1.0.61.9143b
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.243.221.239 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.221.243.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b13ead8cd1b832c7f62137108f577d6ff406c66090c8e21fc1097e206cc36697

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:05 GMT
content-encoding
br
last-modified
Wed, 09 Nov 2022 19:58:45 GMT
server
nginx
etag
W/"636c0675-1fd30"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=2630000
formSubscribe.min.js
www.komando.com/wp-content/plugins/k3-prefs-center/public/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.komando.com/wp-content/plugins/k3-prefs-center/public/js/formSubscribe.min.js?ver=1.1.7
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.243.221.239 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.221.243.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b9eb5f23cd494550d03dd5c01e6653576c5851f7775dbf84b51ebae874ee4740

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:05 GMT
content-encoding
br
last-modified
Thu, 19 May 2022 14:21:15 GMT
server
nginx
etag
W/"6286525b-230c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=2630000
smush-lazy-load-native.min.js
www.komando.com/wp-content/plugins/wp-smush-pro/app/assets/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.komando.com/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load-native.min.js?ver=3.12.3
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.243.221.239 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.221.243.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
be6782a8a0617c64e1eaf887f6771ac1e4ead25232ffcf133e5cba77b7379e76

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:05 GMT
content-encoding
br
last-modified
Tue, 08 Nov 2022 15:45:57 GMT
server
nginx
etag
W/"636a79b5-2505"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=2630000
sharing.min.js
www.komando.com/wp-content/plugins/jetpack/_inc/build/sharedaddy/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.komando.com/wp-content/plugins/jetpack/_inc/build/sharedaddy/sharing.min.js?ver=11.5.1
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.243.221.239 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.221.243.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9eff412c1198930f1d219490894e17733ccd8b992e9ddb7546971f783c00431e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:05 GMT
content-encoding
br
last-modified
Tue, 08 Nov 2022 15:44:15 GMT
server
nginx
etag
W/"636a794f-2145"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=2630000
e-202306.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202306.js
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc
HIT lhr
date
Tue, 07 Feb 2023 08:57:05 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 04 Feb 2024 23:05:27 GMT
firebase-app.js
www.gstatic.com/firebasejs/8.2.10/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.2.10/firebase-app.js
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9744336b70c6f9991d4dc09a826827ba40ef82dead84545dbb7cf902aea80363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:07:54 GMT
x-content-type-options
nosniff
age
370151
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20046
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 21:24:19 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 02:07:54 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/8.2.10/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.2.10/firebase-messaging.js
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f921ad528f18411472daf5a169f99678086aec6ac4a71f00730575a092621f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 20:37:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
476393
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10867
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 21:24:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Feb 2024 20:37:12 GMT
ccpa.338b6cd2f1013fb88e57.bundle.js
cdn.privacy-mgmt.com/unified/4.5.0/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/4.5.0/ccpa.338b6cd2f1013fb88e57.bundle.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
819cd11b48e7f2d1a6ba85d2b0ce07950b52bcc9b04d27587f59cfce03d8c999

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:33:34 GMT
content-encoding
br
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
last-modified
Mon, 09 Jan 2023 20:21:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
9849
etag
W/"1e8abbfe2746ce14da00985d88567c71"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
-pDiCvFevvBoh9hGoS5MLA9xCSOyf6xcTYppGBWiXRfYdWKFkwhkcA==
custom.bc86f271bb55ba1c9eab.bundle.js
cdn.privacy-mgmt.com/unified/4.5.0/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/4.5.0/custom.bc86f271bb55ba1c9eab.bundle.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bbc5144df3b5b512fc0e77411efba3dcace651f4e55679969a1ac12feaf2554a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 07:53:39 GMT
content-encoding
gzip
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
last-modified
Mon, 09 Jan 2023 20:21:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
8389
etag
W/"d3ecae93d8ba6fba6e46b8a0f6ddb88c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
JvTu2G4wE0LV2TFLJyrqbbDbw_yGzRLm6JX4iTXCa0R2CPC7Kmawiw==
gdpr-tcf.d469fa22183489866de1.bundle.js
cdn.privacy-mgmt.com/unified/4.5.0/ 		86 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/4.5.0/gdpr-tcf.d469fa22183489866de1.bundle.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4963b09462b5db20b9a820b98581b6f8a4058a2eeb2d4d7b4177ac3a9cc33f80

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 03:16:07 GMT
content-encoding
br
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
last-modified
Mon, 09 Jan 2023 20:21:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
20459
etag
W/"8d578fd3ad53639646d3898951859d33"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
9r6Zaial3XAcSxD206NMYpSeDGeE84yez1elv2eeMFNmLUP1UbchhQ==
get_site_data
cdn.privacy-mgmt.com/mms/v2/ 		203 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F&account_id=1821
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
Jetty(9.4.2.v20170220) /
Resource Hash
cd353b1975f12f3ba2665f6ed6c298d13375297f7b744c2914eeebaea2923384
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:05 GMT
strict-transport-security
max-age=15552000; includeSubdomains
x-sp-mms-node
ip-10-128-33-181
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
server
Jetty(9.4.2.v20170220)
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=3600, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
pDs8rKh60oB14SdI_8AZuIZMeAxkFX-_7kg4rnJGjgq14H0tKRtCmg==
loader.min.js
link.monetizer101.com/widget/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://link.monetizer101.com/widget/loader.min.js
Requested by
Host: link.monetizer101.com
URL: https://link.monetizer101.com/widget/code/1511.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-61.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78df1ed8d6b8a691f4bff095a5b11a83cb6421a2e7b3b039699b974266168ed7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
h897PtkZ0IZu8YiQZTG1wU3oIPaIlMxr
Content-Encoding
gzip
Via
1.1 5345148f0ba8ae3c67b69d035acdbfc4.cloudfront.net (CloudFront)
Date
Tue, 07 Feb 2023 08:57:05 GMT
Last-Modified
Mon, 06 Feb 2023 15:42:23 GMT
Server
AmazonS3
X-Amz-Cf-Pop
AMS50-C1
Age
31
ETag
W/"fb77c143d8245dfd4fa017903498b9ed"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
3yk58j8HvLSLAqZXVc4BXvddFk3oennHXPO-50szkvn_tD3gszWsRg==
pubfig.min.js
a.pub.network/komando-com/ 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/komando-com/pubfig.min.js
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be4079d413e801f4d92bae17f83cb59a350c0b27ccc76171579182426144f128

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:05 GMT
content-encoding
gzip
cf-cache-status
HIT
x-guploader-uploadid
ADPycdua4cbCriC5dBwoDA7pHzR7zIYwGOoJsJernPSbtSdiJ47jFsKcXfMGZLBIYZNOpnE5ZDBYmvRiWG4ve_1Pn2jzng
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Tue, 31 Jan 2023 20:22:57 GMT
server
cloudflare
etag
W/"20bd30dd303371085af5cd047e148138"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1675196577148807
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=1LELLA==, md5=IL0w3TAzcQha9c0EfhSBOA==
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
174755
cf-ray
795aea822e4472fd-LHR
expires
Tue, 07 Feb 2023 09:27:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,700,700i,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.komando.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 11:48:56 GMT
x-content-type-options
nosniff
age
76089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Feb 2024 11:48:56 GMT
truncated
/ 		501 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51885f3f46c7317c00dc6b36ae543d48f1b3d1c3768381c9f7c8fb47e38214f1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		985 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f3f58c2fd4529fffc91067658a9689ffc59257d6e329de3f156539fdc9d44c3

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2fb500f34c1e92bea56bab8e0e5ccd68f794b9a514e5302a2f7e07723938d91b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		768 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79803d78aaa09409a72b13aeca2f84e17e6cdb792e7c2122f4e1c3990485bc1a

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,700,700i,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.komando.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 22:49:45 GMT
x-content-type-options
nosniff
age
554840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 22:49:45 GMT
KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,700,700i,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.komando.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:33:59 GMT
x-content-type-options
nosniff
age
325386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17032
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Feb 2024 14:33:59 GMT
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db03313b117d5687f500d3a57cf5a279c0e9c92cf8b2182b5ec74257257537c3

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
7e725acd-c78b-4d57-bc80-749a46cf1f09
player.ex.co/player/ 		1 MB
336 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8cb6628eef26dc0e180dd5934b78d36034a083b848e29c49a5194eaab4fe3a9e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 07 Feb 2023 08:57:05 GMT
via
1.1 varnish, 1.1 varnish
age
2937
x-cache
HIT, HIT
content-length
342762
x-served-by
cache-iad-kjyo7100134-IAD, cache-lhr7337-LHR
server
nginx
x-timer
S1675760226.780381,VS0,VE7
etag
W/"106b4e-Ro6pLAZWS9JW9huisYgKS2o4dcU"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
2, 1
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77aa142ae9ef1f5662e8d64f2cdb0f0280d0fc658655ec8ff2308493af331230

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
ad-background.png
www.komando.com/wp-content/themes/komando/assets/images/ 		167 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.komando.com/wp-content/themes/komando/assets/images/ad-background.png
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.243.221.239 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.221.243.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b94c0c588c960ee9b1b4fdc774c776f770059745e5219ecc28c1cbe5f633ba84

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:05 GMT
last-modified
Wed, 03 Jun 2020 17:53:13 GMT
server
nginx
etag
"5ed7e389-a7"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
167
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,700,700i,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.komando.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 15:47:07 GMT
x-content-type-options
nosniff
age
234598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Feb 2024 15:47:07 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,700,700i,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.komando.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 15:23:02 GMT
x-content-type-options
nosniff
age
63243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Feb 2024 15:23:02 GMT
truncated
/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c

Request headers

Referer
Origin
https://www.komando.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8400420064efcd62c29d75ad0a6bf0218832b1918da16c5300127bcc868cb7a

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
personalized-content
www.komando.com/wp-json/komando/v1/ 		84 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.komando.com/wp-json/komando/v1/personalized-content?_wpnonce=443419459c&post_ids=null&current_post_id=456930
Requested by
Host: www.komando.com
URL: https://www.komando.com/wp-content/cache/autoptimize/js/autoptimize_single_53d79c3e8659edd5fd822b273ff8b224.js?ver=1.0.61.9143b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.243.221.239 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.221.243.35.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
e9e40f737e08ad5b6c7ec3d3ee2232ce91f00b1f4f753c79f5e8e4f74c1c4a60
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
date
Tue, 07 Feb 2023 08:57:05 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
WP Engine
vary
X-NR-SAMPLE-PERCENT
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-robots-tag
noindex
x-wp-nonce
443419459c
link
<https://www.komando.com/wp-json/>; rel="https://api.w.org/"
content-length
84
x-wp-doingitwrong
wp_send_json (since 5.5.0; Return a WP_REST_Response or WP_Error object from your callback when using the REST API.)
x-pass-why
custom-cookie
loader.js
cdn.taboola.com/libtrc/komando/ 		513 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/komando/loader.js
Requested by
Host: www.komando.com
URL: https://www.komando.com/wp-content/cache/autoptimize/js/autoptimize_single_53d79c3e8659edd5fd822b273ff8b224.js?ver=1.0.61.9143b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e930eb9942673b108eba8c47ea12c8f78c1731fc3e18767cf4c53733a64fc402

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
Y627WGSRHtBRbYBa6Hl7lVNeZCqiaYsk
content-encoding
gzip
via
1.1 varnish
date
Tue, 07 Feb 2023 08:57:05 GMT
x-amz-request-id
VK0MF92V43ARNY2C
age
166
x-cache
HIT
x-amz-replication-status
FAILED
content-length
53105
x-amz-id-2
mR+vrfgrgvg56sOYZ7SKOQzW7qFh/Cc/WHFnTYUKisk4dL3huv4aynaEAGg9xtZwWMkwCLmgPhI=
x-served-by
cache-lcy-eglc8600054-LCY
last-modified
Mon, 06 Feb 2023 13:55:05 GMT
server
AmazonS3
x-timer
S1675760226.830694,VS0,VE1
etag
"bc239f68e2fd48f1974f7eb5b2c27a6b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
89
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
admin-ajax.php
www.komando.com/wp-admin/ 		456 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.komando.com/wp-admin/admin-ajax.php?action=k3CheckForNewContent
Requested by
Host: www.komando.com
URL: https://www.komando.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.243.221.239 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.221.243.35.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
462f27a23d7658a83f84aedfd225d8c5e0a41e86b04b0d9a7577bc996816be42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Wed, 11 Jan 1984 05:00:00 GMT
date
Tue, 07 Feb 2023 08:57:05 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
x-cacheable
NO:Passed
server
nginx
x-powered-by
WP Engine
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, X-NR-SAMPLE-PERCENT,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
x-cache
MISS
cache-control
max-age=0, must-revalidate, private
x-robots-tag
noindex
x-pass-why
wp-admin
meta-data
cdn.privacy-mgmt.com/wrapper/v2/ 		167 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/meta-data?hasCsp=true&accountId=1821&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%2C%22gdpr%22%3A%7B%7D%7D&propertyId=23815&scriptVersion=4.5.0&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
1010cd9dd08269f38fce8d9abb769bfc1ae8688c7cc752c67576dc520f5a95e7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Feb 2023 08:57:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=3600, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length
167
x-amz-cf-id
AMZVX5AsjQOADa9-f-jDbmKI1ByENk7I9RJzOxCjFL7jyWE7qago6w==
meta-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/meta-data?hasCsp=true&accountId=1821&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%2C%22gdpr%22%3A%7B%7D%7D&propertyId=23815&scriptVersion=4.5.0&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.komando.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
age
31324
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 07 Feb 2023 00:15:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-id
BBD4SAU-vuVB_77aufiHNl0sRXlXZp1aDlrxfttJ98lu9xm8CHUyxg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-powered-by
Express
truncated
/ 		382 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,700,700i,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.komando.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 02:07:02 GMT
x-content-type-options
nosniff
age
456603
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17368
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 02:07:02 GMT
logo-totalav-130x651.jpg
b1681952.smushcdn.com/1681952/wp-content/uploads/2019/11/ 		904 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1681952.smushcdn.com/1681952/wp-content/uploads/2019/11/logo-totalav-130x651.jpg?lossy=0&strip=1&webp=1
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.24.11.18 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
185-24-11-18.bunnyinfra.net
Software
BunnyCDN-AT1-1046 /
Resource Hash
2661e7d6c21d455d3f2d6bb759f03530ca5b74833367c0d08b0d6c862739d55e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:05 GMT
cdn-edgestorageid
1046
cdn-cachedat
01/23/2023 08:47:21
cdn-pullzone
1090387
content-length
904
x-amz-expiration
expiry-date="Sun, 19 Feb 2023 19:48:44 GMT", rule-id="expire"
last-modified
Fri, 20 Jan 2023 19:48:44 GMT
server
BunnyCDN-AT1-1046
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"c577aefdb1573ecc27f34e1cf20435c6"
content-type
image/webp
smushed
origFmt=jpg, origSize=2835, smushRatio=68.11, skipped=0, originCache=HIT
cdn-cache
HIT
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control
public, max-age=31919000
cdn-requestid
0f318a272d8f23a71f3bc4e0f2f1bd28
accept-ranges
bytes
cdn-requestcountrycode
GB
cdn-status
200
cdn-requestpullsuccess
True
dreamstime_m_156153407-1.jpg
b1681952.smushcdn.com/1681952/wp-content/uploads/2020/02/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1681952.smushcdn.com/1681952/wp-content/uploads/2020/02/dreamstime_m_156153407-1.jpg?lossy=0&strip=1&webp=1
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.24.11.18 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
185-24-11-18.bunnyinfra.net
Software
BunnyCDN-AT1-1046 /
Resource Hash
5642478af9f2c14e926a8593cdde5e215e3f5ff939d160ce9bc4005353f364b8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:06 GMT
cdn-edgestorageid
1046
cdn-cachedat
02/07/2023 08:57:06
cdn-pullzone
1090387
content-length
19862
x-amz-expiration
expiry-date="Thu, 20 Oct 2022 12:59:33 GMT", rule-id="expire"
last-modified
Tue, 20 Sep 2022 12:59:33 GMT
server
BunnyCDN-AT1-1046
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"59e7a42592013d3b33d1d7a8038182e9"
content-type
image/webp
smushed
origFmt=jpg, origSize=61080, smushRatio=67.48, skipped=0, originCache=HIT
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control
public, max-age=31919000
cdn-requestid
702530551d42ad7676bf11b2c02f3910
accept-ranges
bytes
cdn-requestcountrycode
GB
cdn-status
200
cdn-requestpullsuccess
True
kk-banner-20210401-podcasts-600x150-web-ctu.jpg
b1681952.smushcdn.com/1681952/wp-content/uploads/2021/04/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1681952.smushcdn.com/1681952/wp-content/uploads/2021/04/kk-banner-20210401-podcasts-600x150-web-ctu.jpg?lossy=0&strip=1&webp=1
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.24.11.18 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
185-24-11-18.bunnyinfra.net
Software
BunnyCDN-AT1-1046 /
Resource Hash
e8f06f3f7654b4ef4618604d80e14fb81d36fe27cc5a4634529392131908487c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:05 GMT
cdn-edgestorageid
1046
cdn-cachedat
12/19/2022 00:57:58
cdn-pullzone
1090387
content-length
6534
x-amz-expiration
expiry-date="Tue, 18 Oct 2022 12:22:44 GMT", rule-id="expire"
last-modified
Sun, 18 Sep 2022 12:22:44 GMT
server
BunnyCDN-AT1-1046
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"a1981ade54a42401424480e654e4d906"
content-type
image/webp
smushed
origFmt=jpg, origSize=63443, smushRatio=89.7, skipped=0, originCache=HIT
cdn-cache
HIT
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control
public, max-age=31919000
cdn-requestid
7048c9b7dd252fb06731de72c6c2b963
accept-ranges
bytes
cdn-requestcountrycode
GB
cdn-status
200
cdn-requestpullsuccess
True
g.gif
pixel.wp.com/ 		50 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=166923932&post=456930&tz=-7&srv=www.komando.com&j=1%3A11.5.1&host=www.komando.com&ref=&fcp=1457&rand=0.12378292864984553
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Feb 2023 08:57:05 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
count.json
api.pinterest.com/v1/urls/ 		166 B
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pinterest.com/v1/urls/count.json?callback=WPCOMSharing.update_pinterest_count&url=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F
Requested by
Host: www.komando.com
URL: https://www.komando.com/wp-content/plugins/jetpack/_inc/build/sharedaddy/sharing.min.js?ver=11.5.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-220-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b84b1f8f52574cfb30d12b855b6a7d9a73f5a91922f98b13ee66357a24549b77
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:06 GMT
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.4e17655f.1675760226.6e20c65a
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
content-length
166
x-pinterest-rid
1146702117183805
expires
Tue, 07 Feb 2023 09:12:06 GMT
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=pinterest&r=0.09075910557128619
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Feb 2023 08:57:05 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
init
d.pub.network/v2/ 		57 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/init?siteId=253&env=PROD
Requested by
Host: a.pub.network
URL: https://a.pub.network/komando-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
fe59dc311053c3c430bdf82eefd45fd9fd9fdcc85119067be7f2215b386f1462

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:06 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.komando.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
truncated
/ 		180 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		354 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
skeleton.js
static.adsafeprotected.com/ 		17 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: spookyexchange.com
URL: https://spookyexchange.com/v2ceqPgIhSD4PfVW58UdnQ_7GstrM9QW2HpqKxuQ_-j6_jwniyDeo2ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:ba00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:50:24 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 6d125e47c290f30bf760f976c0325c98.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
12114403
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
tk3Bg57UX0gOo4Kh55ZBQkFgwecxOcAtxGBeBkmM2J0Q73dIwCyDhw==
events
prd-collector-anon.ex.co/main/ 		0
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.174.12 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-174-12.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.komando.com
date
Tue, 07 Feb 2023 08:57:06 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
css2
fonts.googleapis.com/ 		2 KB
648 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Feb 2023 08:57:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 08:18:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Feb 2023 08:57:06 GMT
messages
cdn.privacy-mgmt.com/wrapper/v2/ 		17 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1821%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%7D%7D%2C%22custom%22%3A%7B%22targetingParams%22%3A%7B%7D%7D%2C%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Atrue%7D%2C%22gdpr%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&scriptVersion=4.5.0&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
647ab9863bd944a209b391394a1b9d60ff053c8b204efe83d2789a4926ff1866
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Feb 2023 08:57:06 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=0, s-maxage=1200
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
8-ek4MfeA23pgYp9fv0Ck_bQxOEknD3Yqoz9im1ALszo4PeVEvqRKQ==
player.js
p.channelexco.com/player/ 		36 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/player/player.js?pv=117.25&p=402802331&ni=119761166&ui=6xk84zcedmgaj5wr&cb=9e13e8df-e5ec-4147-b8a3-119df5066223&d=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F&schain=1.0,1!playbuzz.com,0016M00002LRAT1QAP,1,,,&w=600&h=337.5&asr=1&impDetail=1&auction=1&auctionFast=5&publisherType=publisher&puid=13ba6e13-74ca-4100-85b3-f70e17d440bf&geo=GB&browser=chrome&os=windows&jsv=false&gdpr=-GPV_GDPR-&gdpr_consent=-GPV_GDPR_CONSENT-&us_privacy=-GPV_US_PRIVACY-&isAmp=false&rv=true&device=desktop&sid=&sid2=default&upx=1
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.58.133.68 Alameda, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS
Software
openresty /
Resource Hash
6bd1bf132ec5ff3af32210bad8826a1a319d70a5325dafe439a78d039a5cc305

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
application/x-javascript
date
Tue, 07 Feb 2023 08:57:07 GMT
cache-control
no-cache
content-encoding
gzip
server
openresty
vary
Accept-Encoding
expires
Tue, 07 Feb 2023 08:57:06 GMT
load.js
widget.perfectmarket.com/komando/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/komando/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/komando/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
61fbc34f91d8af09b7d8434e27d4f7f12fdfae8311d2d26d0eea187ad16c4dd6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
zbbQXN6FX1TkmBGibAJpQk24j4NgmgPf
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 07 Feb 2023 08:57:06 GMT
x-amz-request-id
SEMD8MVTGF8JMXCW
age
263
x-cache
HIT, MISS
content-length
1097
x-amz-id-2
79XODC2L9SOtX67DynCXg4CyRT0v/LJqox6w+eeMPdJrPoBUt9aSDMGuWonV8jHw8MMX0qJYqno=
x-served-by
cache-bur-kbur8200060-BUR, cache-lcy-eglc8600051-LCY
last-modified
Mon, 30 Mar 2020 06:23:42 GMT
server
AmazonS3
x-timer
S1675760226.346163,VS0,VE133
etag
"831b8a927926b7ec203a2adfe80150fc"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
2, 0
impl.20230205-36-RELEASE.js
cdn.taboola.com/libtrc/ 		725 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230205-36-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/komando/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6954b2245c105f5ef0e89223599d95d933f590794727fc4282321528ed27524

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
MqYBzGxoFRtNmvzRZeB8Hx0jnLaZkvad
content-encoding
gzip
via
1.1 varnish
date
Tue, 07 Feb 2023 08:57:06 GMT
x-amz-request-id
XXRTZRM9PS3K9EG5
age
15
x-cache
HIT
x-amz-replication-status
PENDING
content-length
194493
x-amz-id-2
53RQdCZSdqdJ4yC+mku8SVUodss6lMH38u2NwK8P2znwfv6rnSiQKtRcDlzA6TEHH1cHpqcxWh0=
x-served-by
cache-lcy-eglc8600054-LCY
last-modified
Mon, 06 Feb 2023 23:44:43 GMT
server
AmazonS3
x-timer
S1675760226.087217,VS0,VE0
etag
"b5425d60a7ee4ea3a380b89452140834"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
10
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
47
vv.20230205-36-RELEASE.js
cdn.taboola.com/libtrc/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/vv.20230205-36-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/komando/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6543c57e916cd39b41c82517846791babf3843056546379861ad5b1e70756398

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
rftUtnKHnG7hWiwlY8J7lZ3QLZjbd83L
content-encoding
gzip
via
1.1 varnish
date
Tue, 07 Feb 2023 08:57:06 GMT
x-amz-request-id
R0XXJK41NR7GERNQ
age
98
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4073
x-amz-id-2
+6PA2zwYZxWpSFwWa9vYg1F7yznu6PygN0OH/32MWgRqfzt53us19nduKtSTTVZZKlFbcwL8tWM=
x-served-by
cache-lcy-eglc8600054-LCY
last-modified
Mon, 06 Feb 2023 23:45:48 GMT
server
AmazonS3
x-timer
S1675760226.087362,VS0,VE0
etag
"e410de685f2fc4332cba3c3a52c94bbf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
10
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
3
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/komando/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-105.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 06:08:13 GMT
content-encoding
gzip
via
1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
17928
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
iI5JcfQQIePmzJIV6NwzCiTgsXc42Pdq9jFa9w7knZhjKH-2mwNpYA==
pubfig.engine.4.38.0.2e4043c17e44abb1d7a86d7e8ef76d3b9a2955db.js
a.pub.network/core/pubfig/ 		451 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.engine.4.38.0.2e4043c17e44abb1d7a86d7e8ef76d3b9a2955db.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/komando-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a72d6dc98266e970b3bee02e5ce7b927e59b9c835ca1ee0735f95fb0d765290

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:06 GMT
content-encoding
gzip
cf-cache-status
HIT
age
40350
x-guploader-uploadid
ADPycdsuGLNnfWZ3RLK9Jsr5TstioJwWqmmiqwbLT2zk3jr7u8n3UeXLgELTD9YXHOiEg1v86riZyZrQ3Rxta8Edwzn5gg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 24 Jan 2023 17:36:24 GMT
server
cloudflare
etag
W/"d6960338c92334e4e9779bafabd7bd00"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1674581784645778
content-type
application/javascript
content-language
en
x-goog-hash
crc32c=kL5lSw==, md5=1pYDOMkjNOTpd5uvq9e9AA==
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
461992
access-control-allow-origin
*
cf-ray
795aea85298a72fd-LHR
expires
Tue, 07 Feb 2023 09:57:06 GMT
optimize.js
www.google-analytics.com/gtm/ 		110 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=GTM-TVB3PGB
Requested by
Host: g4tagging.komando.com
URL: https://g4tagging.komando.com/gtm.js?id=GTM-PWK6RF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c6e6a01fbe3ee54802f40a40d4c05d4ad4760f4c813b2643523721d0a684922d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44196
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Feb 2023 08:57:06 GMT
5696.js
script.crazyegg.com/pages/scripts/0092/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0092/5696.js
Requested by
Host: g4tagging.komando.com
URL: https://g4tagging.komando.com/gtm.js?id=GTM-PWK6RF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17ef80d4c5062d417af8b2f40aa72a463f34478420eb300b08176f3d3f5bf1ac

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:06 GMT
content-encoding
gzip
cf-cache-status
HIT
age
15507
cf-polished
origSize=6088
ce-version
11.5.22
cf-bgj
minify
last-modified
Tue, 07 Feb 2023 04:38:39 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
795aea86a8d423cc-LHR
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 07 Feb 2023 08:57:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27843
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
q9k2fYqnPUlNHyT6zEAnO1re/iEAudKjlWma68hUznSpSbyer5VN9dsND/RZQTOVXRwHC/fsTHKKDIK9fEh5oQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
g4tagging.komando.com/gtag/ 		215 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g4tagging.komando.com/gtag/js?id=G-KQ59L32B98&l=dataLayer&cx=c&sign=eb3093ae8fad944500de403c896676a4f908791d2c89476d7588269f36297092_20230207
Requested by
Host: g4tagging.komando.com
URL: https://g4tagging.komando.com/gtm.js?id=GTM-PWK6RF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
89d10dceb02fed084f5dbeb501e5dd7f8bd735b8c5116dcbcff08cfb73346b83

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
application/javascript; charset=UTF-8
date
Tue, 07 Feb 2023 08:57:06 GMT
cache-control
private, max-age=900
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding
expires
Tue, 07 Feb 2023 09:11:17 GMT
messages
cdn.privacy-mgmt.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1821%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%7D%7D%2C%22custom%22%3A%7B%22targetingParams%22%3A%7B%7D%7D%2C%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Atrue%7D%2C%22gdpr%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&scriptVersion=4.5.0&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.komando.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 07 Feb 2023 08:57:06 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-id
QV5q1ZYhcUq_xwaEz6-G2u78IM7knqp3DYtgqUq4q4d1tHGafZwprQ==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-powered-by
Express
ingest.php
events.newsroom.bi/ 		50 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1718
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.150.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy01.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 07 Feb 2023 08:57:06 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.komando.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
active
flowcards.mrf.io/json/ 		55 B
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flowcards.mrf.io/json/active?site_id=1718&page_technology=0
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
67d7eb6805d29f099e89378123cfcf4f377d45ee2d660fffed82a5c1e3e1dbc5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:06 GMT
content-encoding
gzip
x-b3-traceid
3145cdec4a704a1fa8cea4da143cdb3c
x-cache
HIT
mrf-cache-status
H
x-envoy-upstream-service-time
3
x-b3-traceid-primal
dbcdb5891d9d4e67bb4a556202113e25
content-length
78
x-served-by
cache-lcy-eglc8600059-LCY
server
istio-envoy
x-timer
S1675760227.501762,VS0,VE1
vary
origin
x-req-backend
F_origin_1_croupier
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
1
index.html
cdn.privacy-mgmt.com/ Frame E9F1 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/index.html?message_id=609453&consentUUID=null&requestUUID=b98ad9d0-a27e-4afe-b083-ef96ccbad00e&preload_message=true&hasCsp=true&version=v1
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
226e276f6230b9b9338a5c06633f8ff6eb9e5a628c411d9e1225e8431055278f

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
1256
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html
date
Tue, 07 Feb 2023 08:36:11 GMT
etag
W/"775772433842b9bdd372564179405393"
last-modified
Thu, 19 Jan 2023 15:53:48 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-id
qXFGVZFdJr80ua6hxcTO9pUkAyh-zP8mFzMhRD2leBrGLZN9MegBbA==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
Notice.d64a5.css
cdn.privacy-mgmt.com/ Frame E9F1 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/Notice.d64a5.css
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=609453&consentUUID=null&requestUUID=b98ad9d0-a27e-4afe-b083-ef96ccbad00e&preload_message=true&hasCsp=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec52c92bd844889ac4997fe38fbfd0ac09c4111738ca64b5e873662a674e207d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.privacy-mgmt.com/index.html?message_id=609453&consentUUID=null&requestUUID=b98ad9d0-a27e-4afe-b083-ef96ccbad00e&preload_message=true&hasCsp=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:45:17 GMT
content-encoding
gzip
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
last-modified
Thu, 19 Jan 2023 15:53:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
710
etag
W/"d5e39d14d13451fd5020ca1442920af1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600
x-amz-cf-id
w1WKwSWLNxjiQRafA9i6k6IOBdCd38cShAMezMIOeGbdrcBrDZpoJw==
polyfills.d36c5.js
cdn.privacy-mgmt.com/ Frame E9F1 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/polyfills.d36c5.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=609453&consentUUID=null&requestUUID=b98ad9d0-a27e-4afe-b083-ef96ccbad00e&preload_message=true&hasCsp=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.privacy-mgmt.com/index.html?message_id=609453&consentUUID=null&requestUUID=b98ad9d0-a27e-4afe-b083-ef96ccbad00e&preload_message=true&hasCsp=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:21:06 GMT
content-encoding
gzip
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
last-modified
Thu, 19 Jan 2023 15:53:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
2161
etag
W/"89661b8fd918815bcb224bba79cabab1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
aBOXVek4_RB-KPCOLUfpXVpz4hAkSSbbk-j4-y2VbUcCCvodLuVlAQ==
Notice.38fc9.js
cdn.privacy-mgmt.com/ Frame E9F1 		261 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/Notice.38fc9.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=609453&consentUUID=null&requestUUID=b98ad9d0-a27e-4afe-b083-ef96ccbad00e&preload_message=true&hasCsp=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7b97147d39d2583a88140e6aa19b6c862eddc289261686d51f1fd9e45f87d8f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.privacy-mgmt.com/index.html?message_id=609453&consentUUID=null&requestUUID=b98ad9d0-a27e-4afe-b083-ef96ccbad00e&preload_message=true&hasCsp=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:34:05 GMT
content-encoding
gzip
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
last-modified
Thu, 19 Jan 2023 15:53:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
1381
etag
W/"616a682f1967dc6d6ea6304242f94325"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
74d8itKQ0BpzG9qeSKrPlTr4VXhM8ABmBZQmC8f0FgK7yjU3C-FtAw==
www.komando.com.json
script.crazyegg.com/pages/data-scripts/0092/5696/site/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0092/5696/site/www.komando.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0092/5696.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39cb258393aeddcd1413acfbbe26328a53c285825365518d92ddf7305f7d4f78

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:06 GMT
content-encoding
gzip
cf-cache-status
HIT
age
14837
ce-version
11.5.22
content-length
1655
last-modified
Tue, 07 Feb 2023 04:49:49 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
795aea884b5a76af-LHR
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1675760226535&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1675760226535&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1...
0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1675760226535&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&c8=How%20to%20tell%20if%20your%20computer%20or%20phone%20has%20been%20hacked&c9=
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Server
65.9.86.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-105.ams1.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:06 GMT
via
1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
1OLUnBYfGPNlOA7Pe0WxdN_4k2_8v57XYvzlsNOwmGdoKhAVcy-JEA==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1675760226535&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&c8=How%20to%20tell%20if%20your%20computer%20or%20phone%20has%20been%20hacked&c9=
date
Tue, 07 Feb 2023 08:57:06 GMT
via
1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
content-length
0
x-amz-cf-id
5HZs59w9JP-PEwaUnOSInQHB4FH8n6hiTsGikD88XKrPlZnpIf-sjA==
x-cache
Miss from cloudfront
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1675760226536&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_s...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1675760226536&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_...
0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1675760226536&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&c8=How%20to%20tell%20if%20your%20computer%20or%20phone%20has%20been%20hacked&c9=
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Server
65.9.86.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-105.ams1.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:06 GMT
via
1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
7BnD0mHuYTZCzQazbNh57GfywCCEQBMxKjbLTUwqEmPNvo-EHTo9wQ==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1675760226536&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&c8=How%20to%20tell%20if%20your%20computer%20or%20phone%20has%20been%20hacked&c9=
date
Tue, 07 Feb 2023 08:57:06 GMT
via
1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
content-length
0
x-amz-cf-id
Mjihtjy9pkQ1I2v6fe0DbrbrTMQO5_gfmPN8rxJ63aX33uJ0Ho-fXA==
x-cache
Miss from cloudfront
2818864641552220
connect.facebook.net/signals/config/ 		378 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2818864641552220?v=2.9.95&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3f6bae8ccfba966260d4917a5e1487fc1f6e67bbb4c855516171d5d28ff3ffd2
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 07 Feb 2023 08:57:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
sQeS/J/m1HVL2u+eqOKRyZPGMsHNHj39FJBT0CgtKwznXuGPk5CcpMW6XEOaATbG+vE7l/xnQ/r0vfN3PZGiYQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1YNN&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230205-36-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
503827
expires
60
v2knsel01VV-l2sS9rdVu6I2jOyTqaNHejJvsSV_UV28-m5Oz5DYYGdXZmBLs2I5CGafoXmby
spookyexchange.com/ 		206 B
233 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://spookyexchange.com/v2knsel01VV-l2sS9rdVu6I2jOyTqaNHejJvsSV_UV28-m5Oz5DYYGdXZmBLs2I5CGafoXmby
Requested by
Host: spookyexchange.com
URL: https://spookyexchange.com/v2ceqPgIhSD4PfVW58UdnQ_7GstrM9QW2HpqKxuQ_-j6_jwniyDeo2ok
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
03c674f4fe2e9597d9ea52c9251b224697f53ff254bd2144259bd82bdfa5f328
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Tue, 07 Feb 2023 08:57:06 GMT
via
1.1 google
x-buildnumber
757822166
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.komando.com
x-hostname
fen-hoothoot-europe-west1-spot-g0bs
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Tue, 07 Feb 2023 08:57:05 GMT
/
optimise.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?d=www.komando.com&t=desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.komando.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.komando.com
access-control-expose-headers
fs-client-rtt
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Tue, 07 Feb 2023 08:57:06 GMT
expires
0
fs-client-rtt
25
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
config.js
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/ 		135 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.38.0.2e4043c17e44abb1d7a86d7e8ef76d3b9a2955db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cd1ca80c97f3e96c12660aa116c23616b8d4945f59d01f923346a9d85c23050

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 08:53:58 GMT
server
cloudflare
x-amz-request-id
JGFZ42TYFJ6D1PXK
age
91
etag
W/"2179955c2b87b02ed18ef07f7a1fe05a"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
795aea89ea45dc83-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
2J9TTg6DlLWkkN1KH0JF+81L+irgg97W16nvJcBAy8xrEnSMgYfAtRqLRhii/tbbOh79xgoI7Hw=
/
optimise.net/ 		808 B
833 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?d=www.komando.com&t=desktop
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.38.0.2e4043c17e44abb1d7a86d7e8ef76d3b9a2955db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
9a5380338b5bc3e01b2c3837050167cb34b80efd3cea413ade7bb4242dcdd9e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
date
Tue, 07 Feb 2023 08:55:34 GMT
fs-client-rtt
25
age
92
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
808
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://www.komando.com
access-control-expose-headers
fs-client-rtt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization
expires
0
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.38.0.2e4043c17e44abb1d7a86d7e8ef76d3b9a2955db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8fa330868d43619bbb372ba3f1ca57cb8eb550b23ca87f0bf912e992f399ddd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27226
x-xss-protection
0
server
sffe
etag
"1475 / 496 of 1000 / last-modified: 1675724802"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 07 Feb 2023 08:57:06 GMT
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
453 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea577783d810f83cf7bd4196b3e52d2f97d853e2015d463803647e4aa36be67b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:07 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 08:18:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2229
etag
W/"632bbb3439d2e583f255ae541ff6a7b6"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHeAvhQ2rynE3xYFtMs0QphOt7A87CD3F7kcnOLLkj1fdqyVflHadsbjeXCA8VA0Y%2FxK7HUwj4AXke7Pb3zhS%2FhgmECWJ4tFg6yxpp44I7p78Bptn%2Fl8KnhZ5Y7p13GF%2FwBb6evRVln6vA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
795aea8b488924da-LHR

Redirect headers

date
Tue, 07 Feb 2023 08:57:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gDwS6p%2F7VhBwtKkhAJDzMexfhtUHhCJ3%2B4fEu%2B7aKYptHwbL55V9GGOJh61To5O52XdXg4wkeGHXlbuRDR3jkY4ZU7PDnYAX63Vdls0Qdt6bXFXVzZMYlvQCUS2BP2gIojHfy%2BLydG0tS7D70iNynDoajN0TMiEzzYPqNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
795aea8a0cfbdd33-LHR
expires
Tue, 07 Feb 2023 09:57:06 GMT
prebid-analytics-7.19.9.js
a.pub.network/core/ 		548 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-7.19.9.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.38.0.2e4043c17e44abb1d7a86d7e8ef76d3b9a2955db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9dd859ef10e3134d568f88192e90148b1ff8ca734e3b9ef0da63e65b053edfc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:06 GMT
content-encoding
gzip
cf-cache-status
HIT
age
40350
x-guploader-uploadid
ADPycdsa8CuSZMmawe2aRMQz6kXjRbPS7Dg_cA5GmhbqoNl84O7pEIg3Os5joHCIndeXFSApRenniJiqfw9pe874z-uqlVb0tuSr
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Thu, 19 Jan 2023 21:04:22 GMT
server
cloudflare
etag
W/"63f38dd07f88d1501fbaebc315cb56fb"
vary
Accept-Encoding
x-goog-generation
1674162262212600
content-type
text/html
access-control-allow-origin
*
x-goog-hash
crc32c=F3256A==, md5=Y/ON0H+I0VAfuuvDFctW+w==
content-language
en
access-control-expose-headers
*
cache-control
public, max-age=31495649
x-goog-stored-content-length
561234
cf-ray
795aea898eb872fd-LHR
expires
Tue, 06 Feb 2024 21:44:35 GMT
2e2da7d3b3b2d712690eb56715b4f237.js
script.crazyegg.com/pages/versioned/common-scripts/ 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/2e2da7d3b3b2d712690eb56715b4f237.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0092/5696.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8fbf8f0bba40d99a2dfe95009f71cb34bf640d3c71ff0abcd57cc41b4262831

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 29 Jan 2023 09:50:22 GMT
server
cloudflare
age
312920
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
795aea898d0a23cc-LHR
content-length
26903
analytics.js
g4tagging.komando.com/ 		49 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g4tagging.komando.com/analytics.js
Requested by
Host: g4tagging.komando.com
URL: https://g4tagging.komando.com/gtm.js?id=GTM-PWK6RF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:06 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
expires
Tue, 07 Feb 2023 10:57:06 GMT
pmk-202003261.3.js
widget.perfectmarket.com/komando/ 		123 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/komando/pmk-202003261.3.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/komando/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdc6f35981582b0bb0423b70243eac10776c99215aaa26dede1b002555215e99

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
YhuGJjURZcrX1KZYhHO4_Ttv7PP3uqxa
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 07 Feb 2023 08:57:06 GMT
x-amz-request-id
5Q75TVWJHT6DPJEJ
age
2935159
x-cache
HIT, HIT
content-length
33475
x-amz-id-2
d0cjKzmTRyS78Ks8dDIsZSJdrkYIljZ7KZsbGEUy2zdz8zpIN8uxlMyPgp9lgeHxXyPqFtJmT14=
x-served-by
cache-sna10725-LGB, cache-lcy-eglc8600051-LCY
last-modified
Mon, 30 Mar 2020 06:23:41 GMT
server
AmazonS3
x-timer
S1675760227.835776,VS0,VE0
etag
"b260aa8e83f78718a8ac4ccd94927248"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
16033, 2
collect
g4tagging.komando.com/g/ 		65 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g4tagging.komando.com/g/collect?v=2&tid=G-KQ59L32B98&gtm=45he3210&_p=606119063&cid=1063574874.1675760227&ul=en-us&sr=1600x1200&_fplc=0&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.us_privacy=1YNN&_s=1&sid=1675760226&sct=1&seg=0&dl=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&dt=How%20to%20tell%20if%20your%20computer%20or%20phone%20has%20been%20hacked&en=page_view&_fv=1&_nsi=1&_ss=1&richsstsse
Requested by
Host: g4tagging.komando.com
URL: https://g4tagging.komando.com/gtag/js?id=G-KQ59L32B98&l=dataLayer&cx=c&sign=eb3093ae8fad944500de403c896676a4f908791d2c89476d7588269f36297092_20230207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.komando.com
cache-control
no-cache
access-control-allow-credentials
true
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2818864641552220&ev=PageView&dl=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&rl=&if=false&ts=1675760227026&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbc=fb.1.1675760227022.IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&fbp=fb.1.1675760227025.413428420&it=1675760226571&coo=false&rqm=GET
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 07 Feb 2023 08:57:07 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
v2vlhHPS17hqGHYzS6ciN7PCFzDnmQU2CIyojTPDKDQ-iiFa39UYGb03u-KBShOmj3iBR54wx
spookyexchange.com/ 		1 KB
766 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://spookyexchange.com/v2vlhHPS17hqGHYzS6ciN7PCFzDnmQU2CIyojTPDKDQ-iiFa39UYGb03u-KBShOmj3iBR54wx
Requested by
Host: spookyexchange.com
URL: https://spookyexchange.com/v2ceqPgIhSD4PfVW58UdnQ_7GstrM9QW2HpqKxuQ_-j6_jwniyDeo2ok
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
3dc2d3a81cba3bf2e53254efe094ad5f5c66b87322df177d2094406236cb9075
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
via
1.1 google
date
Tue, 07 Feb 2023 08:57:07 GMT
x-buildnumber
757822166
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
740
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.komando.com
x-hostname
fen-hoothoot-europe-west1-spot-g0bs
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/komando/pmk-202003261.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-105.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 06:08:13 GMT
content-encoding
gzip
via
1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
17929
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
d6EQXmuDZlC0VZvo9-jNSSSrn7ATLqWERPFzCRbZarj85hWGfqyNeg==
www.komando.com.json
script.crazyegg.com/pages/data-scripts/0092/5696/sampling/ 		155 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0092/5696/sampling/www.komando.com.json?t=465488
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/2e2da7d3b3b2d712690eb56715b4f237.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306aa3e9ac2218b04789d6be6f4a3f4961ea0964026411aebeb9420d5a67d512

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:07 GMT
content-encoding
gzip
cf-cache-status
HIT
age
14837
ce-version
11.5.22
content-length
144
last-modified
Tue, 07 Feb 2023 04:49:50 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
795aea8b8e4f76af-LHR
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202212211045/ 		216 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 21 Dec 2022 15:47:15 GMT
server
cloudflare
x-amz-request-id
52ARBDC7JYEM5W25
age
2212861
etag
W/"fa407ba001f2ac06196124f41d523471"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
795aea8c0cd3dc83-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
XsncYCqEN0tO2aziekn3cZwOfy4jHvI4ER+rC27/JHSrHJLJ97+Gazfq4rall500TNiwpB9w9YU=
css
fonts.googleapis.com/ Frame E9F1 		8 KB
730 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9dc8e62b83994a1eda313381316790cec86d097f2c843ae416a097747864382b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.privacy-mgmt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Feb 2023 08:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 08:20:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Feb 2023 08:57:07 GMT
categories
cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame E9F1 		769 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/categories?siteId=23815&consentLanguage=en
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/Notice.38fc9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
/
Resource Hash
5136daeffa3c8a6f6e2e03c22f560d16a318ad750236152dcd4ae310062ce3c8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.privacy-mgmt.com/index.html?message_id=609453&consentUUID=null&requestUUID=b98ad9d0-a27e-4afe-b083-ef96ccbad00e&preload_message=true&hasCsp=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=0, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
769
x-amz-cf-id
vrieS9kZyhQNYVbZmTmp5jZYGgEQpjsuCPngyjNfUg1QMp9ufYM01g==
pubads_impl_2023020201.js
securepubads.g.doubleclick.net/gpt/ 		383 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3dbe61c0d4bd6843709a0c3287613e78c6699b608001771c5d02fc4927a81ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 12:41:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
418512
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132430
x-xss-protection
0
last-modified
Thu, 02 Feb 2023 09:36:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 02 Feb 2024 12:41:55 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		639 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.komando.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db32b6eacb18a1770fd81b7f6d465731164188aa58238614f5127d7e937dd6ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
273
x-xss-protection
0
expires
Tue, 07 Feb 2023 08:57:07 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame E9F1 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cdn.privacy-mgmt.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 08:26:15 GMT
x-content-type-options
nosniff
age
347452
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Feb 2024 08:26:15 GMT
healthcheck
pagestates-tracking.crazyegg.com/ 		19 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/2e2da7d3b3b2d712690eb56715b4f237.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-116.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:43:55 GMT
via
1.1 8da78542dac6b4328eb443200c30bbfe.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
age
1285993
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
ooo3mICRolMfBQQQzWU1rM2jOWJd069VSui-PxtHeQKmL8VUpocmTQ==
healthcheck
assets-tracking.crazyegg.com/ 		19 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/2e2da7d3b3b2d712690eb56715b4f237.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-31.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 03:56:02 GMT
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1832466
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
tCkK4EVg5fvcryjzapLCB6X84BlMqVRgeVQJV2aFiQodawmBmZ0dWQ==
ga-audiences
www.google.co.uk/ads/
Redirect Chain
  • https://g4tagging.komando.com/j/collect?v=1&_v=j99&a=606119063&t=pageview&_s=1&dl=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F45...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-230639-2&cid=LE0Shoa6D6qVF7kF7k7Bspt3ZGEU7QsXj7R18eniwsA%3D.1675760227&jid=80022134&_gid=926592009.1675760228&gjid=1169530341&_v...
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-230639-2&cid=LE0Shoa6D6qVF7kF7k7Bspt3ZGEU7QsXj7R18eniwsA%3D.1675760227&jid=80022134&_v=j99&z=53906696
  • https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-230639-2&cid=LE0Shoa6D6qVF7kF7k7Bspt3ZGEU7QsXj7R18eniwsA%3D.1675760227&jid=80022134&_v=j99&z=53906696&slf_rd=1&random=1141178418
42 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-230639-2&cid=LE0Shoa6D6qVF7kF7k7Bspt3ZGEU7QsXj7R18eniwsA%3D.1675760227&jid=80022134&_v=j99&z=53906696&slf_rd=1&random=1141178418
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Server
2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 07 Feb 2023 08:57:08 GMT
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-230639-2&cid=LE0Shoa6D6qVF7kF7k7Bspt3ZGEU7QsXj7R18eniwsA%3D.1675760227&jid=80022134&_v=j99&z=53906696&slf_rd=1&random=1141178418
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
px.gif
ad-delivery.net/ 		43 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
287368
x-guploader-uploadid
ADPycdv7N4MzE-5lflcpr9uFvl-W_gqWs9xiw0GX0RMUEcxQbJh5K8eLy_vJN7LevGQ3_pgtsAODKTRoU-9nN1R6rpUQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3qaCVCR9rl2h4i%2BeExtGfHVkMSCsavRlQNjk6BUhK3Rxtkzm1zBf7jNyhbiVTldYOqQZOymejKKs1KtOoCXvoTrDki%2BXOLwIm36Bv2jeh3WL02STru4aS9BNCtih%2Bqza71wNScUQXso62khSA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
795aea8fec4076fc-LHR
expires
Sat, 04 Feb 2023 02:07:39 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 19:43:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47602
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 07 Feb 2023 19:43:45 GMT
px.gif
ad-delivery.net/ 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.7767826278703678
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
287368
x-guploader-uploadid
ADPycdv7N4MzE-5lflcpr9uFvl-W_gqWs9xiw0GX0RMUEcxQbJh5K8eLy_vJN7LevGQ3_pgtsAODKTRoU-9nN1R6rpUQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTfosQ07PwMckPrkYJyaBQG2mUJ9h5%2F6AF94LbEXlIhh%2Fu0I4ZAyspCQTuKUUF8M%2Fbjb2yIiKMju%2FCbCbGKZ%2Fzps2wplS4ho6k%2BqwmM8TAiCbZaa%2Bv9os1yj4fNAm7IzHRYRYxK32f8GP5wZFg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
795aea8fec4276fc-LHR
expires
Sat, 04 Feb 2023 02:07:39 GMT
d
gpv.ex.co/player/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gpv.ex.co/player/d?v=2&b={%22pageLoadUid%22:%2213ba6e%C4%90-74ca-4100-85b3-f70%C4%957d440bf%22,%22country%C4%8D%22GB%C4%B2%22browser%C4%BCch%C5%83me%C5%80os%C4%BCwind%C5%84%C5%91%C4%B3networkI%C4%8C:11976%C5%A466%C4%B3hu%C4%8D%C4%B9ue%C4%B3p%C4%8D%C4%AE2802331%C4%B3%C5%A2%22https://w%C6%89.koma%C5%95o.%C4%B5m/te%C5%8A-ti%C6%84/signs-y%C4%B6r-pho%C5%9A-%C5%9E-%C6%93pu%C6%96%C6%A6i%C6%A2%C5%94f%C6%97%C6%96d-%C5%93th-%C4%9Bviru%C6%A2%C6%ADkeylog%C4%84r/456930/%C5%80%C7%84%C5%87%C5%A1%C4%BC6xk84zcedmgaj5w%C5%88}
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.52.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-52-15.compute-1.amazonaws.com
Software
/
Resource Hash
9c1fb17d65ce5caf92816cba37759ac51786fd7133e6653f6293b85ca5ba6ca7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
etag
W/"69e-MQJFSqYyEuK43P0kFMNP1A"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type
content-length
1694
json
trc.taboola.com/komando/trc/3/ 		41 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/komando/trc/3/json?tim=08%3A57%3A07.787&lti=deflated&data=%7B%22id%22%3A98%2C%22ii%22%3A%22%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1675691682269%2C%22vi%22%3A1675760227783%2C%22cv%22%3A%2220230205-36-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A0%2C%22ga%22%3Afalse%2C%22ccpa_ps%22%3A%221YNN%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA%22%2C%22vpi%22%3A%22%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A10962%2C%22qs%22%3A%22%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A18%2C%22uim%22%3A%22alternating-thumbnails-rr%3Aabp%3D0%22%2C%22uip%22%3A%22Alternating%20Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Alternating%20Right%20Rail%20Thumbnails%22%2C%22cd%22%3A2546.40625%2C%22mw%22%3A320%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2CAlternating%20Right%20Rail%20Thumbnails%3Dalternating-thumbnails-rr%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230205-36-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
80e3e52d0683c48d03b4a2e997851a60039c034a179ab5ebe777816745c89a0e

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
560
date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-lcy-eglc8600054-LCY
server
nginx
x-timer
S1675760228.818822,VS0,VE560
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.komando.com
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
6445970e-d1ae-49ee-8fc3-0253005b5f50
https://www.komando.com/ 		45 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.komando.com/6445970e-d1ae-49ee-8fc3-0253005b5f50
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length
45
Content-Type
text/javascript
/
www.facebook.com/tr/ Frame 22EA 		0
49 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.komando.com
Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.komando.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 08:57:07 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
pubfig.messaging.2.38.0.2e4043c17e44abb1d7a86d7e8ef76d3b9a2955db.js
a.pub.network/core/pubfig/ 		231 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.messaging.2.38.0.2e4043c17e44abb1d7a86d7e8ef76d3b9a2955db.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.38.0.2e4043c17e44abb1d7a86d7e8ef76d3b9a2955db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcebc3f2e622f96095255ba33d9b5efe910d7c413e74826c8f51294b79dc79b9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:07 GMT
content-encoding
gzip
cf-cache-status
HIT
age
40352
x-guploader-uploadid
ADPycdulB0Ct7vc3qfQ_l8mopm1fg7-YZBm7uRvsvj5rHurKtRu3BoklMIZWNzSYUjLxCN-VX3--tiGnyvcAuNa5P4mx1Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 24 Jan 2023 17:36:29 GMT
server
cloudflare
etag
W/"050e2db38ff7ff21690a2845d2ff53d0"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1674581789575167
content-type
application/javascript
content-language
en
x-goog-hash
crc32c=By39Zg==, md5=BQ4ts4/3/yFpCihF0v9T0A==
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
236086
access-control-allow-origin
*
cf-ray
795aea902eb372fd-LHR
expires
Tue, 07 Feb 2023 09:57:07 GMT
bulk-metrics
trc-events.taboola.com/komando/log/3/ 		0
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/komando/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230205-36-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.komando.com
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
apstag.js
c.amazon-adsystem.com/aax2/ 		193 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.38.0.2e4043c17e44abb1d7a86d7e8ef76d3b9a2955db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cc28ac27a3fe14720d82c5b681f8531381764074a669aa3e0ee58bc86bfabc7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:09 GMT
content-encoding
gzip
via
1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront), 1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
last-modified
Wed, 01 Feb 2023 21:25:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
x-amz-server-side-encryption
AES256
etag
W/"ca579f2de02c4700bc4fa6f925ed06a1"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
i5ybGfJxZKj6GmMapODk6yaBLuDDFcLmmNHxSDKdG0SKjioHVYBK2g==
clock
tracking.crazyegg.com/ 		26 B
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?t=1675760227977&tk=f8e2ae0271ef3cfe3e51b8119a4889ce&s=347981&p=%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F&u=925696&v=c7eebe2488344c9d45961074e84f23734855cfd9
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/2e2da7d3b3b2d712690eb56715b4f237.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.152.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-152-139.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3518eefe7f34002310bcd80ade06f9c22312742125356aa40b75ec38776456c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Feb 2023 08:57:08 GMT
cache-control
no-store
server
awselb/2.0
content-length
26
content-type
text/plain
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.38.0.2e4043c17e44abb1d7a86d7e8ef76d3b9a2955db.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2a15822e997e4b7b172e4b1e4c1366dd01f10ff936a8971ce15510f207b5d25c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
etag
"u+riIbpeWSVolXo4r+dT2g=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 14 Feb 2023 08:57:08 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
cookie_sync
s2s.t13.io/ 		2 KB
858 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/cookie_sync
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
5df38aa5657df31ee1f3726e5098ec3ff471194062626418808f1a30d1f81e22

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json
access-control-allow-origin
https://www.komando.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
635
expires
0
auction
s2s.t13.io/openrtb2/ 		185 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
0d2fe14aa9a6600f565f3dd71072f56584fffddc7e0d4b377836775c440965f0

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/1.94.0
content-type
application/json
access-control-allow-origin
https://www.komando.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175
expires
0
prebid
ib.adnxs.com/ut/v3/ 		138 B
943 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
387b5b5e780a2160c732aa818ed7d1c316b5389149bf4e2fd01d5b78c444e699
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:08 GMT
AN-X-Request-Uuid
b82992f9-e624-4de4-9d73-6f5b3fe8dcfa
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.komando.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		23 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.157.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-157-161.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
75b53e93f5b67be4f3b8e5f23fb71e059b0a503f211f43c857d34d05d056b33e

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.komando.com
date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
content-length
48
content-type
application/json
arj
freestar-d.openx.net/w/1.0/ 		74 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d2888646-cc1b-48d9-8e54-97a9be25cafe&nocache=1675760228041&scsm=www.freestar.com%3A619%7C596&us_privacy=1YNN&pubcid=141b9cc1-127c-4cf8-9351-647754a4ad81&schain=1.0%2C1!freestar.com%2C214%2C1%2C%2C%2C&aus=970x90%2C728x90%2C1x1&divids=Komando_Adhesion&aucs=%252F15184186%252FKomando_Adhesion%252FKomando_Adhesion&auid=539181725
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c9190d278295c05be2d88d8734873f21777ecd838d887bd99a2f3f2051ad657a

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.komando.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		700 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=730248&size_id=2&alt_size_ids=55%2C221&us_privacy=1YNN&rp_schain=1.0,1!freestar.com,214,1,,,&ppuid=a6b8cf05-da66-48f2-b75c-223bb5bce891&rf=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F&tg_i.name=komando-com&tg_i.domain=komando.com&tg_i.cat=IAB19%2CIAB19-18%2CIAB19-10&tg_i.sectioncat=IAB19%2CIAB19-18%2CIAB19-10&tg_i.pagecat=IAB19%2CIAB19-18%2CIAB19-10&tg_i.page=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&tg_i.fs_ad_product=stickyFooter&tg_i.pbadslot=%2F15184186%2FKomando_Adhesion%2FKomando_Adhesion&tk_flint=pbjs_lite_v7.19.7&x_source.tid=d2888646-cc1b-48d9-8e54-97a9be25cafe&l_pb_bid_id=1044f6e18d162a7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F15184186%2FKomando_Adhesion%2FKomando_Adhesion&slots=1&rand=0.6774150773731764
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6ede6d755df1ea32715511984ba06c0b39cee7e586548fcf586b92ddefa38e7c

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.komando.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.7
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
2f0afff2ab0961d798d41159fea42968c8d99788872f9abfc6860dc74b74cd20

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 07 Feb 2023 08:57:08 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.komando.com
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=494952&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2214b0e40700608b8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA%22%2C%22name%22%3A%22komando-com%22%2C%22domain%22%3A%22komando.com%22%2C%22cat%22%3A%5B%22IAB19%22%2C%22IAB19-18%22%2C%22IAB19-10%22%5D%2C%22sectioncat%22%3A%5B%22IAB19%22%2C%22IAB19-18%22%2C%22IAB19-10%22%5D%2C%22pagecat%22%3A%5B%22IAB19%22%2C%22IAB19-18%22%2C%22IAB19-10%22%5D%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%7B%22id%22%3A%22619%22%7D%2C%7B%22id%22%3A%22596%22%7D%5D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.7%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%22%2C%22tmax%22%3A1200%2C%22syncsPerBidder%22%3A3%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F15184186%2FKomando_Adhesion%2FKomando_Adhesion%22%2C%22adunitcode%22%3A%22Komando_Adhesion%22%2C%22divId%22%3A%22Komando_Adhesion%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22156d86679bd66fc%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22494952%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22494952%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22494952%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2FKomando_Adhesion%22%2C%22gpid%22%3A%22%2F15184186%2FKomando_Adhesion%2FKomando_Adhesion%22%2C%22tid%22%3A%22d2888646-cc1b-48d9-8e54-97a9be25cafe%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%223e9d085f-61ee-4a15-96b7-432eece6f1db%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22214%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNN%22%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
080fa4875b81328586d85039c5268a9f0f462099a1fdfdeb192f2af2ca3a1677

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6msCbvjK355%2FwbLC7LKF9GcP9RNGgjPx91u2V1HlCuoLcsD0h2xiQB4HO05mmZGf%2BMltC%2B3jQMoMQGsCngizY4gElDKHXPOWjKpqy08jk2MebjNinT4%2FuUmytJWCHEKCtXb8i9q"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.komando.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
795aea922e1ddc19-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
auction
tlx.3lift.com/header/ 		19 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.7&referrer=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F&tmax=1200&us_privacy=1YNN
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.229.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-229-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
accept-ch
sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.komando.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
btlr.sharethrough.com/universal/ 		638 B
805 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.105.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-105-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1b299f69137f33766ad346a8192497adca966e73d06d292080ac83f383887f5a

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.komando.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
436
auction
s2s.t13.io/openrtb2/ 		185 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
f041cb773186f39216a75e87772c94f33fddf655d1022cb593ac2d231c874e98

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/1.94.0
content-type
application/json
access-control-allow-origin
https://www.komando.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
expires
0
auction
tlx.3lift.com/header/ 		19 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.7&referrer=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F&tmax=1200&us_privacy=1YNN
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.229.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-229-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
accept-ch
sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.komando.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
btlr.sharethrough.com/universal/ 		892 B
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.105.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-105-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d9747f5722c7c42437d63d6bc6541a64eef344d775abeb7885abc95ae2f0d507

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.komando.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
513
v1
btlr.sharethrough.com/universal/ 		691 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.105.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-105-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
acdf7f8f87e5a6231c2b8cdc8fb693ac607bc022907f096aa06c92d557f4aaf2

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.komando.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
397
v1
btlr.sharethrough.com/universal/ 		601 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.105.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-105-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
30c6cbdb4497c944947dc733e37c6c7d6b9929f531b512601aff6b7c6568911f

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.komando.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
341
v1
btlr.sharethrough.com/universal/ 		678 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.105.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-105-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
198669e40d6e07717ff7bd3253781a001da0a2288c5b591b615d642cd561251a

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.komando.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
453
v1
btlr.sharethrough.com/universal/ 		442 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.105.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-105-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0e394310d59954f279ef99b39b416c950da0e2b5193ae75579033955bbfc703f

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.komando.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
322
v1
btlr.sharethrough.com/universal/ 		568 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.105.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-105-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e636f143c6c1105555f9b3a821719306b9028092c433f14b0baf7a1682e8ffb8

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.komando.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
356
v1
btlr.sharethrough.com/universal/ 		783 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.105.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-105-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44ef7f01d102ee70e48b8f889583f38b6087ad25e4815e14f8f38cc631cb3d0b

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.komando.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
495
v1
btlr.sharethrough.com/universal/ 		414 B
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.105.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-105-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d75e7796cd5ce3493e77afc5f8cf91ca6064722f3cfb4e9f27e5e16f810a8551

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.komando.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
285
v1
btlr.sharethrough.com/universal/ 		628 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.105.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-105-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
af425116e6d376e643f052ba62513f25ca973d319aba26ae3ad5b1f8ae5373be

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.komando.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
410
v1
btlr.sharethrough.com/universal/ 		530 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.105.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-105-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
7939f979c445a868d4ed632cf4a5d7d962fd416ef41765327070a014e003adb0

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.komando.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
365
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=494952&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2247fb434666b9a1e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA%22%2C%22name%22%3A%22komando-com%22%2C%22domain%22%3A%22komando.com%22%2C%22cat%22%3A%5B%22IAB19%22%2C%22IAB19-18%22%2C%22IAB19-10%22%5D%2C%22sectioncat%22%3A%5B%22IAB19%22%2C%22IAB19-18%22%2C%22IAB19-10%22%5D%2C%22pagecat%22%3A%5B%22IAB19%22%2C%22IAB19-18%22%2C%22IAB19-10%22%5D%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%7B%22id%22%3A%22619%22%7D%2C%7B%22id%22%3A%22596%22%7D%5D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.7%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%22%2C%22tmax%22%3A1200%2C%22syncsPerBidder%22%3A3%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F15184186%2FKomando_Right_Rail_4%2FKomando_Right_Rail_4%22%2C%22adunitcode%22%3A%22Komando_Right_Rail_4%22%2C%22divId%22%3A%22Komando_Right_Rail_4%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22489fc7d5148945d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22494952%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2FKomando_Leaderboard_1%22%2C%22gpid%22%3A%22%2F15184186%2FKomando_Leaderboard_1%2FKomando_Leaderboard_1%22%2C%22tid%22%3A%220f1f3217-e431-4ef7-b864-cf68950be833%22%7D%7D%2C%7B%22id%22%3A%224940656c49c39ab%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22494952%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22494952%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22494952%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2FKomando_Right_Rail_1%22%2C%22gpid%22%3A%22%2F15184186%2FKomando_Right_Rail_1%2FKomando_Right_Rail_1%22%2C%22tid%22%3A%228f8b2289-4d56-4396-a8f9-2a25b57ea227%22%7D%7D%2C%7B%22id%22%3A%2252332c99ea2250c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22494952%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22494952%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22494952%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2FKomando_Right_Rail_3%22%2C%22gpid%22%3A%22%2F15184186%2FKomando_Right_Rail_3%2FKomando_Right_Rail_3%22%2C%22tid%22%3A%22a76d6e04-0a78-450c-82a4-ccb814d13e3e%22%7D%7D%2C%7B%22id%22%3A%2255d946b24720014%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22494952%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22494952%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22494952%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2FKomando_Right_Rail_4%22%2C%22gpid%22%3A%22%2F15184186%2FKomando_Right_Rail_4%2FKomando_Right_Rail_4%22%2C%22tid%22%3A%22d20d64b4-930e-4f82-a2f4-611370e22682%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22fb8287ee-89c2-4473-ac96-c56b0bc39b37%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22214%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNN%22%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc138e05c08491f10c2e626e372ca18cf7171521afb63d6ad0e691c5ab84ad59

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MB9sUTANST8fgItGoFMV2qOtnB2rWjTsjZ74FIrWnWNc5mqUHx3gfx1r2lQmWElqzD%2BIrxJrJTXFrPSRYrI1NsEFuAlT3Iv5phkp%2F%2FoZRaYn9xxNILWpy%2FpwoOIqVCIbuw1d1Yk7"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.komando.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
795aea922e1edc19-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
hbjson
grid.bidswitch.net/ 		24 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.157.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-157-161.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1dab1bc4819817d0d15c36cdcaef6398942e08949af65b1d752cfd3c54c8e792

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.komando.com
date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
49
content-type
application/json
bid
ap.lijit.com/rtb/ 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.7
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
1af429d1f720a6ec97315cc1d279eadd708edf2176d07eb1fe131e84d3ce19ee

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 07 Feb 2023 08:57:08 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.komando.com
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
arj
freestar-d.openx.net/w/1.0/ 		73 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0f1f3217-e431-4ef7-b864-cf68950be833%2C8f8b2289-4d56-4396-a8f9-2a25b57ea227%2Ca76d6e04-0a78-450c-82a4-ccb814d13e3e%2Cd20d64b4-930e-4f82-a2f4-611370e22682&nocache=1675760228076&scsm=www.freestar.com%3A619%7C596&us_privacy=1YNN&pubcid=141b9cc1-127c-4cf8-9351-647754a4ad81&schain=1.0%2C1!freestar.com%2C214%2C1%2C%2C%2C&aus=728x90%7C300x600%2C160x600%2C300x250%7C300x600%2C160x600%2C300x250%7C300x600%2C160x600%2C300x250&divids=Komando_Leaderboard_1%2CKomando_Right_Rail_1%2CKomando_Right_Rail_3%2CKomando_Right_Rail_4&aucs=%252F15184186%252FKomando_Leaderboard_1%252FKomando_Leaderboard_1%2C%252F15184186%252FKomando_Right_Rail_1%252FKomando_Right_Rail_1%2C%252F15184186%252FKomando_Right_Rail_3%252FKomando_Right_Rail_3%2C%252F15184186%252FKomando_Right_Rail_4%252FKomando_Right_Rail_4&auid=539181725%2C539181725%2C539181725%2C539181725
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
2e11b75129198c452c9d69e05b4d17df9e9ab5add9efe74cd3dd0daaf7723184

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.komando.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		471 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5b08212d3240061542f898bd0cabc9976d8697bc20e3f5e69c037c32dc7d16cf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:08 GMT
AN-X-Request-Uuid
63b2b4eb-9dce-45b5-bef8-1b879e828cda
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.komando.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
471
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=730248&size_id=2%3B15%3B15%3B15&alt_size_ids=%3B9%2C10%3B9%2C10%3B9%2C10&us_privacy=1YNN&rp_schain=1.0,1!freestar.com,214,1,,,&ppuid=a6b8cf05-da66-48f2-b75c-223bb5bce891&rf=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F&tg_i.name=komando-com&tg_i.domain=komando.com&tg_i.cat=IAB19%2CIAB19-18%2CIAB19-10&tg_i.sectioncat=IAB19%2CIAB19-18%2CIAB19-10&tg_i.pagecat=IAB19%2CIAB19-18%2CIAB19-10&tg_i.page=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2FKomando_Leaderboard_1%2FKomando_Leaderboard_1%3B%2F15184186%2FKomando_Right_Rail_1%2FKomando_Right_Rail_1%3B%2F15184186%2FKomando_Right_Rail_3%2FKomando_Right_Rail_3%3B%2F15184186%2FKomando_Right_Rail_4%2FKomando_Right_Rail_4&tk_flint=pbjs_lite_v7.19.7&x_source.tid=0f1f3217-e431-4ef7-b864-cf68950be833%3B8f8b2289-4d56-4396-a8f9-2a25b57ea227%3Ba76d6e04-0a78-450c-82a4-ccb814d13e3e%3Bd20d64b4-930e-4f82-a2f4-611370e22682&l_pb_bid_id=859b6a14a1b4cf7%3B86b9961befde33b%3B876325e483b3f53%3B88888446a46fa91&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F15184186%2FKomando_Leaderboard_1%2FKomando_Leaderboard_1%3B%2F15184186%2FKomando_Right_Rail_1%2FKomando_Right_Rail_1%3B%2F15184186%2FKomando_Right_Rail_3%2FKomando_Right_Rail_3%3B%2F15184186%2FKomando_Right_Rail_4%2FKomando_Right_Rail_4&slots=4&rand=0.9521630670148085
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
44daba1a4c6206f6531594af260c46f227661224ca734193abaea24a55a7ba11

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.komando.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
c.pub.network/ 		36 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.38.0.2e4043c17e44abb1d7a86d7e8ef76d3b9a2955db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
c7f3fa7b9fe34cf96b38a78996e5b9c68e2249bc31009322b5a44eb2cf5a063d

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 07 Feb 2023 08:57:08 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.komando.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
country
api.btloader.com/ 		16 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:08 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=nPhI9cInv&w=5715376530784256&o=5714937848528896&cv=2.1.06-2-g014272c&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&sid=ltcC0V4T9n&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Feb 2023 08:57:08 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
starti
s-110.channelexco.com/ppx/ 		0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-110.channelexco.com/ppx/starti?sid=&domain=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F&se=43e712e6-cbf0-4f86-87d1-bee079a5d97e&pv=117.25&dd=www.komando.com&sa=shd&s=0.4&p=402802331&cb=1675760228176
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.58.133.68 Alameda, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
server
openresty
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
0c3b0286055996517f49d3dd51516f7a2743f928f6b28fc3ab988a0b57898266
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.komando.com
date
Tue, 07 Feb 2023 08:57:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		54 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::96f , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
b1e152b16ec07695cdf791ad3f8610079a488a893f40d8aadd857735cd12337f

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.komando.com
date
Tue, 7 Feb 2023 08:57:08 GMT
content-length
54
vary
Origin
content-type
application/json
e87bce7b-ce34-4bc1-ad6f-a7ee7222ef83
https://www.komando.com/ 		241 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.komando.com/e87bce7b-ce34-4bc1-ad6f-a7ee7222ef83
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e20794a189527e5c19437769821355dadc366a7d62c80d22d1c19d2fed617d1b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length
241
Content-Type
text/javascript
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:0:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:41:56 GMT
content-encoding
gzip
via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
913
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
muOA-bxa8A2vMnF54ck2bKzXeUp7BFC0u4ENmz-zAWVuRFIEvyHv8w==
cookie
cm.adform.net/ 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Di%26uid%3D%24UID
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:08 GMT
server
nginx
content-length
43
content-type
image/gif
1235.json
id5-sync.com/g/v2/ 		495 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1235.json
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
83f3a9a80ff900dcea8d48105f9715e5112703894d16f9cf7aa51537e5724336
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Feb 2023 08:57:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.komando.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
pixel;r=1177380200;labels=title.How%20to%20tell%20if%20your%20computer%20or%20phone%20has%20been%20hacked%2Cauthor.Kim%20Komando;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fwww.komando.com%2Ftech-tips...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1177380200;labels=title.How%20to%20tell%20if%20your%20computer%20or%20phone%20has%20been%20hacked%2Cauthor.Kim%20Komando;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA;uht=2;fpan=1;fpa=P0-307769808-1675760228224;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230203135208;cm=;gdpr=0;us_privacy=1YNN;ref=;d=komando.com;dst=0;et=1675760228384;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.How%20to%20tell%20if%20your%20computer%20or%20phone%20has%20been%20hacked%2Cdescription.Have%20you%20been%20hacked%3F%20How%20do%20you%20know%3F%20If%20your%20phone%20or%20computer%20is%20running%20slow%2Curl.https%3A%2F%2Fwww%252Ekomando%252Ecom%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-%2Csite_name.Komando%252Ecom%2Cimage.https%3A%2F%2Fwww%252Ekomando%252Ecom%2Fwp-content%2Fuploads%2F2018%2F04%2Fdreamstime_m_99198014-1%252Ejpg%2Cimage%3Awidth.1200%2Cimage%3Aheight.675%2Cimage%3Atype.image%2Fjpeg;ses=5e360e6d-3096-46b7-9c2a-c1721efd2f3c
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
explore-more.20230205-36-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20230205-36-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/komando/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4eda003a8a780036a8a7398a2f7d054031d96a1ad15bf0e39b9d43444f05770

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
UqBnpapIaAaQA.tzs7urtr0P.OUB0Xzb
content-encoding
gzip
via
1.1 varnish
date
Tue, 07 Feb 2023 08:57:08 GMT
x-amz-request-id
HB01CMG4Y39TKCRQ
age
33122
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6620
x-amz-id-2
FsSfQV4cgOHbi8xZLeFF2y3gvTDvEdQn2xvx2Cqru9e0i1Z0Cn4OGir7fAnjUwjVLhvn0Pdd+YY=
x-served-by
cache-lcy-eglc8600054-LCY
last-modified
Mon, 06 Feb 2023 23:45:07 GMT
server
AmazonS3
x-timer
S1675760228.428460,VS0,VE0
etag
"314756ab832eeb36a8ecc5fc59c60fca"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
10
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
14029
feed-card-placeholder.20230205-36-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230205-36-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/komando/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
20bc5aeac8cf27971ed187f82432fe9fd11049d30507f806991d20e7837a1be9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
OtX_L7lbSmm3vryQKcWyZSEMMvKQyYZ1
content-encoding
gzip
via
1.1 varnish
date
Tue, 07 Feb 2023 08:57:08 GMT
x-amz-request-id
S4SBKPFWV6D6W8S5
age
33120
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1263
x-amz-id-2
3k3M4UyD9m2eG/osdkWy78jC6r2lsspgIDzTRJXu1vIAi7edjfN+dejgtkzRoxvN48GSnOsGp14=
x-served-by
cache-lcy-eglc8600054-LCY
last-modified
Mon, 06 Feb 2023 23:45:09 GMT
server
AmazonS3
x-timer
S1675760228.428541,VS0,VE0
etag
"f9ebd216e9e12db53b55950b37ecdbb1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
10
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
28421
cta-component.20230205-36-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20230205-36-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/komando/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3a1353fae07a2c513496df414eeb64a24d3dda1c6564264c1af10b74346f3cc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
4nb5fXnPSdNhDXpplm_TzK82kTbiNvC5
content-encoding
gzip
via
1.1 varnish
date
Tue, 07 Feb 2023 08:57:08 GMT
x-amz-request-id
DV5MZERBKAVA60MP
age
33126
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4596
x-amz-id-2
w6IVnwwxtfTD6HkD+P8yBvNzvIebbHPWLTSzHK8tNwhxST4PoRcKW/o2H9kHWRLi0E/A3UCuYno=
x-served-by
cache-lcy-eglc8600054-LCY
last-modified
Mon, 06 Feb 2023 23:45:02 GMT
server
AmazonS3
x-timer
S1675760228.462996,VS0,VE0
etag
"d94d4ad8ebfabba3e9d14da2e633be95"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
10
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
24313
supply-feature
am-trc-events.taboola.com/komando/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/komando/log/3/supply-feature?route=AM:AM:V&tvi2=-2&lti=deflated&ri=c67e4591d63840bebce951a6339646c2&sd=v2_1f969a4aa51dbeca3348457553ef9d46_3a274185-f47e-46f3-b399-e7925773cdc6-tuctadb97e3_1675760227_1675760227_CNawjgYQ58o9GMer39jiMCABKAEwTTin8g1A44wQSOuN2ANQ____________AVgAYABoksa2rNiNlNfQAXAA&ui=3a274185-f47e-46f3-b399-e7925773cdc6-tuctadb97e3&pi=/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930&wi=471459607566342483&pt=text&vi=1675760227783&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=08%3A57%3A08.409&id=9496&llvl=2&cv=20230205-36-RELEASE&
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
social
am-trc-events.taboola.com/komando/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/komando/log/3/social?route=AM:AM:V&tvi2=-2&lti=deflated&ri=c67e4591d63840bebce951a6339646c2&sd=v2_1f969a4aa51dbeca3348457553ef9d46_3a274185-f47e-46f3-b399-e7925773cdc6-tuctadb97e3_1675760227_1675760227_CNawjgYQ58o9GMer39jiMCABKAEwTTin8g1A44wQSOuN2ANQ____________AVgAYABoksa2rNiNlNfQAXAA&ui=3a274185-f47e-46f3-b399-e7925773cdc6-tuctadb97e3&pi=/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930&wi=471459607566342483&pt=text&vi=1675760227783&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22How%20to%20tell%20if%20your%20computer%20or%20phone%20has%20been%20hacked%22%2C%22sec%22%3A%22tech-tips%22%2C%22aut%22%3A%5B%22Kim%20Komando%22%2C%22Komando.com%22%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.komando.com%2Fwp-content%2Fuploads%2F2018%2F04%2Fdreamstime_m_99198014-1.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=08%3A57%3A08.459&id=568&llvl=2&cv=20230205-36-RELEASE&
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
bulk-metrics
am-trc-events.taboola.com/komando/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/komando/log/3/bulk-metrics?tvi2=-2&route=AM%3AAM%3AV&lti=deflated&bulkSize=4
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230205-36-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.komando.com
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/komando/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/komando/log/3/abtests?route=AM:AM:V&tvi2=-2&lti=deflated&ri=c67e4591d63840bebce951a6339646c2&sd=v2_1f969a4aa51dbeca3348457553ef9d46_3a274185-f47e-46f3-b399-e7925773cdc6-tuctadb97e3_1675760227_1675760227_CNawjgYQ58o9GMer39jiMCABKAEwTTin8g1A44wQSOuN2ANQ____________AVgAYABoksa2rNiNlNfQAXAA&ui=3a274185-f47e-46f3-b399-e7925773cdc6-tuctadb97e3&pi=/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930&wi=471459607566342483&pt=text&vi=1675760227783&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1675760228503%7D&tim=08%3A57%3A08.503&id=7342&llvl=2&cv=20230205-36-RELEASE&
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
isync
visitor.omnitagjs.com/visitor/ Frame B0D8 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
76584444620716c18a6dce43ba175dc06f6e4547872fb11674b973ed1f89f3ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1626
content-type
text/html; charset=UTF-8
date
Tue, 07 Feb 2023 08:57:08 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-fra02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
bulk-metrics
am-trc-events.taboola.com/komando/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/komando/log/3/bulk-metrics?tvi2=-2&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230205-36-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.komando.com
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
hls.min.js
cdn.ex.co/player/hls/ 		247 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/player/hls/hls.min.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.92.63 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-92-63.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:09 GMT
content-encoding
gzip
content-length
72020
last-modified
Wed, 08 Jun 2022 07:43:05 GMT
server
AmazonS3
etag
"e09058f03d6f30d32f677a963cc1572b"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 14 Feb 2023 08:57:09 GMT
usync.html
eus.rubiconproject.com/ Frame 8B34
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Tue, 07 Feb 2023 08:57:08 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 07 Feb 2023 08:57:08 GMT
location
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
server
AkamaiGHost
usermatch
ssum-sec.casalemedia.com/ Frame 04EC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3D&s=190719&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3D&s=190719&C=1
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
715e2bb869d945c8c56577da9be3ea901886409d3adab2070d9d299c90b729b8

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
795aea972be975dd-LHR
content-encoding
br
content-type
text/html
date
Tue, 07 Feb 2023 08:57:09 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2Fep8eP0lg6ADXt%2FcRaeJhU8rIvpVpewUvNRO%2FU8p%2Fo1QtXdl%2F63qUn%2FiLRktBMBBH6G7qK3AiN4KRYwUnslLrpkdMtcGHYQ0oX0jsDpkDOI5qe9IXzp8nSmx0k70kBI4WRKbgvV6ZIPNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
795aea956a3075dd-LHR
content-length
0
date
Tue, 07 Feb 2023 08:57:08 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3D&s=190719&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEa590lRpxHYFFAqnVaY3GnWR4OgInLFq6MMfZCge8Dbbw%2FmGicuUNY%2BV7hCwDes2TTaMtwI7rAYUHMBLof49kt4Br%2BWbGMcxCFV%2F5NYqn2tsaiHVUu1RLe%2FugEo%2BpRai2UfWONNtSf7Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sync
ssbsync.smartadserver.com/api/ Frame CD70 		0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=35
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
0
date
Tue, 07 Feb 2023 08:57:08 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8514 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D17163%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3DPM_UID
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56471
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 07 Feb 2023 08:57:08 GMT
expires
Wed, 08 Feb 2023 00:38:19 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		367 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96653b9b6b919a16dcfce983c42fa78193d2b2e5cec34cceb23a02572c994485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125826
x-xss-protection
0
expires
Tue, 07 Feb 2023 08:57:08 GMT
sync
odr.mookie1.com/t/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=exco&user_id=de516f26-165d-4881-9cfe-b5cfc903fcdb
  • https://x.bidswitch.net/ul_cb/sync?ssp=exco&user_id=de516f26-165d-4881-9cfe-b5cfc903fcdb
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=be201fa6-bcd1-480d-a189-43032ee69875&ssp=exco&gdpr=&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=be201fa6-bcd1-480d-a189-43032ee69875&ssp=exco&gdpr=&gdpr_consent=
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=be201fa6-bcd1-480d-a189-43032ee69875&ssp=exco&gdpr=&gdpr_consent=
date
Tue, 07 Feb 2023 08:57:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cm
u.openx.net/w/1.0/ 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/cm?id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D13005%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3D
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
cookie_sync
rtb.channelexco.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D15611%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3D$UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D15611%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcd...
  • https://rtb.channelexco.com/cookie_sync?bid=15611&srv=channelexco.com&cuid=de516f26-165d-4881-9cfe-b5cfc903fcdb&uid=2272446932012285602134
0
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.channelexco.com/cookie_sync?bid=15611&srv=channelexco.com&cuid=de516f26-165d-4881-9cfe-b5cfc903fcdb&uid=2272446932012285602134
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Server
209.58.133.68 Alameda, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
openresty
vary
Origin
expires
0

Redirect headers

location
https://rtb.channelexco.com/cookie_sync?bid=15611&srv=channelexco.com&cuid=de516f26-165d-4881-9cfe-b5cfc903fcdb&uid=2272446932012285602134
date
Tue, 07 Feb 2023 08:57:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cookie_sync
rtb.channelexco.com/
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D8197%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3D%24UID
  • https://rtb.channelexco.com/cookie_sync?bid=8197&srv=channelexco.com&cuid=de516f26-165d-4881-9cfe-b5cfc903fcdb&uid=GHa5pBZH2hb0a5YeRua0chUU
0
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.channelexco.com/cookie_sync?bid=8197&srv=channelexco.com&cuid=de516f26-165d-4881-9cfe-b5cfc903fcdb&uid=GHa5pBZH2hb0a5YeRua0chUU
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Server
209.58.133.68 Alameda, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
openresty
vary
Origin
expires
0

Redirect headers

Date
Tue, 07 Feb 2023 08:57:08 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://rtb.channelexco.com/cookie_sync?bid=8197&srv=channelexco.com&cuid=de516f26-165d-4881-9cfe-b5cfc903fcdb&uid=GHa5pBZH2hb0a5YeRua0chUU
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
events
prd-collector-anon.ex.co/main/ 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.174.12 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-174-12.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.komando.com
date
Tue, 07 Feb 2023 08:57:08 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.jpg
mcd.ex.co/video/upload/so_4/v1490095101/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcd.ex.co/video/upload/so_4/v1490095101/landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.jpg
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.92.63 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-92-63.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
1b540981e497f507aa3d4a4e4707603bd3cc4a5fc80ba67078ccfece3e9f0f10

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 08:57:09 GMT
Cache-Tag
231147416428314524124108814617397708134,500985839247587350039760902055362878337,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
34286
X-Served-By
cache-iad-kiad7000125-IAD
Last-Modified
Tue, 07 Feb 2023 00:13:03 GMT
Server
cloudinary
X-Timer
S1675733403.396140,VS0,VE4
ETag
"848cfd0f14aef15f863914ed8f388dad"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31530744
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
spa-detector.20230205-36-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20230205-36-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/komando/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01ad2b1c819f5d3a865547cae1288e6f30d9de9e078999caa2f9d077f61c0e45

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
ZiL5ANbXSX7UVif0Y85_nslFHJ8rZg77
content-encoding
gzip
via
1.1 varnish
date
Tue, 07 Feb 2023 08:57:08 GMT
x-amz-request-id
H4TRH8J0DRY4QCMP
age
33105
x-cache
HIT
x-amz-replication-status
PENDING
content-length
810
x-amz-id-2
PTZozHcuu4kEnd4V8cLYFfBHSMtdvrH/12A1cw2BhGp3nT91dSt+exgVQTsYaJWgUm7xrno49CM=
x-served-by
cache-lcy-eglc8600054-LCY
last-modified
Mon, 06 Feb 2023 23:45:24 GMT
server
AmazonS3
x-timer
S1675760229.688885,VS0,VE0
etag
"715794ba1dae537bd2023aafe5d9e14b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
10
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
14329
supply-feature
am-trc-events.taboola.com/komando/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/komando/log/3/supply-feature?route=AM:AM:V&tvi2=-2&lti=deflated&ri=c67e4591d63840bebce951a6339646c2&sd=v2_1f969a4aa51dbeca3348457553ef9d46_3a274185-f47e-46f3-b399-e7925773cdc6-tuctadb97e3_1675760227_1675760227_CNawjgYQ58o9GMer39jiMCABKAEwTTin8g1A44wQSOuN2ANQ____________AVgAYABoksa2rNiNlNfQAXAA&ui=3a274185-f47e-46f3-b399-e7925773cdc6-tuctadb97e3&pi=/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930&wi=471459607566342483&pt=text&vi=1675760227783&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=08%3A57%3A08.660&id=1458&llvl=2&cv=20230205-36-RELEASE&
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/komando/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/komando/log/3/abtests?route=AM:AM:V&tvi2=-2&lti=deflated&ri=c67e4591d63840bebce951a6339646c2&sd=v2_1f969a4aa51dbeca3348457553ef9d46_3a274185-f47e-46f3-b399-e7925773cdc6-tuctadb97e3_1675760227_1675760227_CNawjgYQ58o9GMer39jiMCABKAEwTTin8g1A44wQSOuN2ANQ____________AVgAYABoksa2rNiNlNfQAXAA&ui=3a274185-f47e-46f3-b399-e7925773cdc6-tuctadb97e3&pi=/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930&wi=471459607566342483&pt=text&vi=1675760227783&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1675760228661%7D&tim=08%3A57%3A08.662&id=4757&llvl=2&cv=20230205-36-RELEASE&
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/komando/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/komando/log/3/supply-feature?route=AM:AM:V&tvi2=-2&lti=deflated&ri=c67e4591d63840bebce951a6339646c2&sd=v2_1f969a4aa51dbeca3348457553ef9d46_3a274185-f47e-46f3-b399-e7925773cdc6-tuctadb97e3_1675760227_1675760227_CNawjgYQ58o9GMer39jiMCABKAEwTTin8g1A44wQSOuN2ANQ____________AVgAYABoksa2rNiNlNfQAXAA&ui=3a274185-f47e-46f3-b399-e7925773cdc6-tuctadb97e3&pi=/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930&wi=471459607566342483&pt=text&vi=1675760227783&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=08%3A57%3A08.664&id=5187&llvl=2&cv=20230205-36-RELEASE&
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/komando/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/komando/log/3/abtests?route=AM:AM:V&tvi2=-2&lti=deflated&ri=c67e4591d63840bebce951a6339646c2&sd=v2_1f969a4aa51dbeca3348457553ef9d46_3a274185-f47e-46f3-b399-e7925773cdc6-tuctadb97e3_1675760227_1675760227_CNawjgYQ58o9GMer39jiMCABKAEwTTin8g1A44wQSOuN2ANQ____________AVgAYABoksa2rNiNlNfQAXAA&ui=3a274185-f47e-46f3-b399-e7925773cdc6-tuctadb97e3&pi=/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930&wi=471459607566342483&pt=text&vi=1675760227783&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1675760228674%7D&tim=08%3A57%3A08.674&id=2814&llvl=2&cv=20230205-36-RELEASE&
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
pb-7.2.21.js
cdn.ex.co/player/prebid/ Frame 989D 		527 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/player/prebid/pb-7.2.21.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.92.63 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-92-63.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
06d9133258a9ce442b3dbb7910b0668b1c15aac629ff6cafe7560c24bf80e4af

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:09 GMT
content-encoding
gzip
content-length
163842
last-modified
Tue, 03 Jan 2023 13:44:00 GMT
server
AmazonS3
etag
"9fd557f81fed39dd606953168420b9ff"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 14 Feb 2023 08:57:09 GMT
rtb_vast_proxy
p.channelexco.com/ 		60 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=XXtIc18iRlY2PShKIlM9ZUR-7IQApTFW9pSJGtra6aB3MJlaaEqd1m9hzm_aDFvK5e14LGUVN7RM8aBRBCENCzsl6AX_zcnE6pN27Ib1OcHqeyMN2JnT1RGWFGG__XpCt3O4m1hqzC3SZHv3I51byviKSan5ETjhDFn8Dg5_y6bNVvIIOD0DDXZoxdOfTSH0ydb4D0hmkiI3Eb5Ijwh-8UQSbEfh8O2FHnTGOcIm_MhKf6W-fK5FFfqDF3PWlLJswTbrUlY_8znPkesVQgcPte_fcKukUTeAQmQvOKQZ2DpQenhjCEKwsTJmVvECn1JsJuR4V1JIXTnwJ3EbIFS58TPUhuk042PZMKZPWgzYXxRsyTEEkRvec6OmEmJ6BJXEBkL-oJDIuCg-3GPqXQptp_k8F_702XTi32taUN_-ixkKo0L2_WlKucr63zpCJOHDW-eBFmsD-PkG0FbnGnk3YGNeEZ2J-kgWS5_89SnwUs2WK8ZxZoi1vY8xYgHvbN-YGZY9IKVuZM2nw520hPGToyiTeL4YsmcJRIQv1quvC72vJhJW24RjLn8yIsPx1_-U3E-BtXbr_upLuDg0Pm4txkSIHAT3Gmhi8slgc-GFF9b8_2IWnwKk2p-idNwoJdxaBKGqemJlXvKD3KsAChBUjQ-d1V8tBl6v5mEJrMlV_nufVke4kzY2rNrPZZBOGOhXai0wZOuZA0onnL6SkQaIQ0cU_Q2k7gVunb1I24Wdo535Bl8sQk9Hg4wz6kr9y7gppBG5LDsKZaq1nWymx2x9kbQMT9ZH66KyZg1narMvaxM2JWp9EBLCL4uRYKSmEsbTWjHk-bH5-RiPi7pANsQTOTTraUnpJIjXYOtKSDCOoU5wCpBZBeF326fzrB0H6EqFDk_ufNaeifWhcaIMUzc3lE8wECMDiyFwj3dSM43yjTZizi38x041ZsTXV--mGKVohA0MdKZXGpRhRks6l8chaPTxgqqIxEaHJLXzDiqOCcaFn4o_tgIW6zmZnTUl3Naq7Iuplygfmivn0Yokf8VQbyOAnG9EDHwsTuVesRgUmzZ4XKCP6mZBrePwbXN_4upI6Bd9iwqI7EP9GarcC5KqAT-DydHA8laStGbDRaYbKrWVKTqeEdnkFw6iW8nsjv14tc3_nqydf4VzaK__NFXNk5MHeVmRDYcE6i92Tn7K1BcB13etbCQoJtVjzKsvaUnD57wDh1Fff6zEnkGdRL9FrpYFd6lJV3Uf4tZ_V3lzliAhgeJJeBGN_93iCjQjzj4SgH4fu5Nlv-_keIceZAlmasBM41zMA6Rg8XOCrp_f1o6Xv-GM9DQydJNNfm14mAuGT8VIXjS4E4qXnkmtO5dLa0GZd06sXAwIjLrevsZLlG8QV9GfQVgsBnf3cp7zIxG0VhWgRzcA5Aw2kWNMt3y05m3QqYyJwjoZo0-zxVOM4-UFvgs7bew3TEJD4XUSaRliPjFBXA1SCP05zGuO7NZnvWf1fSYSa61cAIkmg02IOO92bekIu33LSE4ECJD9X2uz4xShYHLrLOYKvqU0RP7MRBAOLMb7QlgZRB_WsiJXtvkKTlMTIUHbKQXZf1IdStCFelLyfuE0gIUe1u2ptewQZf46-bZmrshJ0NkxYOiftrotzPT6RN7-rAxDEa7IYXCJZgA0xmEPzQ47Ww-enfAA0VJnTkYuVHEqhZItKDhVgU8mesMDHgUFEhD5FkYJQMqBqVXYLFNnNOpDqXu_ZyNw1dB6TZ-f_l5moGJ-vYC2gF1tzPlg_9CPpgBQavq0q1xCP-ulVRAqjY7528SwZI18AeeJjFZHbD52egrTK14vF9kFbZwW6uHuC9ilanmdmZ9lxXnCPNZ1oRomG6CQjcNSWrhSZgi_xA2hxxbAEoWTm1Do2Kn5KOw1wrND0i1aHt23eNzeozsgZoPiaFaT8z4w3pqGPsTytAzUR_ge20w9NfaZVtQYfF-Y_a-Fwy-ddH4JhDeei0RTisVMg8o1MSwEAOFnQF0qmIgbDfX3GVTEncuPq8s1zZvsJBjsgObhUnBpAdmLF3GVdQyhQ4PDWY6MSmNBluDWWd6uvoGTSJcDx9dXEgN9U_aUo2-uLohaVEi9F4GovKVaYKTvOed1QlsWScAe3BeDs9v_TDkwGsX_OE1eBrlqxVn5oxHg5SPilmg6YngaEXeMYpmNOgN6sA7-Bp0tvelZlky3gAm7AfLzYv-ljbeAJ7pCv4VPOCWcx70DVJ8wInHPO8ZNsmzBHe67bqxOBJii7DnIx8xCYd3mygldjQDDuzLO-TcnMLPXtudFoBxRcrXtwuR_c-IlVaEW6HhT2_gTANhrCyXrc1jRSI9wT9qLLJKgWugmeT7H-77HsLD-hHWT17MGGq70L2FhrNsp8fkrZRW221H04YZnKPFP5XJmpNMspia0jRpA6D-EIDXgm0d5SPDPQmouV_LuRVH-VPX_tKh45M871KfYlQkDnnU0ldbyTBLMZd8c_h6WLu6qcmkz2TkKI2mMoSpwwVrA4WhR_izvg7Sk5ak8lPkdRxGp_kR3Ge3j0g7vyH5k8YKqIYpstEy93UgFc85NfKdS44EWPaNKqYhyzjTPBBGFuYUvU7ED-_0wC-sag6JeY4hDc3PZ8UTNkLqgmRgFtqsZaNEuBt7b1zeWEE3IDf1yDbeK_qa4DAV-J9FLeURasFgw-yQwhU-yOuG96X2N_rJ460gLYCDfa6gy9Y_p353xiOuBe2JDO2FWscHFv0oRCb29uHqMxg7Hd9mvDlfH2RGeOlsxZfTOH2Lc3qp_xzQFnHxsnRKt17tP6vS-OuPHR_2FlwwvwOt1KTm7QjWUL_e27DrV7wPpMZa-nFoZmaI2OEcZQMyJXSPettOOqsMsMhfolUnrn7w2tvgcLFqmNHFrW-e1miEAXPV4fxgLBBj2Hmi8sGL2zOzKRHgOhhcJ5MWWXlw_HNDFGHffBx_OKQxlpZI4hNguE61I3Nvuws3xZaUBj-5CCzHPBIzSL37YA6uAa4L8tUSJF3BlzJenA4riK6BQZa-dbMucEp_tAhcvObGdTphma2IihFO_UqU3OCbF_PDnibqS2XTLPr0IP9KaInzdGdwSXbbvzUi_YeMk0n7UGCEAexIRSN7vlBMrVprEFcAsM7MkAOeqGAUv0KF9E7WkCnjB6ZkF6iYUvlyJ2J6mMLWR3tNUi4oOpMku5iJkMqWYBHTyQjwKmqmRzQ~~&ap_size=3224&nfcpm=2.5&gdpr=0&us_privacy=1YNN&eids=W3sic291cmNlIjoiaWQ1LXN5bmMuY29tIiwidWlkcyI6W3siYXR5cGUiOjEsImlkIjoiSUQ1KloxSnR2Y0h1cXFUOFJMZDNXTEFLcXFBSTZzOFE5NUVUWkNXdmhZOTNnVFE0YnU5VzRLRVNtZmNCemtPcWR1ZTUiLCJleHQiOnsibGlua1R5cGUiOjAsImFiVGVzdGluZ0NvbnRyb2xHcm91cCI6ZmFsc2V9fV19XQ==
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.58.133.68 Alameda, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.komando.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
Kim_Komando_Logo.jpg
mma.prnewswire.com/media/1537860/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.prnewswire.com/media/1537860/Kim_Komando_Logo.jpg?p=facebook
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:13d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
210ce64dea6568972b870366f9ecea92e697af18bf92cd92bf306ee6dcbcda61

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:09 GMT
cf-cache-status
HIT
age
29379
x-powered-by
ASP.NET
server-timing
intid;desc=801f7c7c60ba775f
content-length
16920
cf-bgj
h2pri
last-modified
Tue, 07 Feb 2023 00:42:26 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
795aea97289bdd5c-LHR
access-control-allow-headers
Content-Type
expires
Tue, 07 Feb 2023 00:42:27 GMT
bulk-metrics
am-trc-events.taboola.com/komando/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/komando/log/3/bulk-metrics?tvi2=-2&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230205-36-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.komando.com
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
setuid
s2s.t13.io/ Frame B0D8 		0
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=adyoulike&gdpr=&gdpr_consent=&us_privacy=1YNN&f=b&uid=10423f93e6ccecbae2bf7d8b2c0f6526
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame B0D8
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb2...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fname%253DXandr%252B%2525E2%252580%252593%252BInvest%252BDSP%252B-%252BBanner%2526ttl%2...
  • https://visitor.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=827309512431448119&gdpr=0&gdpr_consent=
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=827309512431448119
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=827309512431448119
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=827309512431448119
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
148
content-length
0
expires
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame B0D8
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fname%253DXandr%252B%2525E2%252580%252593%252BInvest%252BDSP%2526ttl%253D720%2526uid%25...
  • https://visitor.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=827309512431448119&gdpr=0&gdpr_consent=
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=827309512431448119
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=827309512431448119
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=827309512431448119
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
74
content-length
0
expires
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame B0D8
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adyoulike
  • https://creativecdn.com/cm-notify?pi=adyoulike&tc=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=grcaNIDtjzV7lYLAp5sK&name=RTB_HOUSE&pi=adyoulike&tc=1
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=RTB_HOUSE&pi=adyoulike&tc=1&uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=grcaNIDtjzV7lYLAp5sK
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=RTB_HOUSE&pi=adyoulike&tc=1&uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=grcaNIDtjzV7lYLAp5sK
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=RTB_HOUSE&pi=adyoulike&tc=1&uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=grcaNIDtjzV7lYLAp5sK
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
99
content-length
0
expires
0
ayl_pixel
api-2-0.spot.im/pixels/ Frame B0D8 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-2-0.spot.im/pixels/ayl_pixel?ayl_id=10423f93e6ccecbae2bf7d8b2c0f6526
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-14.vie50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:09 GMT
via
1.1 19d23243200e63f987eb95cd84ad557c.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
x-amz-cf-id
txMm1u4m-c4Q-ATTlHg_QFvH4r2Y5EX1nKvGNhgQNIj44d02LByrCg==
x-cache
Miss from cloudfront
sync
odr.mookie1.com/t/v2/ Frame B0D8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=be201fa6-bcd1-480d-a189-43032ee69875&ssp=adyoulike&gdpr=0&gdpr_consent=
43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=be201fa6-bcd1-480d-a189-43032ee69875&ssp=adyoulike&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=be201fa6-bcd1-480d-a189-43032ee69875&ssp=adyoulike&gdpr=0&gdpr_consent=
date
Tue, 07 Feb 2023 08:57:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame B0D8
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/aul
  • https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AATRo07HxCUAAB-hrsYcNA&name=BEESWAX
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=BEESWAX&uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AATRo07HxCUAAB-hrsYcNA
49 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=BEESWAX&uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AATRo07HxCUAAB-hrsYcNA
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
6
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=BEESWAX&uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AATRo07HxCUAAB-hrsYcNA
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
0
expires
0
sync
vid.vidoomy.com/ Frame B0D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D8fbd69cc083d6399099e25c303aa5e32%26visitor%3D%7B%7BVID%7D%7D%26name%3DVIDOOMY&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:f400::4 Zagreb, Croatia, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ Frame B0D8 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
visitor.omnitagjs.com/visitor/ Frame B0D8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3D__ZUI...
  • https://visitor.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=&gdpr=0
49 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=&gdpr=0
Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
162
Content-Type
text/html; charset=utf-8
sync
visitor-usa02.omnitagjs.com/visitor/ Frame B0D8
Redirect Chain
  • https://sync.e-volution.ai/4460e88f3323cf4d9f4263656a846075.gif?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dfcd0c0bfff5af32579cdcdb6ff804bf8%26visitor%3D%5BUID%5D%26name%3Dev...
  • https://visitor.omnitagjs.com/visitor/sync?uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=6bf25c91-c93c-444c-bcec-1fd1167e778f&name=evolution
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=evolution&uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=6bf25c91-c93c-444c-bcec-1fd1167e778f
49 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=evolution&uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=6bf25c91-c93c-444c-bcec-1fd1167e778f
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=evolution&uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=6bf25c91-c93c-444c-bcec-1fd1167e778f
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
0
expires
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame B0D8
Redirect Chain
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdp...
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=94284fc5-c28b-4351-a79f-0ed55f8db690%20&gdpr_consent=null&gdpr=0
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=null&name=LOOPME&uid=68c72dd412a8d0f3f6d2276db2509939&visitor=94284fc5-c28b-4351-a79f-0ed55f8db690+
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=null&name=LOOPME&uid=68c72dd412a8d0f3f6d2276db2509939&visitor=94284fc5-c28b-4351-a79f-0ed55f8db690+
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=null&name=LOOPME&uid=68c72dd412a8d0f3f6d2276db2509939&visitor=94284fc5-c28b-4351-a79f-0ed55f8db690+
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
20
content-length
0
expires
0
sync
visitor.omnitagjs.com/visitor/ Frame B0D8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D_...
  • https://visitor.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=&gdpr=0
49 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=&gdpr=0
Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
166
Content-Type
text/html; charset=utf-8
sync
visitor-usa02.omnitagjs.com/visitor/ Frame B0D8
Redirect Chain
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user_id%7D...
  • https://visitor.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=08b42204020ea2dc9467ac4c&gdpr=0&gdprConsent=
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdprConsent=&name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=08b42204020ea2dc9467ac4c
49 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdprConsent=&name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=08b42204020ea2dc9467ac4c
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdprConsent=&name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=08b42204020ea2dc9467ac4c
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
7
content-length
0
expires
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame B0D8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-f8f4f902-6f7f-40b8-78b4-7c108d0a17dc$ip$5.187.21.102&name=STACKADAPT
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=STACKADAPT&uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-f8f4f902-6f7f-40b8-78b4-7c108d0a17dc%24ip%245.187.21.102
49 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=STACKADAPT&uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-f8f4f902-6f7f-40b8-78b4-7c108d0a17dc%24ip%245.187.21.102
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=STACKADAPT&uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-f8f4f902-6f7f-40b8-78b4-7c108d0a17dc%24ip%245.187.21.102
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
345
content-length
0
expires
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame B0D8
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3538&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=7ab967d40b91570ff51c4cdaa51fe5d6&name=FREEWHEEL&visitor=b439fbe8f6f2d3a5ff975beeb8cff842&gdpr_consent=&gdpr=0
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&name=FREEWHEEL&uid=7ab967d40b91570ff51c4cdaa51fe5d6&visitor=b439fbe8f6f2d3a5ff975beeb8cff842
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&name=FREEWHEEL&uid=7ab967d40b91570ff51c4cdaa51fe5d6&visitor=b439fbe8f6f2d3a5ff975beeb8cff842
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&name=FREEWHEEL&uid=7ab967d40b91570ff51c4cdaa51fe5d6&visitor=b439fbe8f6f2d3a5ff975beeb8cff842
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
104
content-length
0
expires
0
sync
visitor.omnitagjs.com/visitor/ Frame B0D8
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D171e1b3d878c5443361586e41274318e%26name%3DADMIXER%...
  • https://visitor.omnitagjs.com/visitor/sync?uid=171e1b3d878c5443361586e41274318e&name=ADMIXER&visitor=f31693b3f1b54cb1aaa8e3cfa6e14099
49 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=171e1b3d878c5443361586e41274318e&name=ADMIXER&visitor=f31693b3f1b54cb1aaa8e3cfa6e14099
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

Date
Tue, 07 Feb 2023 08:57:09 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://visitor.omnitagjs.com/visitor/sync?uid=171e1b3d878c5443361586e41274318e&name=ADMIXER&visitor=f31693b3f1b54cb1aaa8e3cfa6e14099
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
4b8f8957881b0c14cfc1656ea578b9f9.gif
cs.admanmedia.com/ Frame B0D8 		0
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/4b8f8957881b0c14cfc1656ea578b9f9.gif?&redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dac67699ebc4111389a3cf1998c4bd2dc%26name%3DACUITY%26visitor%3D%5BUID%5D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 08:57:09 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
sync
visitor-usa02.omnitagjs.com/visitor/ Frame B0D8
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEEN...
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEEN...
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=860cce07-f64e-5226-9781-b95ff463ab3a&name=BETWEENX
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=BETWEENX&uid=bf39a6af2a15b80f82f7ff725f351919&visitor=860cce07-f64e-5226-9781-b95ff463ab3a
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=BETWEENX&uid=bf39a6af2a15b80f82f7ff725f351919&visitor=860cce07-f64e-5226-9781-b95ff463ab3a
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=BETWEENX&uid=bf39a6af2a15b80f82f7ff725f351919&visitor=860cce07-f64e-5226-9781-b95ff463ab3a
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
24
content-length
0
expires
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame B0D8
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbe453ed4b5ea70e69a4b241eeebc9b6f%26name%3DEMX%26visitor%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbe453ed4b5ea70e69a4b241eeebc9b6f%26name%3DEMX%26visitor%3...
  • https://cs.emxdgt.com/umcheck?apnxid=827309512431448119&redirect=https://visitor.omnitagjs.com/visitor/sync?uid=be453ed4b5ea70e69a4b241eeebc9b6f&name=EMX&visitor=$EMXUID&b64_redirect=aHR0cHM6Ly92aX...
  • https://visitor.omnitagjs.com/visitor/sync?uid=be453ed4b5ea70e69a4b241eeebc9b6f&name=EMX&visitor=827309512431448119brt57491675760229932974f1
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=EMX&uid=be453ed4b5ea70e69a4b241eeebc9b6f&visitor=827309512431448119brt57491675760229932974f1
49 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=EMX&uid=be453ed4b5ea70e69a4b241eeebc9b6f&visitor=827309512431448119brt57491675760229932974f1
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:11 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=EMX&uid=be453ed4b5ea70e69a4b241eeebc9b6f&visitor=827309512431448119brt57491675760229932974f1
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
152
content-length
0
expires
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame B0D8
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D4b30a0b1f289a261ab592e1e53c126eb%26name%3DSOVRN%26visitor%3D%24UID&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=4b30a0b1f289a261ab592e1e53c126eb&name=SOVRN&visitor=GHa5pBZH2hb0a5YeRua0chUU
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=SOVRN&uid=4b30a0b1f289a261ab592e1e53c126eb&visitor=GHa5pBZH2hb0a5YeRua0chUU
49 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=SOVRN&uid=4b30a0b1f289a261ab592e1e53c126eb&visitor=GHa5pBZH2hb0a5YeRua0chUU
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=SOVRN&uid=4b30a0b1f289a261ab592e1e53c126eb&visitor=GHa5pBZH2hb0a5YeRua0chUU
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
54
content-length
0
expires
0
711333.gif
id.rlcdn.com/ Frame B0D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
cookiesync
bttrack.com/pixel/ Frame B0D8 		35 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.46.bidtellect.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-servername
Track001-iad
pragma
no-cache
date
Tue, 07 Feb 2023 08:56:33 GMT
strict-transport-security
max-age=31536000;
content-type
image/gif
cache-control
private,no-cache
content-length
35
expires
-1
rtb_vast_proxy
p.channelexco.com/ 		60 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=I102LT5SQUleRGtcMjM9bcvm6xXW0dgLyMEbAFVY0HrisPTqCFaY0TJqW_enyqFvl2Em_ZKmYK9SapddNFamtvyjHzKUgv2PZIxOtzXYvdLpkCyKbCZGkeQq4QF92sXVbtsbfZekKu4Ec5z1xOy0uHTXAdthqvqqk4YaUicHVvRLAtoMeEMekL42UQTHRcIfz8kgA8dbxPnolRgtA9KiXS8YUaMGqtnnfMcAgZlPfsaeVjaBIsgrqyv2sz4203zA73a86LTPc9nni2B8_Wg3xRN8YYV70LYsuTUA4tiUP5doUMIHiwlM64Ukg1U5vkvbBd9yAsB78bZmdujYweKzUTbV6atFiZ5h22QApVRa6RGFhnIKEffrVUlBxrjMhL3K3aHP16Ep0UX-vOplBfB11cpZtTc0IJeaL_LUwSdRFe-2dVzFQGlc78ngOYP0UR4cHIIg3GeCm1iQyQNwcHTralq-nX3rnd7r9kwJqfgx8DFBzZC27-cvmf69xIg4NVYvXzevWW3Vr6LXxIlr35c-PEB3S7DGy3F4IOjsaEDVuJ5UPa83CvwctBWyGKixfnLoykfWjnS332CmsxmN8AtW8ddSs6UqugCURu8uqwk8jGoRKaPDj6-Y8KRhwKSo3jFBwL_CgegpHtZmNrMRZca5mHkto1J5ZIbqsQFQ0oC2ne6W4InAJItQ_EtokmjSCHaVhYVFRUjeaPaTycbica7ZNYu3ricqOKDTP_OThfppMbTeUqm_ewFA81AFULLkkF3YD4b7QA0SeVyrux_PbBoEwG9XhHCSz-pe3PNLQ7UNOZmeizK_2EvlbwD4W3NcCuY10yvWh5de7hS8eeLYLScqB_NKvJGPD7j2TDaiHTQXNtQvCgETbTggZ6OF0tOxS0GZaIWXdcVpw3f7jIto9ZFxSvKA4AHU9lZMEGs78GKNpT_PhcQyIKUNyCmh2OtWdUmGVT8aSSlYBhBH6wiP7xzfEqTK7wtVg6FKo0T0xXwRz__k6X-5zjs5Ky4Ifodbqp-jh8O7xxe8aiQWlyUTS55czbRSd1ZJyrD7x5i5g0sBi9ZAIf4cVV3LpFiTvjkgXr1Q6L43KkMaFTr6aqoxyKNeskkZdoBSl7r9ERVHFIWF8bGRCAKRcVzkcmagsHnbgimKbSToCVoOiawVzhiV_JbVr3V7cPdfz2bk_jmTSTrIoG3ggVFZfZ3pZxhtHiM9M3KWoPoThuG_bVwbVadL5OUxhyIwc4NrBpjGoI3tMDDhjpiaXGUYd4mhu-_rM-YmtwLUwJak4rxcncWX1IOzdLF56xoyLANRN5DMVpkDBzdRk7H1HgvBiKyPh6227iN_BB5HCTUGxjUEqtqzkCLATtlZdO3AfL4HrabAQKvFRb7mq8WP1HTX-gyrdfyskKencnF6nZaRRb_MHWvlnhOY694d8p6NSf_8n0YwDPz6pyzJ4Fal4qvThMtcDyd3_e5g6xxEHDFrgEXVRVTouHY8Tu1TI2s8orHUHF9VVYQ5t-5AH8JAoFCci7F5A79ECmYBtjHyEg6I-Ol5PAnGheCJyvsdXSLl3ruxNpbXHQ5em2xJryZRGQzdwXS8JGNKlanTrNet13l2X7FxdBNC4xd3flstTgnQWlPf0wmN8-LrPKT6LDd2hiXJsffapvDumlQ_voUj9ANXRYuFFjXVlNk1JstCY916ZQoglFj2HDpSGr4ANPlPlvEk4OxErbHO1EpjSHHs1VoEw4K-clUHARElqNtwmVSojJ99YNOwnIDf6cPNOJOyHfa1XeftxBrE5hV4J7O9qxcuei7xJQHN0QqDHZ_VjPasgBBk01Mgkwvvd2Zt0HlipWJlwoR7TxCOJWwSRaF8LIG86dKeg2l-RzWdQljI2tsmQUXpJ2jFJ63jaIFKKvbey-ueEH92IpEuhmns-7Ys_eapRIjUbD_DF-UYuOBklM-zY0-V9o3zjE_QUthlczn-UNxLTYXWir35YTNaNAtF1NRA71EhxFMtQgXN6lmacOdcjDH7eQTMogaWsjEhlv_aSE5S-atBipuZSsvGKVWLI3mkm_NrBrMl6yNaRH8Z-mMuwAG65m9rW0AqXQPYRZ_9EL_ElphVllcRcBxTU1zzkJVYcVvM4wRAFeOYwuFTrUOOBiSj65p-sudPIHFyPFa2YstCSo0sFuoxATXef-HYMi1HD0feZvqXDcwczcpQ9pDW-1PglUoKJQ1JXuufyLGbQoRbb4rZOud8YoOeOOuYyw8WbhqtTmMbOF1Gmmc5PgumkRXhoFrHgV7dC0ObOxlEOSnK8NViOuLhO-ruFPB31rFoYm1xkATnMf3S0yy0rVj82QK_g1mmeWiGnEyhH9fJB49p8Wmae7sLL6adL0DqgT0DElfgECPoCwZGw1fDOyZs4l4GH_6wloM7ouf53_JpJncYhjXVkAhpXjb_zmT3GyHlCrwH3IPLEJMvzgEuMg4PxmqfsaTthh8vdrJzDljpgyxr10kR8mI3KslzhoNcvzdvZyZSu-TpjLni5ta48NPTqGtf-yGcod-cwfehgkecJub3NYbqDXzkyEyG64a62qq-x0Fl-ztWKVOVFlyS0cxqsg0dUu4mdXM-hN59gcDQ-wh6mfMDkIe0c7EDmHxRFpvCmJ9FHoc4iQn8UYFEdC9idypaEUtS2K_EC95CcGd7fVq73XBbwhzCW3bj09F17Uj5m9xQvZWLChdbsVncvB3omn5rJxWl0G_m6DEubxlLRAhGiNk0GBA-1SVOzWnJCpZxodVzzYZSpI3RYKAYdMzSsAOnqFhh574oU0sQRiay1UiAP6B6839lMx1BEjuY20OMIHdHIciVwHMcFaOQRCWx8HhrDT-QiUP-u7_qIr1yvQc8ITcf6w5HfuRJbLK_MPcrBSCN9wQ2NrV0b213k-ZD9WbE_o7euhB1MrkPKcqV-pQ52uk3wdySs0hHHENw23jq-pFMlBsyJFGnxFcIMJk7LxZw60HfXH-xNzVkPJghkOu7uTEM9Xjw_Wl0YO4b6Ld7qnkQyfFeO-KAlLcJb1Fs3rpB44UGDLzlqJRZKMqas3Vvsb9uyxxuLgtAwjcx0IO7wou2FWv8bfJUVzOuPFCNwTqRewNmLThOu7lH4-D9ym1zACu9q1YQi6GFyuy50XkwTOEP_61XqHmZllBnfwjf3RFlEAr9fMJ6JIAr0sU4h-dHQ76XCWeotaawQOAUZuefGanGIWBbqrC4ebt0Pw~~&ap_size=3224&nfcpm=2.5&gdpr=0&us_privacy=1YNN&eids=W3sic291cmNlIjoiaWQ1LXN5bmMuY29tIiwidWlkcyI6W3siYXR5cGUiOjEsImlkIjoiSUQ1KloxSnR2Y0h1cXFUOFJMZDNXTEFLcXFBSTZzOFE5NUVUWkNXdmhZOTNnVFE0YnU5VzRLRVNtZmNCemtPcWR1ZTUiLCJleHQiOnsibGlua1R5cGUiOjAsImFiVGVzdGluZ0NvbnRyb2xHcm91cCI6ZmFsc2V9fV19XQ==
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.58.133.68 Alameda, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.komando.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
rtb_vast_proxy
p.channelexco.com/ 		60 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=QyR6R05RKmtlX28tQnUuQd0wflTzqNLXwP2Fr83VxnZPVdnXtgEekg0AYn_1Bd9KE6vuSpm4UukX3sid9rs9un_BHDtEd8c2YKwQWeJhs7N0F60FYVhFgn_BUOhnBJavAo3xqYArG4ZQpspTejwI29nF2x-eKK9y4jYZO2tfa0SUS6Uu6ENrjwveWwz2njlqgPd0lu4l6eUUoOBhUBCi98oFCXHfmEKOxIOCq_q2HSBoDj8rH_lC7o8jN4i0qqCSb3mYNxhno15tUcuN5L1-sE9h8gomXqskFseXwKd2qnGt-YCLdSSAiSfTlIwExOxhW2Z5ttr7mO9117HkJ3K8BLdmOAloiz_NcxlMMcweOXvnxRHi94hyvs6ZFJbAaQx6R5wLotvwfUFbE6EABjXVm6suL342NPj_YwEdIdS-DGWJLIkqBnH0gI0fHjg5v1Jhta4OQhdNIkFidKZp1M4k54V1bFulQtneRwbmtDCLJ-fLdflw2gFPZb7bECnE7JB8-_OVtsSTLC4ZTJb_JGm2zlOoPOfBddK3Tc0irgjrAgjtn_Q-Ix1GBbHH04aKrcU_XtpzzR2-phU3aUaIPtXCd-TAMNEze_itu9peeVC4AfnhbuwNebDdC-0rVOSP45Fd81zU_NNfWFrUk-7ec4g_KkHdhew4-pPiCA8C5eAkd2VPViSu8fjH4GkmPMhMtjwUku4SZN7UZmpKJRK7T-26waEGC0JuFX05Y7bf9KuIeS9qKYWuYnbu4jaKgjP_-Cx5W-ftiR_vSi3uxohHuFZk1w5E4VRMWb4Jl4BSjxEs6v2IeMLAQUd1Sqipf5VUDg_DwxQSjk6LrEAPPc5s3uasxOv3m4fsyWFhTEXzkQ-5e_OrblzWSKUME5WiAnKrP0Hz65jAk-NWFTyDBreamnt-SFMkly44td_esfV8AIrr7OLF27FcvTiI4dlm_sveMHdN8wDeA_fFMY8Vo06QEDtMy2OrYsh7AHdaswEeaHPoXqK5N3ojfdyo1JzfqKJsobVOjiEKhhAxXbRwN108WGeuEmxvl7G4jlC4qFym1YbtubMv8Ks2n38hg-ocrohateyCYrS22Fdk9v0l-88ZC5ouSio3ffRfCxqYx295s2D3XfZpWrLz2jwltVgdT6L6ADGmV-KOS84wwuZ5c6QxgKdRWVJNpygodIUDoBjokN_hRBNlJgqkA1vroytK7wYHMoh_21PsE6Io047CNXxTUmgSNrsVTSJK7yv3zcKu1aPREEN_xZklxYgEqBPix_soXF0o_sfawxZl8yIvfl_Ywq6Rk7B7esfK9j3Sgn-FOh0_-kJk3Wiz7-yg08Bbbm2mgWg4nv4HfndUYn_i4ByHo6tmuQJw9pCvYgGjkc0dRq7UsqXogRnoIRC0jKCjX1lPFDTCwIgEmJzmXrx6-FET7fFnCFefhvTQSnM3IEQFLicy8Y1Qjocpa3qiaRe7aL_D17JEMZl3safu_3hVtZsYL4fO7V6cgkkB_86GUSlVN2GUUTPwvg6f0DAJvcOZYWnYRaJTlxUgTibgGQR3ckphhGr3Iw9-MOxuIeYzuRZa1KNyUiTpG77Rn7p8Sdx2gdy7JZ9r_AYi4KQb8SKx2OidW9vk5LBh6_S7lprdeS_0AW_KKtye4ycZHPUh0zYrUuiLDqKXvJXHZjnZSNcGonYv0fjm1aC7_noKYG5tDdWPrDVbpUwxdzeQR7mBfFbqDNwLvLwk1f7dHgZtUP9JH8Xqz8oAof_t7Onnwny8f_dPr3FRG4-H_ELZk8Gp1fEAH5QIzWeji4de0sI7NfuHGZ_2bwM-faCYxCe-rxNXLYNeNKlgC-aokenJEzzdlzTVba96POVKzpbaGeXz9P9ntT9oW_cNCFnE2B4RCsnz14dKUns1UemSY8p2_I6w-yM4JrwepSmQioRTa4vMnEWKHeGsFBKggxA9LsCEIfA9ACqUai2GarXxDuFam4nKDuj33i85HJ-_v2v-GDM2lBcAQj-TA_LNXBLLJVsQkuhxMnwt5vyWnB-S0aE5UCgeiRpHJQ7rPTXBY7z-SeKt29Iku8kQ48OCB6l-mvqyJhSn60LnEyK8dn0iPNNIOJuoOPIa4_3ZpUSa_7lwseZpualDkObMTT193Eft34Y9zXSSn5oNszD_65fXDIGoV_I8W8pR4_DCF9W8k6dzURFxg18zmkHKmrWcdK4NLA0OBrjzIhXjxFo8Kk3ARFg82jEPmlC3BdqwF-yz3tEoJ0EGlbkO8ulK2v_y_Cb3oJtKXMVJJjinOpPk5-6NnRRgMs9PmFF1Yv-Zh6yU_f_vMHknMCR5nCFc5wV7J49r9S7J7VjmIJJul5HyqCuZEL46qNvgLufm3IE-wGk7-cys708nykJdgopsCBcbzm9mnoh9IIYI5vIIBHwxldpaVGBVuazroXDPjNSrCUJ0alO-5QrAgZuqL-GAg1qk8W-eDMdn81iypo-_dBM0-5Xd_OLNXUiy0B7i1BWLUv_2y3tkkDiDzI4pEdOJhwqWJWkfDo0jiGG7AyaiSUhNRuowLfdlHGX3eQElCu16WdzZpNA3rxSeCYJ2JLaik_lDsMRETg_Bt3yegv1E7fIycV0Y00Lx_3U8a7G_OfFWQatsln7JRGAswMRtYuls9_jqxLYzBKqi0cmqXJh1Xj6vAldVHEO58YsA8038CBCzbb8J7gVUsXPpIpOImG3dbRzm2-vCJzLXX3N8uy-cAws3YgHu1dr_i_zAdU7844clqKYv_UKCngqaTVhKfPbdvDokaihx51DS70aWK4YqmVeY_Wynw2yT9QJIc5q1udPE7UiIFLPeHX79y-qPqDhWOaj00Yw3UN8QI0EdS7UID98-1UiJtS9uCFosFXxlureV-0Yxzx4Y9W_w2MfpDKlqPqcyNwRU9gfP8gD_EXPhD_3-xPyG0ysX3kehZ0DWItK8m4lcVkXK-p6VbOXHXWXv0P9cpkM3pcZ_Yxx1k-iF_N1fYyU6w6KBdkhUIOHRBeMpZETerUgvZMIFFpx0RHaVHAR_b-8sz0fnMnRCVftWjQ4ewwPSMY8_T07NrKskKrxC2nz-HRqRhZ-R-rM1_gMz8fetin92Uot3eRDu3u3xsna0ays6AQ8AZTrRws55bcJwci3qmZ_HtD1S_8KRQ0ecXJPrkRZf9ge_k-bTFUqlJgf9fXKdEbyMgRIIhn8UevTj-lsaJETqqTHy0p58NG8hUbbqXQ~~&ap_size=3224&nfcpm=2.5&gdpr=0&us_privacy=1YNN&eids=W3sic291cmNlIjoiaWQ1LXN5bmMuY29tIiwidWlkcyI6W3siYXR5cGUiOjEsImlkIjoiSUQ1KloxSnR2Y0h1cXFUOFJMZDNXTEFLcXFBSTZzOFE5NUVUWkNXdmhZOTNnVFE0YnU5VzRLRVNtZmNCemtPcWR1ZTUiLCJleHQiOnsibGlua1R5cGUiOjAsImFiVGVzdGluZ0NvbnRyb2xHcm91cCI6ZmFsc2V9fV19XQ==
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.58.133.68 Alameda, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.komando.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
sync.html
s.spotim.market/ Frame C85F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
fd2fe17b45d50a90ff8ee0f8fbee582f729060fea437b151da36cf1cab64b9f2

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://visitor.omnitagjs.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1085
Content-Type
text/html; charset=UTF-8
Date
Tue, 07 Feb 2023 08:57:08 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9BCC 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56471
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 07 Feb 2023 08:57:08 GMT
expires
Wed, 08 Feb 2023 00:38:19 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 62FD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Tue, 07 Feb 2023 08:57:09 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 07 Feb 2023 08:57:08 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame C891 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 1B79
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Tue, 07 Feb 2023 08:57:09 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 07 Feb 2023 08:57:08 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
server
AkamaiGHost
sync
ssbsync.smartadserver.com/api/ Frame 4363 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=1YNN&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
615611ee1db24e304a27ee25b8d08bdff3a603ef77a8d19e462d35907b5cab26

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
1057
content-type
text/html
date
Tue, 07 Feb 2023 08:57:08 GMT
rtb_vast_proxy
p.channelexco.com/ 		60 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=IT5PTzklJGlmJit9VXdycvhdM0z8mmSKo3KYUQVTNUdXm1_1UDgvcKcViDi6bI-s5yZZ-0rbUyIrXCEcA59OPP_KrRA_fFYOxdvgknOMFkw6ASWwbzM68_iZAb2sHvj0aHNnl0GBHqFXj5xiSsejqvx_QHntlH4t4WxLaPQoDmyWyy7uRcGHr4868uHmkQD8ARC3QO0bBk7_5bh4F4sYhIsiFMUOGKaRxmwm8jtY3wXx0d5Ey58T3ory0MBXAWnm1zQWV3uBVfqQH9EpSVPsQY3XsIr9HP5dGc5tsPhpVPYYOoVKk-yeIhzN3q_7uxzbywHZAaRtYjMO1zOARvIUmGvsaC5N6hfVQpYo1n26jkFQWN9QUwPbPzXJTbqjjbSxJEKt_JX9bYIyq0rDdCiFYGgCyhwJJO3fcY2IZ2MVYU2tE9dR3qnMXzGinPAZe4XNjHw9Fd613qGd6lYydhhtfF0y9KV_YgyGvFNBhlCvZuZWbSrKDVvBZssjg6sdS8pihAa76nYUAufVKJip8Os3FBTEnh1QtpUF9IWNaQeKhN7-cq3enDmmiE83lXqNlNUR5j0LhP5yiu9zULSXY9_NvhJw9naZJKZzHuB_mbS5Q6gxgMR1oLi0x7qYAJKGWIlZV0e0nUS2UlBOGfvtKG4G4zSNXTciURxgL51KWovNUQTdAbCe7zAfwJKsl6SWuqgY1-FYwANEnJLihHrnsUMvG-wLpsurmMr4UeMigOfmjjv0bbj6YKMUmq91_Tm59B9he8hCMoCSi-iCpLhmtyvF6_wv4Ru-Amkm4ElGwkqZCIH8GJK4x9BtduwwnNsEOvdvjRQYmAPw1SC-GM8E_sk3zGyHUe995g7evMql4wjA2QK4LOmFkAKtRD_kpKq-GueIivnGAm0JqK2XekBYSxpg6TsMrqh-7v9ohWasMOBwSlXLmi-ukx91z6uNuLrtKqduqiAkXPkrZZSQcvNgoMb2xa64wEgDTHLPUpJLVFemB4E2cu9iqiF1Odj_AccF7IPYMYNJH3i-EyU4H3jpLAKo2rz6AlaxZJ9w-8UR4RHsCocxBClrsPKvi-nCuPB_W9cu8zMqGwRzwBVKtvMG4V7a3MNvXbtuE-3BvebSfAfLApIJHR6z1DTAimCxT7TFE01Oox6ev3WkN4A6TKg71q53yVUuIQDMujI14UlnvvcgLEx1POd7I1gcqZ0eDXftqXjnvDL2UG5MzmPu1opzsT9WzxYCUp3QUipaTHyNU_950V6n9Dg8GV2NfyRn8g4Xq5DL_HIJVKJ7uvKxtpeuu1cXAKXqahxLiN-BV3Cd2wNROeTilAHhGvgVUNkAAYFuVaHciX91l1SQN8edoZ2Z9WaEjBZI6Rwo5CIhPD_4Ox7h9y_7w9Lxv2ad53CNojmxYzuK9ErTf_A_bM4DgjNn4vcZ7Av1av0hT_nCWRInefL88wDNdc0PU0wUe7SPjcEqpme_Fj1Wf6sF_wDkvIa2fel20VTZz2hVGeP_bfabLO_80Ht0Fe_91KQhM2Kbbfh_gkyJSMTeccsfS0noeJac2fPlBoVtIaUm810W3pepJOJwzOPXmdW54R9iSppcGH94VcShF7NdfIG_NYvMqx9lxRBa3ZxUwjyQ-oqiP2RXfHKrsGQeyePgZ2jBiGBejWsgbnOPUERYbpi6LdVMoI7euZAhkcx-6ifLkWkLuwVlBCOPV6vql2mG-trhgt7YUNCtEjPl6q2gSSbfWbqq4Zx4HQ0t1SrlD6g-MSGb121H4bHzBS16St2di4T67tcDKfeLgid4xXdJ8YEXb0x1A-SViM0MZQDhNH6sFNOI3tHJT9kg_pW7rRBTehZysM8ZeiYuCnLREilPpmgrQjnyy1j07YlIoRxTTn12lezfFZQXfdoYu63nDcmfVMVLFoI2XWkZrLSZR_cUU-LC8xcWial5CHK_5exzKDuRDijVEf6sFRsQdock25KLLnRYd17eSWBG9QPLqKAXPBJciP6rm-N5dKYsIw9IxwRW6Yo1TUcjs5_HFa-6ZLOlVlPiqzX8mrLYvLnnJ1PSQ3478Uk9syK6T0IkM73BgvyeGNTGcBcQnaeDVEBShSYWlYggwfUnqwyGo1-L1Buzqjcj-c59JhrMNof8PI2YPORqdAGny4j3fw850Ln8l7I8KGiJri_ns9HGlcxBAMk0l2wSFPi1K-qt1eE59ldqTcPAZ4m6wMB9tcE53Mz6y24L4zeckbj2XFVnkFHafiIQXAL8g-meJq3FswYbc7zIluoRALlmYLaOwxeXXZEkbQ53XCEBMn3eODVu59gN6W4ox9qwZXSJj_Pqw8_VPv6QJVMaa4vdz6yk1g6nr4WFHfBFzb6UlUYTgPNXQnUJw0jwgYHmZZHpntlht0gxMtrV2NbdPBYXxjkHrsjArnNQKwkTuILv-G3_CreR9VzynMqDuTU0nck9iJgzVo4kfncPROoZS7UlxzyWrXzzXGCGC8ZS3Vr1Zb-hVZInVDRKGc5xINOFMcwZTar8s3SIKuzep0c9doXY_rj10i6MZ9Zc8ZOHvAJ2OeNXnzbA3GHrkaCglUHoJl0J40Qa2_t-wA7xy0o73D3UHevDErZxp7bH0tjB7lgKFDFn9jY-AB3bWL0AB1kNrKD5gkUZgJGlP8u75RwSeP76zp8nPGWSs95F9lzTr1nDjOduDvCByUhPpnFdbeTLT1phCXblRA31azjdLDBXA-qjlkVHpogSemcI_TBP4_en7GJrm8EI7wjSatY2d3ZZc5hOHBbncK4yH2vyiKsAK68YR1UlyUHtqAWuJtrVSw8wvO47FykYdq3sk3Ro0wJh-E9cs5sxV7hvbvgolPooL7AgOrDRknJpAq1qAY744TigyMYrt2y5xyY624HOl-AeczearyqZOBy-SImvYkGt0ss6JJLq_pFUCGFef9RcZYXW1Rqey9S7-exLagnKbwZARa2gt99OTLVvg66FEmymUXhGk0FGnvDolMrBFCVRSq4Ok22Pj9lYZ0OUoO1zWrKQA8anYylg3TgBiwUcrHs4RsK2If1nVXzG3xV8jLBCgXGU4NdIVgZlNQJ5mo5RolG3wzgdBnquioGqZH_ggs-Gt75gFS96vfguG_pl00El59Q7l0FyTH7lJlTcQU_rf23L3tKSDSs84UGGjYq53bMpXWd2v4q_OFsmEKA7SZGK0kTcnmCwS_WAsvRv&ap_size=3200&nfcpm=2.5&gdpr=0&us_privacy=1YNN&eids=W3sic291cmNlIjoiaWQ1LXN5bmMuY29tIiwidWlkcyI6W3siYXR5cGUiOjEsImlkIjoiSUQ1KloxSnR2Y0h1cXFUOFJMZDNXTEFLcXFBSTZzOFE5NUVUWkNXdmhZOTNnVFE0YnU5VzRLRVNtZmNCemtPcWR1ZTUiLCJleHQiOnsibGlua1R5cGUiOjAsImFiVGVzdGluZ0NvbnRyb2xHcm91cCI6ZmFsc2V9fV19XQ==
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.58.133.68 Alameda, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.komando.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
rtb_vast_proxy
p.channelexco.com/ 		60 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=Qz5eXU9ycCVEL01wLmlBO4xiDKFOImGSrX18OY8P306rD9CLe81uj_zs8VyyizwMuHn0slrjjQJn6MDJGoV0QilU8y5B09C6K8hUZqu2O7n3xTCQ_ToUrUBG9VHlxPBG1p4EG_0qjHVIwXGwh4Xu82Kq5LESHIz2Gw0HH9_61x6eDNF8QmbdgKfmwbjPHv-4PDMp4PKAcFRg6Yz6qyrzvOFZQoUo1iXt_XwuAIf7UVio6_mqqA888yDDdageJ_BpinV7a56MkAOZnZ-bDCMJynCi_aPMIATsZZUr31MwyZ4i8YKdozzbcYEXCszvv3UjDZ4TcUmCyG5rOU60lOVoOdylOVWe01ir8Rs_A3gY2DVE5-GC93eZMTFk5PxcFYo2VC40DbGC6NMfGY4L3yisFrzs5_lZ1IL01m2Yr3JRDZQB6AD4n0ZMV1Ph6Ypw3k6UUMO--wbTQA85iWbjb5gy8C0Gn4U7nMPVSZM3phS4_RK6lQySs91EukqZ5I9B29CioO3PWJVo0mpxa2QmhUbBeW5qRAgwXDwjMicoaZJ6pLPqjsgVcsOwuN5c_6uadRVAncfi6ipsn_9mgICXsa1zM9PPuN5952zkRLLuYML9mQqfeKLJPhn1WeMVP0ftk4rzl4UO0xxC3hzcJqOMoxk7gUG333D_rgQxZt34cCN8krxMk58D_jkTIE27CNQq7v9AgIZkR465ab8hQQoFwHtCjwZw3p1qs5_4XMNyChP4sM6P8Y4x71oqeubA0UOlrHcO3FlDlcjE6JB9m1V5zYPVZLz_FD4--4MANnKlm8UJoztu-o7FMY1LMM-UthB0JZ03ej9HULO_QdmZS4nje-0EQasSCpNeEkGq3GZiVLYLZ89v-K7YQpGbitlVLOUWZfrW3TQqlvAKJOQQxttPb7bFlDUrtaZ1eF81SShlMhW702WatYX1CY9Ndun9_Mq7e6aH_GX9-2UEFYkS4erFv-VnSmwltZh1y_jX_GUCUd_WOBZVQpsBLbJTyzzCsMX4PV7_O7iNOBsTTGlx-I19IR5hi_O_5t2jcFSAAwI1HZ2aPZ-ZsHaZtYCtU3eVYpwq8j3-_-g2mLSbzSu0wcn_EU08I41oHrlWOtNSQsH6L37tCVoefyOB7eAAdsFmYL6iXRT7L4_PehsqIIEr-Ic6wuB1TQNBA69ZZIsv1_HYXcEfSYDbPepd-D5A2UpNkWIaxzkKYxOdksYYVTkDe1Sm16fWLWRSA-G90DvJGIuO26VX-fbQI3k2pandMIy1lZv9gIYG8pdMsYbjry6wPiSEHCFE0ztUz1N-uxqgVUYaZJQBwI7JfX8BqlO2XGaVxdDH-3ruo6fgObPJF1kcYTGdWXQZNBVTej3xjsP5bCcybWemu5-WhMMezOzpHvJdAYS-MbFXf4pfC6CGxLUDHbyKbejeOYf1F_3PG7fC5xHzjxxFNR8mGSm3i010vEXRxVvMZF3odnxkHWhznIlYYvEBaDx-_KV6-E3vpIrhXZPfYDzLaLDXeEZeSWsnPz2rAZHhO2hx7y1wkmfU0mZ3dOyxltwYldt9e2Igft3BRmDGfPSi8r1pKfD2O4Z90-48hF9qJ7CRj3r2wp2dGtACtQq4_lBI4uMR6bzgQqdOh61s7kQhISNxRPmRJDJVKSnzlGyJuC_Moti3Beml2bhzPW79ZoSCIB-xVUZ8WV-IH004G-kwVtNyLUDjkGMfGgRrKYLq9fPZ-EZTBuXp5zVFNjl4M6hKiLa2ZdBsjuZaqaQkQD8ytFnDSn8nAHn0IxSip2hSuSh3o6AzSIqJqgGLDkN47I41lDCemayzKFltDveCRn-oW4y9leLfh6eWY9mEiwF_JfKoBOh0DLUU4xcJ_HSROoXwehuFfFyi13MkVmDiaQIGBCSWVbITQGH1DQkGOieo-AJesb0NOxwL8j9HieJaEZC3UsHxWk9DI5vlARdoCvA3mLisdnUPczuwksuf0kokot2prIEQrwG4Wfdrxiglv89iX2Cf3r6m-FdBpu7ClKJRoRAYKqXqSV6Xjlqf4ATZ6Uyf5rqqUhz77brmNMXPC3wNhgktNEQ-rlUCBw2X_OSjLd_uZfxhqkru1566Fbv25lQKIM421bCPnjCoUDn2V2arkZmLOvB7cvIKvoba1etyzFIU-wtaLXNaFopKjbgMZcgP1qAdkJjSG55HPKprHCtfgCTe3JHqpVinMVb91HZziNiXAD_6MOIjzdooUz_MTKdtf5EEDd_yVU3uY3zLkrd2cRvqJ58acz41y5YrFd8bDU-aSXvEj33AwtT9R2fAZqrFIXUJEt4JJK5nwgVHRndZWH0ULtVnaDIosdHm-QqzByFqerd1yEd1sNLve2G0WMJqO1kY2qIDMzwht776OdYm0fi8s145rmsrGJzOjS_BWXRhkzLnq_FL113jlD57Di9WkKH0g1YKI2vpiykwjEOggOt9TjZD1wnQcVbJfsb1VjWrPtCrgx262EgRQxgbGZjX-faraR5oZEXmty7EBzoQ79V5lfWVexm1gl8VCGqEIK3cHzGkHQdm1AskZi7nD1vKAnkWBBciS1J7_6xHUpQHuNFHg2y4C1BCj9qDmtyHoAesx7X50I8pvRizqA8IcvMx-wiAbsUmajBJlLOd0Tkp0W4mPT8UMZ0AUNfiMqHHKw5oKD55DXwv_OClZDnF3pSfB24pVRdcf2F4VWgoI8ku67dVEiAnvuJPqj0CBOi63NGTTy08l7xYV2R0inuiVeift2QKvVSVNDeIRqvRnEIrelZOAauEzQyzArO63XV1SxqPgvP1dSc4jhDlKrSYVQwL5bjbTwq3m2gw01i2SoRe-2oHVzQ7IBKmaQ717eyyfolSN6QzPCT663gAt5uMhH7qBAN2HEZX8MABeOzoXjdQcTmjO-OcuxchpiJUy0u0RHg680DzzTMxad-stFlVffh_ABzSlo2vkzXYQ9EpPRmgs4cWcFRVMpIidhFBPqzE4TLUVTiea0mmc-gKHbseo3qE8kDpT5c7ClPjiuk4xG4sIhzyzr0wGvja6oEA0-UsTIlS3n4b8aWU5K4xqeqFRx9fUlKJBdkvCWNxtHguAlEz0WAArb-Gt4ZmmmQRljyhOjou3qbiWquro6isB7_IDOj_DCa023ga4JQzId5wYzi2UKBicy9B62d5CWabAikfy0B2FPOsEGTJwMaE-Np1wiFhVmuYPBXiujhKLrmqPjwy_A~~&ap_size=3224&nfcpm=2.5&gdpr=0&us_privacy=1YNN&eids=W3sic291cmNlIjoiaWQ1LXN5bmMuY29tIiwidWlkcyI6W3siYXR5cGUiOjEsImlkIjoiSUQ1KloxSnR2Y0h1cXFUOFJMZDNXTEFLcXFBSTZzOFE5NUVUWkNXdmhZOTNnVFE0YnU5VzRLRVNtZmNCemtPcWR1ZTUiLCJleHQiOnsibGlua1R5cGUiOjAsImFiVGVzdGluZ0NvbnRyb2xHcm91cCI6ZmFsc2V9fV19XQ==
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.58.133.68 Alameda, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.komando.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.komando.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3f5130c846dd2b8362310a320f23c7f7969ac5cc50143e5d39ec4355a498597

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 03:29:32 GMT
via
1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
19656
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.komando.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1037
x-amz-cf-id
Aebe_3qjtrYZI68l0E0x7miWnc1UkJGjPcmjClbFyBX423JhTiTEDg==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		212 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&pid=s6ES3EaH6f35X&cb=0&ws=1600x1200&v=23.127.1625&t=1000&slots=%5B%7B%22sd%22%3A%22Komando_Adhesion%22%2C%22s%22%3A%5B%221x1%22%2C%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F15184186%2C1064811%2FKomando_Adhesion%22%7D%5D&schain=1.0%2C1!freestar.com%2C214%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-35-220.ams1.r.cloudfront.net
Software
Server /
Resource Hash
e3d3dc0375ec17aba2b1a4f5773fd0d52f2d219db164f1edcc4f9c06292865a7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:09 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 37bca31d9c7de06b67b2363770e065b4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P1
x-amz-rid
PXJKYASKENVT1P464S7K
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.komando.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
212
x-amz-cf-id
qj5WQM0QUx6WAG9o8g1OYehd9VDXoT_pHm-9ErgH8-OrcxYw3A2Spg==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		693 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&pid=s6ES3EaH6f35X&cb=1&ws=1600x1200&v=23.127.1625&t=1000&slots=%5B%7B%22sd%22%3A%22Komando_Leaderboard_1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2C1064811%2FKomando_Leaderboard_1%22%7D%2C%7B%22sd%22%3A%22Komando_Right_Rail_1%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C1064811%2FKomando_Right_Rail_1%22%7D%2C%7B%22sd%22%3A%22Komando_Right_Rail_3%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C1064811%2FKomando_Right_Rail_3%22%7D%2C%7B%22sd%22%3A%22Komando_Right_Rail_4%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C1064811%2FKomando_Right_Rail_4%22%7D%5D&schain=1.0%2C1!freestar.com%2C214%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-35-220.ams1.r.cloudfront.net
Software
Server /
Resource Hash
4bc39edb1ee23f938dd369c971ab57140aa2aeec3cba2553de7fd6159382fd60
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:09 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 37bca31d9c7de06b67b2363770e065b4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P1
x-amz-rid
3M9GWSV999BYKPP4XW46
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.komando.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
693
x-amz-cf-id
_oXX5w302PCj7OqvvM6xlVZ3x8p5gXVvEH8OxTacHkOB0MQohTVx-g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 02:20:38 GMT
x-amz-version-id
UbKifkjYJEpp9kioi5dZ9KFE2QW1MpFD
content-encoding
gzip
via
1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
23791
x-cache
Hit from cloudfront
last-modified
Fri, 03 Feb 2023 23:37:41 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
Wi2mva_cX7WTYxeFbY9hLmu0mVVai0wtRzGcX0NPELzu97kpaTsyuQ==
usync.js
eus.rubiconproject.com/ Frame 8B34 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
de48f408866c6f7d4cbf8bb0995fe03df2ae99f2bef5d5590d64b712bb487817

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:08 GMT
content-encoding
gzip
last-modified
Tue, 07 Feb 2023 06:27:21 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=77374
content-length
10007
expires
Wed, 08 Feb 2023 06:26:42 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.103.89.173 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-89-173.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:09 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Tue, 07 Feb 2023 09:12:09 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 18 Jan 2023 10:47:57 GMT
server
cloudflare
x-amz-request-id
E3629X2C82GJP8E7
age
3233
etag
W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
795aea985d733860-LHR
x-amz-id-2
1cPkcnqDAj4AhI5VhkSi43i3cCSpIWhMsiKRYM3Fism9uajroc/wHNiO5O53bywqd1bBKeIzGds=
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.220.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-220-40.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 07 Feb 2023 08:57:09 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.220.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-220-40.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.komando.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 07 Feb 2023 08:57:09 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 4363
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/sync?uid=9276a8c8d010b77af50144c60047b781&visitor=7396329761718876590&name=SMARTADSERVER&gdpr=0&gdpr_consent=
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&name=SMARTADSERVER&uid=9276a8c8d010b77af50144c60047b781&visitor=7396329761718876590
49 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&name=SMARTADSERVER&uid=9276a8c8d010b77af50144c60047b781&visitor=7396329761718876590
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&name=SMARTADSERVER&uid=9276a8c8d010b77af50144c60047b781&visitor=7396329761718876590
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
11
content-length
0
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 4363
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=10423f93e6ccecbae2bf7d8b2c0f6526&gdpr=0&gdpr_consent=0
43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=10423f93e6ccecbae2bf7d8b2c0f6526&gdpr=0&gdpr_consent=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:08 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=10423f93e6ccecbae2bf7d8b2c0f6526&gdpr=0&gdpr_consent=0
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
0
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 4363
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=ebf6e778-689d-45ea-8ac6-7b4c59e346ed&gdpr=0&gdpr_consent=
43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=ebf6e778-689d-45ea-8ac6-7b4c59e346ed&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=ebf6e778-689d-45ea-8ac6-7b4c59e346ed&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 4363
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4670916618109018858&gdpr=0&gdpr_consent=
43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4670916618109018858&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4670916618109018858&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 4363
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NzM5NjMyOTc2MTcxODg3NjU5MA==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFex6hFs_ItCysKy_B5AUw8&gdpr=0&gdpr_consent=&google_cver=1
43 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFex6hFs_ItCysKy_B5AUw8&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFex6hFs_ItCysKy_B5AUw8&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.554.2_en.html
imasdk.googleapis.com/js/core/ Frame 2698 		694 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c5caea5d9636db280e7b487edd7ea9ed9d6abd93f4d3506061a6739f09829f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
231593
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 16:37:16 GMT
expires
Sun, 04 Feb 2024 16:37:16 GMT
last-modified
Fri, 03 Feb 2023 16:36:07 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 07 Feb 2023 08:57:09 GMT
bridge3.554.2_en.html
imasdk.googleapis.com/js/core/ Frame C687 		694 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c5caea5d9636db280e7b487edd7ea9ed9d6abd93f4d3506061a6739f09829f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
231593
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 16:37:16 GMT
expires
Sun, 04 Feb 2024 16:37:16 GMT
last-modified
Fri, 03 Feb 2023 16:36:07 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.554.2_en.html
imasdk.googleapis.com/js/core/ Frame 9B64 		694 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c5caea5d9636db280e7b487edd7ea9ed9d6abd93f4d3506061a6739f09829f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
231593
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 16:37:16 GMT
expires
Sun, 04 Feb 2024 16:37:16 GMT
last-modified
Fri, 03 Feb 2023 16:36:07 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.554.2_en.html
imasdk.googleapis.com/js/core/ Frame 2F23 		694 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c5caea5d9636db280e7b487edd7ea9ed9d6abd93f4d3506061a6739f09829f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
231593
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 16:37:16 GMT
expires
Sun, 04 Feb 2024 16:37:16 GMT
last-modified
Fri, 03 Feb 2023 16:36:07 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.554.2_en.html
imasdk.googleapis.com/js/core/ Frame 4FFD 		694 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c5caea5d9636db280e7b487edd7ea9ed9d6abd93f4d3506061a6739f09829f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
231593
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 16:37:16 GMT
expires
Sun, 04 Feb 2024 16:37:16 GMT
last-modified
Fri, 03 Feb 2023 16:36:07 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.komando.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 1B79 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
de48f408866c6f7d4cbf8bb0995fe03df2ae99f2bef5d5590d64b712bb487817

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:09 GMT
content-encoding
gzip
last-modified
Tue, 07 Feb 2023 06:27:21 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=77373
content-length
10007
expires
Wed, 08 Feb 2023 06:26:42 GMT
usync.js
eus.rubiconproject.com/ Frame 62FD 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
de48f408866c6f7d4cbf8bb0995fe03df2ae99f2bef5d5590d64b712bb487817

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:09 GMT
content-encoding
gzip
last-modified
Tue, 07 Feb 2023 06:27:21 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=77373
content-length
10007
expires
Wed, 08 Feb 2023 06:26:42 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 04EC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y-ISZM-ZfDK4qRZpDs27vgAAB9cAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y-ISZM-ZfDK4qRZpDs27vgAAB9cAAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIi-4XdAW7ear05uf4-UTo8&google_cver=1
43 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIi-4XdAW7ear05uf4-UTo8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3D&s=190719&C=1
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMhz%2BloESE4SoBg7Idj1ZYbIf0AkGHp6bwkgyd6%2BzKBKlENeBJFNTLG3XujiV2472CNlCISs2ZhTqdHNCMdSXQ2r%2Fk6%2FiRgOcJ8i27oAy5Mt29r55JzJR328V1DNBnArZw9fo7r1tWqpVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
795aea9e7c8c4058-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIi-4XdAW7ear05uf4-UTo8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 04EC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 04EC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y.ISZM.ZfDK4qRZpDs27vgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIH7kj8f0qvTS6Pfxm11FUs&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIH7kj8f0qvTS6Pfxm11FUs&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:11 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIH7kj8f0qvTS6Pfxm11FUs&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 04EC
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y-ISZM-ZfDK4qRZpDs27vgAAB9cAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y-ISZM-ZfDK4qRZpDs27vgAAB9cAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y-ISZM-ZfDK4qRZpDs27vgAAB9cAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VW42C5Y6M4M3H2J82C5Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VRZ1A5CNBK1NKC591E8H
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y-ISZM-ZfDK4qRZpDs27vgAAB9cAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame 04EC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=index&bds_param=be201fa6-bcd1-480d-a189-43032ee69875
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=250209e7-da98-4f25-b629-0447840758b0&expires=10&ssp=index&bsw_param=be201fa6-bcd1-480d-a189-43032ee69875
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=be201fa6-bcd1-480d-a189-43032ee69875&gdpr=&gdpr_consent=&us_privacy=
43 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=be201fa6-bcd1-480d-a189-43032ee69875&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3D&s=190719&C=1
Protocol
H2
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Atn7mFQNt5Bd1ZxQ5s0vWyf0CKEbTyXVbCTXl0ArmYxvLSrboAyPj230c9IoGB2mHwjnO7xfRDOoIiVamDApC0toRL4Us2nKMvGk6yYdqnWkb%2B3yxToplVaOe16mWD9J3HBTwint"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
795aeaa719cd889d-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=be201fa6-bcd1-480d-a189-43032ee69875&gdpr=&gdpr_consent=&us_privacy=
date
Tue, 07 Feb 2023 08:57:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 04EC
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 04EC
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=67cccad2-a6c5-11ed-a258-2ccbc8064eef
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=67cccad2-a6c5-11ed-a258-2ccbc8064eef
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:11 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
server
Cowboy
content-type
image/gif
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=67cccad2-a6c5-11ed-a258-2ccbc8064eef
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-8
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 04EC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4670916618109018858&expiration=1676969829
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4670916618109018858&expiration=1676969829
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4670916618109018858&expiration=1676969829
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
cookie_sync
rtb.channelexco.com/ Frame 04EC 		0
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.channelexco.com/cookie_sync?bid=12517&srv=channelexco.com&cuid=de516f26-165d-4881-9cfe-b5cfc903fcdb&uid=Y.ISZM.ZfDK4qRZpDs27vgAA%262007
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dde516f26-165d-4881-9cfe-b5cfc903fcdb%26uid%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.58.133.68 Alameda, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
openresty
vary
Origin
expires
0
events
e.channelexco.com/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://e.channelexco.com/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.82.15.162 The Colony, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=297628503045840&correlator=4111130492669311&eid=31072168%2C44777628&output=ldjh&gdfp_req=1&vrg=2023020201&ptt=17&impl=fifs&gdpr=0&us_privacy=1YNN&iu_parts=15184186%3A1064811%2CKomando_Adhesion&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C728x90%7C970x90&ifi=1&adks=3163003723&didk=660782465&sfv=1-0-40&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_placementName%3DKomando_Adhesion%26fs_ad_product%3DstickyFooter%26fsbid%3Dtimeout%26amznbid%3D1%26amznp%3D1%26fspbg%3Dfreestar%26hb_auction_id%3D3e9d085f-61ee-4a15-96b7-432eece6f1db%26freestar_path%3D%252Ftech-tips%252Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%252F456930%252F%26freestar_domain%3Dkomando.com%26custom_bidder_size%3Dsovrn_728x90%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D91f811fa3a63272%26hb_bidder%3Dsovrn&eri=1&cust_params=user-agent%3DChrome%26fs_session_id%3D98aa5147-e605-493c-adec-c647d9f670af%26fs_pageview_id%3Ddedc81335a90dfeaa53d98644453b5e4%26articleid%3D456930%26section%3DTech%2520tips%26tag%3Dapps%252Ccybersecurity%252Fonline%2520security%252Chacks%252Fhackers%252Fhacking%252CMicrosoft%2520Windows%252CUSA%2520Today%26tg%3D1%26fs_testgroup%3Doptimised%26fs_clientservermask%3D32020222202223%26floors_rtt%3D25%26fs_test_variant_id%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1675760229381&lmt=1675760229&dlt=1675760224686&idt=3206&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=516&ohw=1600&ga_vid=1063574874.1675760227&ga_sid=1675760229&ga_hid=606119063&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
323f7cdf82fc4d5ea65ec5ceafc2b45a8c95e9c5d4eebc6f220fdfc8f8bad1a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20526
x-xss-protection
0
google-lineitem-id
6179340936
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138417115153
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.komando.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
69c3be3f32e2a22dbed17869481edb0c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 60F7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://69c3be3f32e2a22dbed17869481edb0c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 08:57:09 GMT
expires
Wed, 07 Feb 2024 08:57:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.554.2_en.html
imasdk.googleapis.com/js/core/ Frame 777A 		694 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c5caea5d9636db280e7b487edd7ea9ed9d6abd93f4d3506061a6739f09829f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
231593
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 16:37:16 GMT
expires
Sun, 04 Feb 2024 16:37:16 GMT
last-modified
Fri, 03 Feb 2023 16:36:07 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 48C3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56470
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 07 Feb 2023 08:57:09 GMT
expires
Wed, 08 Feb 2023 00:38:19 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.spotim.market/ Frame A90F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=827309512431448119
0
382 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=271858&extuid=827309512431448119
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Tue, 07 Feb 2023 08:57:09 GMT
Etag
bb3355bd6d59a692
Server
Adtelligent

Redirect headers

AN-X-Request-Uuid
74e689f5-31d9-4e46-9ea4-dbf98d2dc3c7
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 07 Feb 2023 08:57:09 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.spotim.market/csync?t=a&ep=271858&extuid=827309512431448119
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
/
onetag-sys.com/usync/ Frame C964 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.spotim.market/ Frame 03BF
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID&gdpr=0&gdpr_consent=
  • https://sync.spotim.market/csync?t=a&ep=644680&extuid=2272446932012285602134
0
386 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=644680&extuid=2272446932012285602134
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Tue, 07 Feb 2023 08:57:09 GMT
Etag
bb3355bd6d59a692
Server
Adtelligent

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 07 Feb 2023 08:57:09 GMT
location
https://sync.spotim.market/csync?t=a&ep=644680&extuid=2272446932012285602134
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame C85F 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%240%26gdpr_consent%3D%24
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
generic
match.adsrvr.org/track/cmf/ Frame C85F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1675760229686
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4290780436
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4290780436
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
etag
RX8a30236890574ff5927be618376766bd003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4290780436
cache-control
no-store, no-cache, must-revalidate
expires
0
csync
sync.spotim.market/ Frame C85F
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=2ccd8a11-ebc5-41d2-a1b3-65e335331ba7
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=482928&extuid=2ccd8a11-ebc5-41d2-a1b3-65e335331ba7
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
62.149.1.122 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 08:57:09 GMT
Server
Adtelligent
Etag
bb3355bd6d59a692
Content-Length
0

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://sync.spotim.market/csync?t=a&ep=482928&extuid=2ccd8a11-ebc5-41d2-a1b3-65e335331ba7
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
p9uuj39hqjhepghbuigc4jlg5asihiia
sync
visitor-usa02.omnitagjs.com/visitor/ Frame C85F
Redirect Chain
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Fredir%3Dhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fuid%253D9f93135e824096b627ff609f5cdee636...
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D9f93135e824096b627ff609f5cdee636%26visitor%3D%7Buid%7D%26name%3DOPENWEB
  • https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=bb3355bd6d59a692&name=OPENWEB
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=OPENWEB&uid=9f93135e824096b627ff609f5cdee636&visitor=bb3355bd6d59a692
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=OPENWEB&uid=9f93135e824096b627ff609f5cdee636&visitor=bb3355bd6d59a692
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=OPENWEB&uid=9f93135e824096b627ff609f5cdee636&visitor=bb3355bd6d59a692
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
21
content-length
0
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		191 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=297628503045840&correlator=4111130492669311&eid=31072168%2C44777628&output=ldjh&gdfp_req=1&vrg=2023020201&ptt=17&impl=fifs&gdpr=0&us_privacy=1YNN&iu_parts=15184186%3A1064811%2CKomando_Leaderboard_1%2CKomando_Right_Rail_1%2CKomando_Right_Rail_3%2CKomando_Right_Rail_4&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%2C300x250%7C160x600%7C300x600%2C300x250%7C160x600%7C300x600%2C300x250%7C160x600%7C300x600&ifi=2&adks=2320392318%2C1749413588%2C1508752443%2C2599808740&didk=661263815~2497099213~2497099215~2497098800&sfv=1-0-40&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_placementName%3DKomando_Leaderboard_1%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout%26amznbid%3D2%26amznp%3D2%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_placementName%3DKomando_Right_Rail_1%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout%26amznbid%3D2%26amznp%3D2%26fspbg%3Dfreestar%26hb_auction_id%3Dfb8287ee-89c2-4473-ac96-c56b0bc39b37%26freestar_path%3D%252Ftech-tips%252Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%252F456930%252F%26freestar_domain%3Dkomando.com%26custom_bidder_size%3Dsovrn_300x600%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.01%26hb_adid%3D92f8fdaab82e69f%26hb_bidder%3Dsovrn%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_placementName%3DKomando_Right_Rail_3%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout%26amznbid%3D2%26amznp%3D2%26fspbg%3Dfreestar%26hb_auction_id%3Dfb8287ee-89c2-4473-ac96-c56b0bc39b37%26freestar_path%3D%252Ftech-tips%252Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%252F456930%252F%26freestar_domain%3Dkomando.com%26custom_bidder_size%3Dsovrn_300x600%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D9330cf306046c15%26hb_bidder%3Dsovrn%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_placementName%3DKomando_Right_Rail_4%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout%26amznbid%3Dhbpjwg%26amznp%3Dsrqsxs%26amzniid%3DJBGafzPuY72jbZ43Cz5jQOEAAAGGKxfcNwMAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICCWsO_Y%26amznsz%3D300x600&eri=1&cust_params=user-agent%3DChrome%26fs_session_id%3D98aa5147-e605-493c-adec-c647d9f670af%26fs_pageview_id%3Ddedc81335a90dfeaa53d98644453b5e4%26articleid%3D456930%26section%3DTech%2520tips%26tag%3Dapps%252Ccybersecurity%252Fonline%2520security%252Chacks%252Fhackers%252Fhacking%252CMicrosoft%2520Windows%252CUSA%2520Today%26tg%3D1%26fs_testgroup%3Doptimised%26fs_clientservermask%3D32020222202223%26floors_rtt%3D25%26fs_test_variant_id%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1675760229682&lmt=1675760229&dlt=1675760224686&idt=3206&adxs=436%2C1080%2C1079%2C1079&adys=940%2C1057%2C2453%2C6811&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2&ucis=2%7C3%7C4%7C5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&frm=20&vis=1&psz=1263x-1%7C322x-1%7C320x-1%7C320x-1&msz=1241x-1%7C320x-1%7C320x-1%7C320x-1&fws=516%2C516%2C516%2C516&ohw=1241%2C320%2C1600%2C1600&ga_vid=1063574874.1675760227&ga_sid=1675760229&ga_hid=606119063&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
308bd0a24c56e6f5493cec856177e77ef59cb2c885df38fbec9961cd97f4e368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30318
x-xss-protection
0
google-lineitem-id
6181418057,6179263800,6179156775,6181337648
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138417087592,138416444966,138417075814,138416422811
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.komando.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bulk
trc.taboola.com/komando/log/3/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/komando/log/3/bulk?tvi2=-2&route=AM%3AAM%3AV&lti=deflated&bulkSize=4
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230205-36-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:09 GMT
via
1.1 varnish
x-served-by
cache-lcy-eglc8600054-LCY
server
nginx
x-timer
S1675760230.769260,VS0,VE10
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.komando.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.m3u8
mcd.ex.co/video/upload/sp_sd/v1490095101/ 		651 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/sp_sd/v1490095101/landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.m3u8
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.92.63 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-92-63.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
08849084a99028cb9f0f8856f0164f07951347131f16c92f8fd5626a87140cdf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 08:57:09 GMT
Cache-Tag
231147416428314524124108814617397708134,327961014079627028052771905279638174707,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
651
X-Served-By
cache-lga21977-LGA
Last-Modified
Tue, 07 Feb 2023 00:13:02 GMT
Server
cloudinary
X-Timer
S1675733403.419487,VS0,VE4
ETag
"d117a8a35694c018b71ac82bde6d7faf"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31530802
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
setuid
s2s.t13.io/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=1YNN&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Di%26uid%3D%5B...
  • https://sync.targeting.unrulymedia.com/csync/RX-8a302368-9057-4ff5-927b-e618376766bd-003?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26...
  • https://s2s.t13.io/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1YNN&f=i&uid=RX-8a302368-9057-4ff5-927b-e618376766bd-003
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1YNN&f=i&uid=RX-8a302368-9057-4ff5-927b-e618376766bd-003
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

location
https://s2s.t13.io/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1YNN&f=i&uid=RX-8a302368-9057-4ff5-927b-e618376766bd-003
date
Tue, 07 Feb 2023 08:57:10 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX8a30236890574ff5927be618376766bd003
content-type
text/html
1235.json
id5-sync.com/g/v2/ Frame 989D 		489 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1235.json
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/prebid/pb-7.2.21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
20253a457b59db3b1754706bdb87dd925eaf2869797971286c60f1264487209f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Feb 2023 08:57:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.komando.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
iu3
aax-eu.amazon-adsystem.com/s/ Frame A070 		382 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_n-LoopMe_n-MediaNet_ox-db5_cnv_n-inmobi_n-amobee_n-sharethrough_pm-db5_rbd_n-nativo_sovrn_3lift
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
de60b41e15abf39c0fe9c62cb9879a8083f98e40cbbfb088b3f3fcd0ac236abe
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
382
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 07 Feb 2023 08:57:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
38K8M9S0BTTD2B9441QQ
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 8B34 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17136&gdpr_consent=undefined&gdpr=0&khaos=LDU0DFGQ-1N-E132
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
10af108baa8103fb427a2cc0433d74a0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6
x-jsd-version
master
content-encoding
br
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230064-FRA, cache-yyz4527-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0R9LFXAe2ghV6kQ%2F%2FCs%2FdMXBofBcbvIITB8LQRfLPprCypAZIw7D2CrL4CWVyFzCcd4svlISpA0KIpI2AYhAh%2FvOrw38nis4Ilv9GUDoeV1Fs7IIdY5Q%2Bm1fHWda1Z85RUe2qjCqKZRol3Nx2bU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
795aea9f782f74c5-LHR
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 15:30:10 GMT
content-encoding
gzip
age
1445220
x-guploader-uploadid
ADPycdtn4UEMGhrSm1_4NgiXeqaApjYZClQzNeoeAiWcgc3cjev5hCwzzQ8hJx672tvsZ9N9V7evvN242zNHaL92kjsObArPY5s0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sun, 21 Jan 2024 15:30:10 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc871e89201aa44e7380e81e7f7846c4164e5a5d3374ba722a90e518ad48feae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:10 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 18 Jan 2023 10:47:58 GMT
server
cloudflare
x-amz-request-id
J7P748YQSJQTJDWC
age
2501
etag
W/"854d94282c6b6d99cd8ba33bb311e621"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
795aea9ee8283860-LHR
x-amz-id-2
9dOZkrUp+uXyRZwSJNEYC5g9Pbk5wI5K3AQ12ziMyJ9TgkRh9C9q/8CgCNQe8ljIy6xdhkBgark=
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a00:a:e047:752:5701 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 04:08:08 GMT
Via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2023 04:07:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
Age
17343
ETag
"aded621b17723f487b3c9d0e43cf2f94"
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1859
X-Amz-Cf-Id
3gxrXpy4CJBXEn5OBSPXE50zd2t9LJCzXTbyvuqTdeCK183UWTD3_w==
view
securepubads.g.doubleclick.net/pcs/ Frame DADC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSGXhwFUIlptK7Ff3p5g2j_vHp6uC0dVY1BEsWc8AcXe2HJ_6hWi-TQa4EO6ahh3akIs0bjTtTxC7JEziw3NjDm4L0ZkVvIaTceb9z-FIXbOY-TJnBZNAcgAHzM-kq77wcB0Q6IXxPc1gvjRJCS0bUm3Ra94yWa8mfQplMJUY5sXFFJrd8BOmiOh64MUcHERSgarfNGaVdWl_SSrHqXqY9D9vQGeFfg3cHe1AT0YjiJ657YAdo4nPhlqnqJb7BDXG_O4hON6sUoN6mrcZrNTFisGMcvZabprESBOZf0ccw-sY69DvV05NGikSJOYL2S3FNRwtIPA&sai=AMfl-YT47etNv0DCfl7-OGsXXve_26Vfd8jXpLMfgdTdxOeHqwHgUOgHYc-45E9FsSopfFyWD_EQ7MkjeSfDvvhFVOjNsZV_WGvlJ2P2ni_fZeC4zQ0-qTMenSVhTwZ1y3jjsKyqdPI5L0-wQVxVoLQ&sig=Cg0ArKJSzItEBrHQzFrZEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/ Frame DADC 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1caae31a6a05aa0be067b968fb12c9421ee72184a2a2db915a54d3330f7be923
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 01:03:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
28449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9012
x-xss-protection
0
server
cafe
etag
10578598109654303351
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 01:03:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame DADC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 00:59:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
28661
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 00:59:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DADC 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 08:57:10 GMT
9673882446675975617
tpc.googlesyndication.com/simgad/ Frame DADC 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9673882446675975617
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc2d6a05a562d6b286906cc9f908db8d8c19342bb002abd94e5f5db636063864
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 20:06:42 GMT
x-content-type-options
nosniff
age
391828
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17175
x-xss-protection
0
last-modified
Tue, 12 Apr 2022 22:46:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 02 Feb 2024 20:06:42 GMT
avjp
playbuzzltd-d.openx.net/v/1.0/ Frame 989D 		106 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://playbuzzltd-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5f9afe6a-a5d9-4dd4-9d55-5755620f352e&nocache=1675760230270&gdpr=0&us_privacy=1YNN&id5id=ID5*Z1JtvcHuqqT8RLd3WLAKqqAI6s8Q95ETZCWvhY93gTQ4bu9W4KESmfcBzkOqdue5&pubcid=141b9cc1-127c-4cf8-9351-647754a4ad81&schain=1.0%2C1!playbuzz.com%2C0016M00002LRAT1QAP%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A600%2C%22h%22%3A337%2C%22api%22%3A%5B1%2C2%2C7%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22playbackmethod%22%3A%5B2%5D%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22minduration%22%3A1%2C%22startdelay%22%3A0%2C%22maxduration%22%3A60%7D%7D%5D%7D&auid=557057725&vwd=600&vht=337&aumfs=2500
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/prebid/pb-7.2.21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.komando.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 989D 		883 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/prebid/pb-7.2.21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
5e7af29081c139cc8926c324a230ee360afdcde48f915a5e50d466f6a5846435

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.komando.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 989D 		36 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=624104&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22538b40009ac0ea%22%2C%22site%22%3A%7B%22ref%22%3A%22%22%2C%22page%22%3A%22https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%22%2C%22domain%22%3A%22%22%2C%22content%22%3A%7B%22id%22%3A%22315c0b98-4f18-4644-910f-a9c248fb6c28%22%2C%22title%22%3A%22Trending%20Now%20on%20Komando%22%2C%22url%22%3A%22https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_sd%2Fv1490095101%2Flandscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.m3u8%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.2.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%22%2C%22tmax%22%3A3000%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226423cc90f0852b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22624104%22%2C%22sid%22%3A%22600x337%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B600%2C337%5D%5D%2C%22api%22%3A%5B1%2C2%2C7%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22playbackmethod%22%3A%5B2%5D%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22minduration%22%3A1%2C%22startdelay%22%3A0%2C%22maxduration%22%3A60%2C%22skip%22%3A0%2C%22w%22%3A600%2C%22h%22%3A337%7D%2C%22bidfloor%22%3A2.5%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22playbuzz.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%220016M00002LRAT1QAP%22%7D%5D%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*Z1JtvcHuqqT8RLd3WLAKqqAI6s8Q95ETZCWvhY93gTQ4bu9W4KESmfcBzkOqdue5%22%2C%22ext%22%3A%7B%22linkType%22%3A0%2C%22abTestingControlGroup%22%3Afalse%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e41d1296-8ee0-4263-aa88-25aae91678f6%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221YNN%22%7D%7D%7D
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/prebid/pb-7.2.21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5649ce138ab157ce45ed7526137683ddb9428480a7d8820814233708fb29dd6a

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2ZTwyqdqQbWQ%2BhgHoSNqh9WVg4cEmlzKWNc%2FeyMm7epF2nn%2F1lOyt%2Bhhr87QkI2CCoVtU%2FYXO2wudLDvCe%2Bnw1D%2BffubxVLvJgk9jCI5IY8hZ03MJkXYi3t4vleDFih%2F0b10IeH"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.komando.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
795aea9f4fa7dc19-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ Frame 989D 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/prebid/pb-7.2.21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.komando.com
date
Tue, 07 Feb 2023 08:57:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
c.pub.network/ 		36 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.38.0.2e4043c17e44abb1d7a86d7e8ef76d3b9a2955db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
c7f3fa7b9fe34cf96b38a78996e5b9c68e2249bc31009322b5a44eb2cf5a063d

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 07 Feb 2023 08:57:10 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.komando.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
view
securepubads.g.doubleclick.net/pcs/ Frame AB70 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAFNzUNuVU1GUByZNlU4KCX1xBmeIiLN7FAtEV2usmHrvAaUUbDanVLbyDzN57NN013fp2-LhtEyBPl2PSpqYQY5WHK58xtNhMxjhp8O4yoxEowOa36Jx1SXWix1k2E4vyk0WT0nGX6LhT2ATudum38lGYXspC3Zd-kYnFgXI-3WSR_zNBCvFK4NoR5nLQOYlmOARXF3sUuEa6VjfPhaq2do2DQXL3Gg_iVMP_vsKSSsVDMAu-j65c23LAwaKan_ZcyEFI4I5sXrsQlHyrQ1KI7i-LfyaqmeasE6y68sofh6bL9kjG5_k6uFa3ftcG7aN6lLozRPWtqZjX&sai=AMfl-YSdmiDUU4S8viWQQRI0VGGAfCk6mr1s2GcpUbbO5mk6TvaWmQz9vBleRf2fXycebvZluBbLEju5W8NwCiam-syqpWC7KxDDSrld4IHxYh5lQT8bZKKoTHSwJjnO9A&sig=Cg0ArKJSzAsc_BtqfO2KEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/ Frame AB70 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1caae31a6a05aa0be067b968fb12c9421ee72184a2a2db915a54d3330f7be923
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 01:03:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
28449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9012
x-xss-protection
0
server
cafe
etag
10578598109654303351
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 01:03:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame AB70 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 00:59:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
28661
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 00:59:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AB70 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 08:57:10 GMT
1321003828834678583
tpc.googlesyndication.com/simgad/ Frame AB70 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1321003828834678583
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16f5304d2d3dd5a58c41349b9a207663af0c49903d4eb1b74ed4fb07ab1161d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 09:11:57 GMT
x-content-type-options
nosniff
age
258313
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54371
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 17:02:02 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 04 Feb 2024 09:11:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ED40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1vlD0P837tun67vHfTQI4D4KhS0RRi2jsfmxfyR1NUWTX-MWnCmbXOD2lAL8-6xtriPI-a9wv1OKZpOqgEPlF1_y1-xvpJKVoOpQkLWKegNv1_0ptd7AYL9tOQhHFhEmQmoJBaik5j79xq6A8QH1N_Bm64Q6APEDX70yG_CVvuTk5qGe5xOuEiKu6FA5hMsZyc71-duRrISjgLPhMUC0QDvTw5L7A0Jb0IBzAB4oj7gStsnX4w8AkAcGrtRxTv8nI9LJ_F822HIXQ5zs79pjXxRaZHvSTAQvgBdVu975B4ok1Y1jpBOZEJq8sHNjpTkCZKg9vTJ9OfMY&sai=AMfl-YQsEdJ7DkUPsnbREHh6U6TCxA1EPJsWY_Qnptxx--nurO0bOUV6Xogq9shyHHI0MkDlV69LlUvxH1ylFtWLs2EwsLWT91pfXroj6wrk_gydE7tSoCyeaHeaqYLETQ&sig=Cg0ArKJSzDH5gsezBgPJEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/ Frame ED40 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1caae31a6a05aa0be067b968fb12c9421ee72184a2a2db915a54d3330f7be923
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 01:03:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
28449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9012
x-xss-protection
0
server
cafe
etag
10578598109654303351
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 01:03:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame ED40 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 00:59:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
28661
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 00:59:29 GMT
l
www.google.com/ads/measurement/ Frame ED40 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRkI5tWWyzo-htKka13UOPeCH4OjsxKLPsWNCpRI_ekIhrh1nv42-NyNsdgMRkwXOK9OirXgRtBnIEBj46TN_SP2jmdaA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ED40 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 08:57:10 GMT
7957168433575569471
tpc.googlesyndication.com/simgad/ Frame ED40 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7957168433575569471
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97c11e7b2e464bcead9ac97805a8118afdc79645550418a98f5e8dc9e92ab567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 09:05:23 GMT
x-content-type-options
nosniff
age
517907
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29686
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 23:48:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 01 Feb 2024 09:05:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3C07 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDSzAQ4L9IBunkH3VvxbQb_hFIFOGFdRkDiQlOTQJwe5WRRdJfkaAvf3UJF8J_6-M60c2H6-na7vn-ZCtdgcTdNXrKmUq6pU0CQbS4VnvCVP_JtzjDZQzgpB89NlkQf1nav3Qq9rG7QLOTey0jv49YT_Yl8W6RTSRoKv5jQ64sfg6ZcLqOsLb7qrcS2P334_aHAyAL-wQ-RShnulRuAziI8BizPK53M5cLYC-xnBfJ-p6LuGdY9rllU8rQHCZ4SQrOd3zPogvdCvUJaBuz9CSZRTzV2FMj1msbinRoYYiSyqRVjN7EtNvIq3Ks7LfyydGY4eVQ8FX-Vlk&sai=AMfl-YSjZTc53CWnH2Ea69jh5Xof0_b7erxUIQ3nLkMBYrSnlWqsRTm_5FJgionClGq_egZJ0WknWdgWLWY3BIweZo_tunFftm17TRiATPTsCBVopMI_0B2r34jJshYqig&sig=Cg0ArKJSzNoAou7ULh07EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/ Frame 3C07 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1caae31a6a05aa0be067b968fb12c9421ee72184a2a2db915a54d3330f7be923
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 01:03:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
28449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9012
x-xss-protection
0
server
cafe
etag
10578598109654303351
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 01:03:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 3C07 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 00:59:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
28661
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 00:59:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3C07 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 08:57:10 GMT
16413237501745586444
tpc.googlesyndication.com/simgad/ Frame 3C07 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16413237501745586444
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
670c015028dbf988d72cc0739742600c5c368281cacb45ab62df525eee50238e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 10:03:33 GMT
x-content-type-options
nosniff
age
255217
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35338
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 21:15:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 04 Feb 2024 10:03:33 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 470E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVbRDd94sl2reuAvZRwA7IJV4_O4XGDPseiOqM_kiwD41HTDGcuPbY75NZ6y8pKtOQrDtpbZXxOyK6VglNQQhwlOh1JY9JwAYXTaU5lwfuF6-Hh1zcY3RR_odep1Sh1f7m2HBsvuODtgc2itZ94WMO4H2GFmrMRem3_QIGXszva6HjgqEdsasztIi9FNcTpcfNIN-5eaLYBYLqPLf-O3cvY46nNGdUyailRV_ZiWgAdL3WkqP_8mgOkTZtGlqfnHvGWssnmXiiyb8_beNjd7r2zM9q8eTqeYLIy6UAUKkAu7yNKzhQIE3e7nSsFsLOj3otGu7Hdob70qM&sai=AMfl-YQi8EwJWckCVjbpQz4G235stLQXeBO4S449Wn9HoRv47ToRnHH-09jbKPOvw1EwsFKr9R6QShjaodgf-24YjjXGmHJXj0Kih0c2dseV85_1r1hiOAJt6r5tB_GGBg&sig=Cg0ArKJSzNIz4eknPYaSEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/ Frame 470E 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1caae31a6a05aa0be067b968fb12c9421ee72184a2a2db915a54d3330f7be923
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 01:03:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
28449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9012
x-xss-protection
0
server
cafe
etag
10578598109654303351
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 01:03:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 470E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 00:59:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
28661
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 00:59:29 GMT
l
www.google.com/ads/measurement/ Frame 470E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXpdVxlqt4mr8wNSpzjMSnS69EB3S3-xm8pmwtIiCHbZPJg-1CJfKyA3ktKcw8wUShn3j2XTCiHxWYkeHuar3J84rz5A
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 470E 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 08:57:10 GMT
8860164031743327823
tpc.googlesyndication.com/simgad/ Frame 470E 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8860164031743327823
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d7bb0ba0ca6302c3de83f519e1f4a1b85010d1056e6404943682f77a9d1f3ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 12:41:16 GMT
x-content-type-options
nosniff
age
159354
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45979
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 20:01:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 05 Feb 2024 12:41:16 GMT
setuid
px.ads.linkedin.com/ Frame 8B34
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDU0DFGQ-1N-E132&gdpr=0
0
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDU0DFGQ-1N-E132&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:11 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 7C805AB9A94D46E5B3D897AAF4442368 Ref B: LTSEDGE1813 Ref C: 2023-02-07T08:57:11Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX0GFVXF2bygnoRcT5vTw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDU0DFGQ-1N-E132&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8B34
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERVMERGR1EtMU4tRTEzMg==&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERVMERGR1EtMU4tRTEzMg==&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERVMERGR1EtMU4tRTEzMg==&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8B34
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmIwODU4MDcyYzJhNzhhM2Y2NzdkYjRiZGRlODY4NmYxMTg2MDJjOQ&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmIwODU4MDcyYzJhNzhhM2Y2NzdkYjRiZGRlODY4NmYxMTg2MDJjOQ&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmIwODU4MDcyYzJhNzhhM2Y2NzdkYjRiZGRlODY4NmYxMTg2MDJjOQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 8B34 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 8B34
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/yC6vm1H_weg_A_E1D_FVd8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-r8u5._xE2oIFNxjx8Bm.e5YsAVdEoU7YIioUYQ--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-r8u5._xE2oIFNxjx8Bm.e5YsAVdEoU7YIioUYQ--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 07 Feb 2023 08:57:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-r8u5._xE2oIFNxjx8Bm.e5YsAVdEoU7YIioUYQ--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 8B34
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJbRHI7KEB5GA7HM26zpw5Y&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJbRHI7KEB5GA7HM26zpw5Y&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJbRHI7KEB5GA7HM26zpw5Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 8B34
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=wM0yFHaVQLuSrev4yC2TUA&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=wM0yFHaVQLuSrev4yC2TUA&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=wM0yFHaVQLuSrev4yC2TUA&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CM74ZYWT3BWM1B2WREK6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=wM0yFHaVQLuSrev4yC2TUA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 8B34
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9W6lwO_ZTwmzgVWT4R79Hw&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=9W6lwO_ZTwmzgVWT4R79Hw&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=9W6lwO_ZTwmzgVWT4R79Hw&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
82VYJFTT7ZNX7PRV0PQ3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=9W6lwO_ZTwmzgVWT4R79Hw&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 1B79 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr_consent=undefined&gdpr=0&khaos=LDU0DFGQ-1N-E132
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.m3u8
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1675728771/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1675728771/landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.m3u8
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.92.63 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-92-63.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
74d4226ab472f66acfaaa34c0bd8288ae3dc7b87b90cf05fc28637177a320931

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 08:57:10 GMT
Cache-Tag
231147416428314524124108814617397708134,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1217
X-Served-By
cache-iad-kiad7000117-IAD
Last-Modified
Tue, 07 Feb 2023 00:12:55 GMT
Server
cloudinary
X-Timer
S1675734195.346498,VS0,VE1
ETag
"3fdc1a6977d1c4e4fb141639a14c41ce"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31531559
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230205-36-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Tue, 07 Feb 2023 08:57:10 GMT
x-amz-request-id
GMK80JFW7ZJE2CVK
age
2968
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
QGR/V2g8IL4WcGTYZt4cQKDoYiQKNnIpTm3QZvgvvo+tCRyUlSn5+O8gQciIIjFRSac0jK8+l4I=
x-served-by
cache-lcy-eglc8600054-LCY
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1675760231.645488,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
10
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
13225
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame A311 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-LoopMe_n-MediaNet_ox-db5_cnv_n-inmobi_n-amobee_n-sharethrough_pm-db5_rbd_n-nativo_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_n-LoopMe_n-MediaNet_ox-db5_cnv_n-inmobi_n-amobee_n-sharethrough_pm-db5_rbd_n-nativo_sovrn_3lift
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
62a2def3eff6612be37efc0357620d8ca3c00e90d4e92f0e7e2ee702943fe436
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_n-LoopMe_n-MediaNet_ox-db5_cnv_n-inmobi_n-amobee_n-sharethrough_pm-db5_rbd_n-nativo_sovrn_3lift
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3338
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 07 Feb 2023 08:57:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
RS832YZAGQ36S9FHFQWZ
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.38.0.2e4043c17e44abb1d7a86d7e8ef76d3b9a2955db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
c7f3fa7b9fe34cf96b38a78996e5b9c68e2249bc31009322b5a44eb2cf5a063d

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 07 Feb 2023 08:57:11 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.komando.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
ads
pubads.g.doubleclick.net/gampad/ Frame 2698 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C1064811%2Fca-video-pub-9790762811057699-tag%2FMCD_2.0_Ced_Desktop_komando.com_3&description_url=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F&tfcd=0&npa=0&sz=400x300%7C640x400%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2103012186886405&ad_rule=0&cust_params=pf%3D12f2d2a09db4&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1YNN&gdpr=0&sdki=445&ptt=20&adk=3445734233&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=142753D2-6E29-45E4-AB41-29B474773803&a3p=EhkKCnVpZGFwaS5jb20YwL7f2OIwSABSAghkEhsKDGlkNS1zeW5jLmNvbRjAvt_Y4jBIAFICCGQSGQoKcHViY2lkLm9yZxjAvt_Y4jBIAFICCGQSFAoFb3BlbngYwL7f2OIwSABSAghk&nel=0&eid=44748969%2C44765701%2C44770824%2C44777649&url=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&dlt=1675760224686&idt=5383&dt=1675760230770&cookie=ID%3D39d5e3cb6323396f%3AT%3D1675760229%3AS%3DALNI_MYRp6NIa29V_cKws6OpHOa7NRG_YQ&gpic=UID%3D00000bb13bfd736b%3AT%3D1675760229%3ART%3D1675760229%3AS%3DALNI_MaluZOaeKT9Oms8CeSjDPT-Q-D6WA&scor=628667472204764&ged=ve4_td6_tt1_pd6_la6000_er1434.286.1594.586_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame C687 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndicaton_8&description_url=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=916047505806254&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1YNN&gdpr=0&sdki=445&ptt=20&adk=2297327782&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=142753D2-6E29-45E4-AB41-29B474773803&a3p=EhkKCnVpZGFwaS5jb20YwL7f2OIwSABSAghkEhsKDGlkNS1zeW5jLmNvbRjAvt_Y4jBIAFICCGQSGQoKcHViY2lkLm9yZxjAvt_Y4jBIAFICCGQSFAoFb3BlbngYwL7f2OIwSABSAghk&nel=0&eid=44748969%2C44765701%2C44770824%2C44777649&url=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&dlt=1675760224686&idt=5427&dt=1675760230779&cookie=ID%3D39d5e3cb6323396f%3AT%3D1675760229%3AS%3DALNI_MYRp6NIa29V_cKws6OpHOa7NRG_YQ&gpic=UID%3D00000bb13bfd736b%3AT%3D1675760229%3ART%3D1675760229%3AS%3DALNI_MaluZOaeKT9Oms8CeSjDPT-Q-D6WA&scor=321999711880737&ged=ve4_td6_tt1_pd6_la6000_er1434.286.1594.586_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 9B64 		156 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_6&description_url=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1088397526464554&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1YNN&gdpr=0&sdki=445&ptt=20&adk=3567927810&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=142753D2-6E29-45E4-AB41-29B474773803&a3p=EhkKCnVpZGFwaS5jb20YwL7f2OIwSABSAghkEhsKDGlkNS1zeW5jLmNvbRjAvt_Y4jBIAFICCGQSGQoKcHViY2lkLm9yZxjAvt_Y4jBIAFICCGQSFAoFb3BlbngYwL7f2OIwSABSAghk&nel=0&eid=44748969%2C44765701%2C44770824%2C44777649&url=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&dlt=1675760224686&idt=5451&dt=1675760230789&cookie=ID%3D39d5e3cb6323396f%3AT%3D1675760229%3AS%3DALNI_MYRp6NIa29V_cKws6OpHOa7NRG_YQ&gpic=UID%3D00000bb13bfd736b%3AT%3D1675760229%3ART%3D1675760229%3AS%3DALNI_MaluZOaeKT9Oms8CeSjDPT-Q-D6WA&scor=612058882800029&ged=ve4_td6_tt1_pd6_la6000_er1434.286.1594.586_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 2F23 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1522265109799529&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1YNN&gdpr=0&sdki=445&ptt=20&adk=3429415417&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=142753D2-6E29-45E4-AB41-29B474773803&a3p=EhkKCnVpZGFwaS5jb20YwL7f2OIwSABSAghkEhsKDGlkNS1zeW5jLmNvbRjAvt_Y4jBIAFICCGQSGQoKcHViY2lkLm9yZxjAvt_Y4jBIAFICCGQSFAoFb3BlbngYwL7f2OIwSABSAghk&nel=0&eid=44748969%2C44765701%2C44770824%2C44777649&url=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&dlt=1675760224686&idt=5576&dt=1675760230805&cookie=ID%3D39d5e3cb6323396f%3AT%3D1675760229%3AS%3DALNI_MYRp6NIa29V_cKws6OpHOa7NRG_YQ&gpic=UID%3D00000bb13bfd736b%3AT%3D1675760229%3ART%3D1675760229%3AS%3DALNI_MaluZOaeKT9Oms8CeSjDPT-Q-D6WA&scor=1901311327137377&ged=ve4_td6_tt1_pd6_la6000_er1434.286.1594.586_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame DADC 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08e595ed7532e4d18f82baf1f7bd292c86e8c83331343b15e47da8738ef37676

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame AB70 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66a69f00752df4356baf7da9c60d42d4d6017a0fec329dd57d42033a73246e40

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame ED40 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d4b563a86aec8a1bf28a0459de70130708502d9de0265a680688f1e1a9c70be

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
ads
pubads.g.doubleclick.net/gampad/ Frame 4FFD 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C1064811%2Fca-video-pub-9790762811057699-tag%2FMCD_2.0_Ced_Desktop_komando.com_5&description_url=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F&tfcd=0&npa=0&sz=400x300%7C640x400%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4178185879205257&ad_rule=0&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1YNN&gdpr=0&sdki=445&ptt=20&adk=3734622598&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=142753D2-6E29-45E4-AB41-29B474773803&a3p=EhkKCnVpZGFwaS5jb20YwL7f2OIwSABSAghkEhsKDGlkNS1zeW5jLmNvbRjAvt_Y4jBIAFICCGQSGQoKcHViY2lkLm9yZxjAvt_Y4jBIAFICCGQSFAoFb3BlbngYwL7f2OIwSABSAghk&nel=0&eid=44748969%2C44765701%2C44770824%2C44777649&url=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&dlt=1675760224686&idt=5547&dt=1675760230818&cookie=ID%3D39d5e3cb6323396f%3AT%3D1675760229%3AS%3DALNI_MYRp6NIa29V_cKws6OpHOa7NRG_YQ&gpic=UID%3D00000bb13bfd736b%3AT%3D1675760229%3ART%3D1675760229%3AS%3DALNI_MaluZOaeKT9Oms8CeSjDPT-Q-D6WA&scor=3745364769432779&ged=ve4_td6_tt1_pd6_la6000_er1434.286.1594.586_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 777A 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C1064811%2Fca-video-pub-9790762811057699-tag%2FMCD_2.0_Ced_Desktop_komando.com_9&description_url=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F&tfcd=0&npa=0&sz=400x300%7C640x400%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2308254686629329&ad_rule=0&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1YNN&gdpr=0&sdki=445&ptt=20&adk=3464426539&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=142753D2-6E29-45E4-AB41-29B474773803&a3p=EhkKCnVpZGFwaS5jb20YwL7f2OIwSABSAghkEhsKDGlkNS1zeW5jLmNvbRjAvt_Y4jBIAFICCGQSGQoKcHViY2lkLm9yZxjAvt_Y4jBIAFICCGQSFAoFb3BlbngYwL7f2OIwSABSAghk&nel=0&eid=44748969%2C44765701%2C44770824%2C44777649&url=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA&dt=1675760230861&cookie=ID%3D39d5e3cb6323396f%3AT%3D1675760229%3AS%3DALNI_MYRp6NIa29V_cKws6OpHOa7NRG_YQ&gpic=UID%3D00000bb13bfd736b%3AT%3D1675760229%3ART%3D1675760229%3AS%3DALNI_MaluZOaeKT9Oms8CeSjDPT-Q-D6WA&scor=3346275442811926&ged=ve4_td6_tt1_pd6_la6000_er1434.286.1594.586_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1675728771/ 		41 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1675728771/landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.92.63 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-92-63.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
8dcf83fa5613aa949fe76d26a0947195eb42e0326f485be666cc648addc7662c

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range
bytes=0-42111

Response headers

Date
Tue, 07 Feb 2023 08:57:10 GMT
Cache-Tag
231147416428314524124108814617397708134,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-42111/723612
Connection
keep-alive
Content-Length
42112
X-Served-By
cache-iad-kiad7000117-IAD
Last-Modified
Tue, 07 Feb 2023 00:12:55 GMT
Server
cloudinary
X-Timer
S1675734196.546514,VS0,VE7
ETag
"84468a0a448046d12025f65c28ba98cc"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31531537
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
truncated
/ Frame 3C07 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
61ac67c629dc09e4d1f22dc4331487950d29cf2ecde13f75fa5cf9855b258901

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 470E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c00bbc1f7d10add1af00920d9f7f9bd3d1921686abaf084980b9af003738870

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
fullPageRevenue
trc.taboola.com/komando/log/3/ 		0
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/komando/log/3/fullPageRevenue
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230205-36-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:11 GMT
via
1.1 varnish
x-served-by
cache-lcy-eglc8600054-LCY
server
nginx
x-timer
S1675760232.550151,VS0,VE10
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.komando.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
setuid
s2s.t13.io/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58690/occ?gdpr=&gdpr_consent=&us_privacy=1YNN
  • https://ups.analytics.yahoo.com/ups/58690/occ?gdpr=&gdpr_consent=&us_privacy=1YNN&verify=true
  • https://s2s.t13.io/setuid?bidder=yahoossp&uid=y-QXd5HFRE2uG74x73uXTQdcmFGiKIcnYc64QYsHI-~A
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=yahoossp&uid=y-QXd5HFRE2uG74x73uXTQdcmFGiKIcnYc64QYsHI-~A
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

location
https://s2s.t13.io/setuid?bidder=yahoossp&uid=y-QXd5HFRE2uG74x73uXTQdcmFGiKIcnYc64QYsHI-~A
date
Tue, 07 Feb 2023 08:57:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
view
securepubads.g.doubleclick.net/pcs/ Frame DADC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSSha5l5wOxGrKbbFO2bBMTnvoaY4RmfrMqSS3VsP4z4VsdLyt-48VBNsakon1vwpc0E52dbUh8283S7OXT3GkP8xiM1mAzoW7CSu9SnS0NC3rmAaPBQUCRoJTQL3To6BDVIHb47XTWNtkTqT_2xNSrfkCctLozRqkR6O_U-yCnoWdfbQAC62jxoS_w15TYumHsx6AC-L8OxY6zV17wCfvU2m6mRGsEqDEl3cSy6koOvQsXxqGGTb7AcsX9da_MTdCXEH-f6YPfs87bAyk_8Ag3c7_iBu3Vf79Dj7iL4U67_kgabtPuHJ-oOucO3ji7rY_LfnBaIbk&sai=AMfl-YQcURAvpU64_8gPZXnU8sghSCxSHYY0sVMujOw-l40yvOyUkQGWI_SeXZf3NPCqw4So8tjuMLwKotRLYTFX3cNaF0WIYvDV1v5_hWVevWR7OCi9VkYSprVoLB_5vkSy3wOWN1HG07wGCQU3s5w&sig=Cg0ArKJSzFvepkcnAwSyEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 07 Feb 2023 08:57:11 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A311
Redirect Chain
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=b87d2501-7ff5-44b3-a5b5-82124bb956af&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=b87d2501-7ff5-44b3-a5b5-82124bb956af&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-LoopMe_n-MediaNet_ox-db5_cnv_n-inmobi_n-amobee_n-sharethrough_pm-db5_rbd_n-nativo_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WC7M1GAQKBM7CZ5R0XHR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=b87d2501-7ff5-44b3-a5b5-82124bb956af&gdpr=0
date
Tue, 07 Feb 2023 08:57:11 GMT
server
_
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A311
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3187618314679037000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3187618314679037000V10
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-LoopMe_n-MediaNet_ox-db5_cnv_n-inmobi_n-amobee_n-sharethrough_pm-db5_rbd_n-nativo_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7BKGC7BJVPWRKGVC578V
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:11 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3187618314679037000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Tue, 07 Feb 2023 08:57:11 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AB70 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyOboBBCkW7ZL2CogStfpnH4jd5m5AMmtbDLAKDU9lft0XA9WPIuUVEpH5vo7CIyOxsv1ESXvHwgaNKyuqJDxZLLNnGdjA1dpvRA3_LoD5dCJE44_JZ9Ao8iTTdIc456hkBV7SkzBnsihi8ga1Bb3R8GuvsIZvIQzWHAKR8Id6uuree_LSRy51QVAAUr1EE_cQcOhD11XwrrIeYhUesurlTFSKlo_p_OGEWcaZTgelnGGNx_A6o9vX_rTlzw_PNgzzCd31bB_1xZMOOVjJuioSm1n-_zhzH_mvwI4qPQWe7i7LZd8am5QEGrIahfdOpCXbJZRnP7dQtNDBCPg&sai=AMfl-YRvUEIK7Ac7iJIpM9cb61PPZ9N-0xop8w-VLLo8vITw7Flr7mZcE1TW1jvSOmD4mq774gHSUQ5Ziye4CBrMvuydBSZ7LweNQZOGu_SV6FFukqq7Jl0PF07QGaZxIA&sig=Cg0ArKJSzPjAKBpHjgKFEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 07 Feb 2023 08:57:11 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3C07 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvC4Cgs1Uvwr8OBLh_sFf3zmTXAUi0jUtMX6CCDVXe8SsdP6gccNa2G_krKz1_zDEMfrc7ceW2_3sbEdSHYc1Rt2CrEtEvq4zjMePuvCk6NK-OGPrNORH_PP2nKOFgYjB4xyfRRXzj2IW0ZOFbTRVfSBPW_LrxxiBLWfMf4zYI3hFWAfF-KmQRU6MqspkT3FHhSjIR7TJjfmnwiQIEC7jAtMYHzYVvWIXfiKNK73-dHgedjoI-4LALjnbXHg_ABgqZSBMTSFK2KeaKXDMg9xL88IorKN3uceupHDWqhy1hQQITRtlpHaSXftMOb2MkCCAtXo3C3xM76rDQ85w&sai=AMfl-YT5T7jQUiq1Ummt_5tAkJg62cJ8Xvi8PtQMniY6jvbQB91JpHWJLKooxeAdGxcCf3weZ56vRSTfvWOUZgpv0tSJD2FDB85Pxbik0Dj_jo-v4QEzEMjocGA3TxSeMw&sig=Cg0ArKJSzC-e2PfgiD5iEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 07 Feb 2023 08:57:11 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ED40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstym2Hx9Y92PVNRBM7S2fyQudyf_YNSwQGdoKsvGI18SAk9HTE44OIrpjb4_PnBLvxs-vZVqpq6GLNwz3SaCk2R0lCsVKGailTfAFXgiVZCl0IUoutMvRaswlNlB7bVMgKsn51zJ5Kwz89Fl9DbX3uUsppHQ-XPlF78tLU0N6df-wlu22fqWA-ibH7ihAKl1SPh2mdDSX1oa2WOTERCLBotXNLFm7PiZA1yresKDQ0bElSUqsNLKlptQGBTbIDDuVQvwE-Sr70--JhwnMXYLiVIXatxWf5F8rEVSVou1fNuPNZa30eKtfmcyCWQY6kasXw27nmlZpFf-sJn1Q&sai=AMfl-YQiSzr_56MWaIWhIiHraZL0F4gLe2OBdO1CuXPyWWlBeWvmaBQ_TwrWmGq9-iKX47k4JB1B7SsjVsAF69JN0WNJLSLpPNiZKTYV-0wG2h84tkr5jbd0IWYRlrmgnQ&sig=Cg0ArKJSzCgV_7rgWkNNEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 07 Feb 2023 08:57:11 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 470E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYUeYRXkv99t5FGlUXRZv9_M4xq6Fe0JH1euJ9JWIfszk4OOOuGKYp3nu_Q4OpIYeEGWWzE47k-SN2Fq9uLecVKtUTQyCT1WwwEjB2wTz8bfISXfwPE5iHId_xZGcfGYJ3ByJKoB1cwvVxOWUQ5hqNDBWLStlcc_EO54CimKQXrBobgrfcIRVHYuvbnjbVFcrLrUGqT1RKhti3Ht41kBQM7a7eDXj1IChL1WqMaU2TvNmYhxY6IcKo9UGoMSP2TiWd_rk49dWn1L61bMo5BAv137HtcKM7LXM12XQRLg6FNTJxe3WN4RKuj6ElRKM9LuHzRgo8hkt45genUA&sai=AMfl-YQdlgU--rFXhp0hqs-ZMmzyAZsdnysl5Z5f5H72CXvXQGY5_CnqT-iY4RHyQYb0HHSrF3zc2zpzK-GqoiNeKMP1It0UsRdQuuy-7kcSSHokbpKEyM9uOqxyDd1GCg&sig=Cg0ArKJSzAQzKbc-fLDkEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 07 Feb 2023 08:57:11 GMT
17bf173d-fb70-41ea-a97b-312e1119a086
https://www.komando.com/ 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.komando.com/17bf173d-fb70-41ea-a97b-312e1119a086
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3DF4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
18871
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 07 Feb 2023 08:57:12 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 02 Feb 2023 03:42:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5, 53410
X-Served-By
cache-lga13626-LGA, cache-lcy-eglc8600030-LCY
X-Timer
S1675760232.024091,VS0,VE0
pd
u.openx.net/w/1.0/ Frame 632D 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?us_privacy=1YNN
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 07 Feb 2023 08:57:11 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7EB9 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
18872
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 07 Feb 2023 08:57:12 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 02 Feb 2023 03:42:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5, 54819
X-Served-By
cache-lga13626-LGA, cache-lcy-eglc8600023-LCY
X-Timer
S1675760232.024375,VS0,VE0
beacon
ap.lijit.com/ Frame 01A7 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
2cd7b884f4ddda0ec55f9941339b2f967041c0b391d3f133675bd444cda3384d

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
5159
Content-Type
text/html
Date
Tue, 07 Feb 2023 08:57:11 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap1ams1
usync.html
eus.rubiconproject.com/ Frame B773 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1YNN
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Tue, 07 Feb 2023 08:57:11 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
pbcas
ads.yieldmo.com/ Frame F7A4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=1YNN&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.103.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-103-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Tue, 07 Feb 2023 08:57:12 GMT
pd
u.openx.net/w/1.0/ Frame 5710 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?us_privacy=1YNN
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 07 Feb 2023 08:57:11 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
beacon
ap.lijit.com/ Frame B2AC 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e1f6ff49aaeb442ee325d36cf1ebb724f26ebc83a1d6c947b022d2098aa6f2c4

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
5159
Content-Type
text/html
Date
Tue, 07 Feb 2023 08:57:11 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap1ams1
sync
eb2.3lift.com/ Frame 2776 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1YNN&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
a2e92286a0624600d5ec4f72baa54396a44de7c28780337d97da61c65b498217

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1148
content-type
text/html; charset=utf-8
date
Tue, 07 Feb 2023 08:57:11 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ixmatch.html
js-sec.indexww.com/um/ Frame 82A0 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
1048
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
795aeaaa2e8071c2-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 07 Feb 2023 08:57:12 GMT
expires
Tue, 07 Feb 2023 12:57:12 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pbcas
ads.yieldmo.com/ Frame 1A59 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=1YNN&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.103.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-103-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Tue, 07 Feb 2023 08:57:12 GMT
sync
eb2.3lift.com/ Frame CAC8 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1YNN&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
a2e92286a0624600d5ec4f72baa54396a44de7c28780337d97da61c65b498217

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1148
content-type
text/html; charset=utf-8
date
Tue, 07 Feb 2023 08:57:11 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ixmatch.html
js-sec.indexww.com/um/ Frame 8D75 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.komando.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
1048
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
795aeaaa2e8271c2-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 07 Feb 2023 08:57:12 GMT
expires
Tue, 07 Feb 2023 12:57:12 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
odr.mookie1.com/t/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1YNN
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=be201fa6-bcd1-480d-a189-43032ee69875&ssp=themediagrid&gdpr=&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=be201fa6-bcd1-480d-a189-43032ee69875&ssp=themediagrid&gdpr=&gdpr_consent=
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:11 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=be201fa6-bcd1-480d-a189-43032ee69875&ssp=themediagrid&gdpr=&gdpr_consent=
date
Tue, 07 Feb 2023 08:57:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=8ec1de74-6f11-4c3c-8dc4-186c42006abc&gdpr=0&gdpr_consent=&gdpr_pd=1&usprivacy=1YNN
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sharethrough&bsw_param=be201fa6-bcd1-480d-a189-43032ee69875&google_hm=YmUyMDFmYTYtYmNkMS00ODBkLWExODktNDMwMzJlZTY...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPWUmX-irzLaP9hsDnRYCbA&google_cver=1&ssp=sharethrough&bsw_param=be201fa6-bcd1-480d-a189-43032ee69875
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=be201fa6-bcd1-480d-a189-43032ee69875&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=be201fa6-bcd1-480d-a189-43032ee69875&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Server
52.29.94.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-94-204.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:12 GMT

Redirect headers

location
//match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=be201fa6-bcd1-480d-a189-43032ee69875&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
date
Tue, 07 Feb 2023 08:57:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
sync.srv.stackadapt.com/ 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=199
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.243.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-243-98.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 08:57:11 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_dbm&gdpr=0&gdpr_consent=&google_hm=OGVjMWRlNzQtNmYxMS00YzNjLThkYzQtMTg2YzQyMDA2YWJj
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame A9DF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-LoopMe_n-MediaNet_ox-db5_cnv_n-inmobi_n-amobee_n-sharethrough_pm-db5_rbd_n-nativo_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37e786c3243aba4dd121c4fab565a82608e474a17cb898def2ee758b7ffe75f5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
795aeaa89b7b4058-LHR
content-encoding
br
content-type
text/html
date
Tue, 07 Feb 2023 08:57:11 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yA67xL3%2BimDPoFpVY6%2FV8FpazKL6i%2FiLZVOufHWo03C6sCsOUT2HYPVX5Wor9dnEg9OYP4fyjyQ9pclz%2BrkHIeQjQxSiDGPENgUuKvgO7mzQjTerKc%2BIwHBM2Esr6gqTX%2BxS2ihMwOsmig%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame 6B6A 		626 B
690 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-LoopMe_n-MediaNet_ox-db5_cnv_n-inmobi_n-amobee_n-sharethrough_pm-db5_rbd_n-nativo_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
edbae5af5e5888d25d658b68ffc6fdd47d9642cf89b9d079d83d9527d89ece5c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
388
content-type
text/html
date
Tue, 07 Feb 2023 08:57:11 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
current
amazon-tam-match.dotomi.com/match/bounce/ Frame E6FE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-LoopMe_n-MediaNet_ox-db5_cnv_n-inmobi_n-amobee_n-sharethrough_pm-db5_rbd_n-nativo_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, private, max-age=0, no-store
date
Tue, 07 Feb 2023 08:57:12 GMT
expires
0
pragma
no-cache
server
nginx
ecm3
aax-eu.amazon-adsystem.com/s/ Frame D0A5
Redirect Chain
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr=0
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=inmobi.com&id=ID5-c9d9xYWjIPgvvvNc2wMupGPjSxScmJdgTqYBixyIsA
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=inmobi.com&id=ID5-c9d9xYWjIPgvvvNc2wMupGPjSxScmJdgTqYBixyIsA
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-LoopMe_n-MediaNet_ox-db5_cnv_n-inmobi_n-amobee_n-sharethrough_pm-db5_rbd_n-nativo_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 07 Feb 2023 08:57:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
318REBBZZZSRWR3R10M0

Redirect headers

date
Tue, 07 Feb 2023 08:57:12 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=inmobi.com&id=ID5-c9d9xYWjIPgvvvNc2wMupGPjSxScmJdgTqYBixyIsA
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 560C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=2732890162731889582
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=2732890162731889582
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-LoopMe_n-MediaNet_ox-db5_cnv_n-inmobi_n-amobee_n-sharethrough_pm-db5_rbd_n-nativo_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 07 Feb 2023 08:57:12 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
92Z3A3KMR2VMMR3NA5X2

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Tue, 07 Feb 2023 08:57:11 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=2732890162731889582
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
/
match.sharethrough.com/jwumXNuB/v1/ Frame C4F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-LoopMe_n-MediaNet_ox-db5_cnv_n-inmobi_n-amobee_n-sharethrough_pm-db5_rbd_n-nativo_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.94.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-94-204.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Tue, 07 Feb 2023 08:57:12 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BD55 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-LoopMe_n-MediaNet_ox-db5_cnv_n-inmobi_n-amobee_n-sharethrough_pm-db5_rbd_n-nativo_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56468
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 07 Feb 2023 08:57:11 GMT
expires
Wed, 08 Feb 2023 00:38:19 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9D41 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-LoopMe_n-MediaNet_ox-db5_cnv_n-inmobi_n-amobee_n-sharethrough_pm-db5_rbd_n-nativo_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Tue, 07 Feb 2023 08:57:11 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
amazon
ap.lijit.com/beacon/ Frame 7396 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-LoopMe_n-MediaNet_ox-db5_cnv_n-inmobi_n-amobee_n-sharethrough_pm-db5_rbd_n-nativo_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
a91cca7f74336037c5f4737de98307f2dab24c394d5e5fc3a8a9806a7ddf6840

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
1419
Content-Type
text/html
Date
Tue, 07 Feb 2023 08:57:11 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap1ams1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame D0DC
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=2272446932012285602134
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=2272446932012285602134
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-LoopMe_n-MediaNet_ox-db5_cnv_n-inmobi_n-amobee_n-sharethrough_pm-db5_rbd_n-nativo_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 07 Feb 2023 08:57:12 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
6WM1E2KJ5K1FVBP5CDGD

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 07 Feb 2023 08:57:11 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=2272446932012285602134
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
pips.taboola.com/ 		64 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ecb66647693aa5edf27fce8fb6f7156f7a403de654f1b559bb62ecdc1494fa33

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-served-by
cache-lhr7379-LHR
date
Tue, 07 Feb 2023 08:57:12 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.komando.com
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.38.0.2e4043c17e44abb1d7a86d7e8ef76d3b9a2955db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
c7f3fa7b9fe34cf96b38a78996e5b9c68e2249bc31009322b5a44eb2cf5a063d

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 07 Feb 2023 08:57:11 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.komando.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
csi
csi.gstatic.com/ Frame 9B64 		0
0
csi
csi.gstatic.com/ Frame C687 		0
0
csi
csi.gstatic.com/ Frame 2F23 		0
0
pixel
cm.g.doubleclick.net/ Frame 01A7
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R0hhNXBCWkgyaGIwYTVZZVJ1YTBjaFVV&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R0hhNXBCWkgyaGIwYTVZZVJ1YTBjaFVV&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 07 Feb 2023 08:57:11 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R0hhNXBCWkgyaGIwYTVZZVJ1YTBjaFVV&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
ae12848777b41970a5f2
aax-eu.amazon-adsystem.com/s/x/ Frame 01A7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ Frame 01A7
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2163634693
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2163634693
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
etag
RX8a30236890574ff5927be618376766bd003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2163634693
cache-control
no-store, no-cache, must-revalidate
expires
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 01A7 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
10af108baa8103fb427a2cc0433d74a0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
beacon
ap.lijit.com/ Frame 01A7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/beacon?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:12 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/avif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
5159
Expires
Fri, 20 Mar 2009 00:00:00 GMT
merge
ce.lijit.com/ Frame 01A7
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=5133329524178837653
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=10&3pid=5133329524178837653
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=5133329524178837653
Date
Tue, 07 Feb 2023 08:57:12 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame 01A7
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=G5uROxyawj0AnpdqHZjZMR_Nx2sAzMI5G5u5ZjmT
43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=G5uROxyawj0AnpdqHZjZMR_Nx2sAzMI5G5u5ZjmT
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:12 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=G5uROxyawj0AnpdqHZjZMR_Nx2sAzMI5G5u5ZjmT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame 01A7
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=b9c6c29a-60c3-4518-922f-785bb3a169db
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=b9c6c29a-60c3-4518-922f-785bb3a169db
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=b9c6c29a-60c3-4518-922f-785bb3a169db
Date
Tue, 07 Feb 2023 08:57:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 01A7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=64277ce9-3d9c-41fc-8c8b-852bdca079ea&ssp=fmx
  • https://ce.lijit.com/merge?pid=26&3pid=be201fa6-bcd1-480d-a189-43032ee69875&gdpr=&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=be201fa6-bcd1-480d-a189-43032ee69875&gdpr=&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=26&3pid=be201fa6-bcd1-480d-a189-43032ee69875&gdpr=&gdpr_consent=
date
Tue, 07 Feb 2023 08:57:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
merge
ce.lijit.com/ Frame 01A7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=GHa5pBZH2hb0a5YeRua0chUU&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=14f963e2-1268-4800-b303-fa5309b90bab&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=14f963e2-1268-4800-b303-fa5309b90bab&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Tue, 07 Feb 2023 08:57:12 GMT
Server
MT3 441 9053ffc master cdg-pixel-x35 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://ce.lijit.com/merge?pid=3&3pid=14f963e2-1268-4800-b303-fa5309b90bab&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 07 Feb 2023 08:57:11 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 01A7 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
noop
px.owneriq.net/ Frame 01A7
Redirect Chain
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent=
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q7290466321473257370&ref=%2Feucm%2Fp%2Fsv
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
104.96.159.65 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-159-65.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date
Tue, 07 Feb 2023 08:57:13 GMT
Server
Apache/2.4.6 (CentOS)
Connection
keep-alive
X-Powered-By
PHP/7.3.33
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Tue, 07 Feb 2023 08:57:13 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 01A7
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=grcaNIDtjzV7lYLAp5sK&pi=sovrn&gdpr=0&gdpr_consent=
43 B
971 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=grcaNIDtjzV7lYLAp5sK&pi=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:12 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=grcaNIDtjzV7lYLAp5sK&pi=sovrn&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT, Tue, 07 Feb 2023 08:57:12 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel.gif
aorta.clickagy.com/ Frame 01A7 		0
0
generic
data.adsrvr.org/track/cmf/ Frame 01A7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
merge
ce.lijit.com/ Frame 01A7
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=85&3pid=AATRo07HxCUAAB-hrsYcNA&gdpr=0
43 B
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AATRo07HxCUAAB-hrsYcNA&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AATRo07HxCUAAB-hrsYcNA&gdpr=0
Date
Tue, 07 Feb 2023 08:57:12 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 01A7 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:11 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
merge
ce.lijit.com/ Frame 01A7
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=827309512431448119&gdpr=0&gdpr_consent=
43 B
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=827309512431448119&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Tue, 07 Feb 2023 08:57:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
973f4074-1ffc-40b4-9823-9997404da3da
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=12&3pid=827309512431448119&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 01A7
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R0hhNXBCWkgyaGIwYTVZZVJ1YTBjaFVV&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R0hhNXBCWkgyaGIwYTVZZVJ1YTBjaFVV&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

Date
Tue, 07 Feb 2023 08:57:12 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R0hhNXBCWkgyaGIwYTVZZVJ1YTBjaFVV&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame 01A7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=827309512431448119&gdpr=0&gdpr_consent=
43 B
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=827309512431448119&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Tue, 07 Feb 2023 08:57:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6a6f4e0f-b6d7-4c29-ac32-65ef9b45f03a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=92&3pid=827309512431448119&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 01A7
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1675760231759&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=2E8F22B8B7E44B2794413FD3E0B82834
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=2E8F22B8B7E44B2794413FD3E0B82834
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 07 Feb 2023 08:57:12 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=2E8F22B8B7E44B2794413FD3E0B82834
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 06 Feb 2023 08:57:12 GMT
merge
ce.lijit.com/ Frame 01A7
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=fu7hxjSQpWep&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=fu7hxjSQpWep&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(9.4.14.v20181114)
content-language
en-GB
location
https://ce.lijit.com/merge?pid=49&3pid=fu7hxjSQpWep&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5ffd6ccc57-cpz9n
expires
-1
pixelSync
pixel-sync.sitescout.com/dmp/ Frame B2AC 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:11 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
merge
ce.lijit.com/ Frame B2AC
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=GHa5pBZH2hb0a5YeRua0chUU&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=Y-ISaIkp7r3xPXInHhO-F9a3
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=Y-ISaIkp7r3xPXInHhO-F9a3
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 07 Feb 2023 08:57:12 GMT
server
Aorta/20230131.88c800859
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=Y-ISaIkp7r3xPXInHhO-F9a3
access-control-allow-origin
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
7fbea184fae0
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
beacon
ap.lijit.com/ Frame B2AC 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/beacon?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:12 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/avif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
5159
Expires
Fri, 20 Mar 2009 00:00:00 GMT
merge
ce.lijit.com/ Frame B2AC
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=85&3pid=AATRo07HxCUAAB-hrsYcNA&gdpr=0
43 B
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AATRo07HxCUAAB-hrsYcNA&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:12 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AATRo07HxCUAAB-hrsYcNA&gdpr=0
Date
Tue, 07 Feb 2023 08:57:12 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame B2AC
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=5141210823507070690
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=10&3pid=5141210823507070690
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=5141210823507070690
Date
Tue, 07 Feb 2023 08:57:12 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
noop
px.owneriq.net/ Frame B2AC
Redirect Chain
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent=
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q7290466331036472501&ref=%2Feucm%2Fp%2Fsv
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
104.96.159.65 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-159-65.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date
Tue, 07 Feb 2023 08:57:13 GMT
Server
Apache/2.4.6 (CentOS)
Connection
keep-alive
X-Powered-By
PHP/7.3.33
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Tue, 07 Feb 2023 08:57:13 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame B2AC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=827309512431448119&gdpr=0&gdpr_consent=
43 B
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=827309512431448119&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:12 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Tue, 07 Feb 2023 08:57:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a064af9d-4e23-4713-ab61-3b756c6f63ce
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=92&3pid=827309512431448119&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame B2AC 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
10af108baa8103fb427a2cc0433d74a0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame B2AC
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1675760231769&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=22B2DB403AA34FC089835CCD9ADDD15C
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=22B2DB403AA34FC089835CCD9ADDD15C
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 07 Feb 2023 08:57:12 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=22B2DB403AA34FC089835CCD9ADDD15C
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 06 Feb 2023 08:57:12 GMT
merge
ce.lijit.com/ Frame B2AC
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=G5uROxyawj0AnpdqHZjZMR_Nx2sAzMI5G5u5ZjmT
43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=G5uROxyawj0AnpdqHZjZMR_Nx2sAzMI5G5u5ZjmT
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:12 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=G5uROxyawj0AnpdqHZjZMR_Nx2sAzMI5G5u5ZjmT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame B2AC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=be201fa6-bcd1-480d-a189-43032ee69875
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=be201fa6-bcd1-480d-a189-43032ee69875
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=72531c07-0572-4bbd-9f4c-b0fa4b456ae6&user_group=1&ssp=fmx&bsw_param=be201fa6-bcd1-480d-a189-43032ee69875
  • https://ce.lijit.com/merge?pid=26&3pid=be201fa6-bcd1-480d-a189-43032ee69875&gdpr=&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=be201fa6-bcd1-480d-a189-43032ee69875&gdpr=&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=26&3pid=be201fa6-bcd1-480d-a189-43032ee69875&gdpr=&gdpr_consent=
date
Tue, 07 Feb 2023 08:57:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
merge
ce.lijit.com/ Frame B2AC
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=b9c6c29a-60c3-4518-922f-785bb3a169db
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=b9c6c29a-60c3-4518-922f-785bb3a169db
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=b9c6c29a-60c3-4518-922f-785bb3a169db
Date
Tue, 07 Feb 2023 08:57:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame B2AC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=GHa5pBZH2hb0a5YeRua0chUU&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=628263e2-1268-4600-a748-7784a9459397&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=628263e2-1268-4600-a748-7784a9459397&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Tue, 07 Feb 2023 08:57:12 GMT
Server
MT3 441 9053ffc master cdg-pixel-x25 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://ce.lijit.com/merge?pid=3&3pid=628263e2-1268-4600-a748-7784a9459397&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 07 Feb 2023 08:57:11 GMT
merge
ce.lijit.com/ Frame B2AC
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=827309512431448119&gdpr=0&gdpr_consent=
43 B
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=827309512431448119&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Tue, 07 Feb 2023 08:57:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
23f3282a-1719-4d27-88b3-ca46dd5bc145
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=12&3pid=827309512431448119&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ae12848777b41970a5f2
aax-eu.amazon-adsystem.com/s/x/ Frame B2AC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ Frame B2AC
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5304602246
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5304602246
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
etag
RX8a30236890574ff5927be618376766bd003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5304602246
cache-control
no-store, no-cache, must-revalidate
expires
0
pixel
cm.g.doubleclick.net/ Frame B2AC
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R0hhNXBCWkgyaGIwYTVZZVJ1YTBjaFVV&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R0hhNXBCWkgyaGIwYTVZZVJ1YTBjaFVV&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

Date
Tue, 07 Feb 2023 08:57:13 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R0hhNXBCWkgyaGIwYTVZZVJ1YTBjaFVV&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame B2AC 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
generic
data.adsrvr.org/track/cmf/ Frame B2AC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
merge
ce.lijit.com/ Frame B2AC
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=df0Wzw7gVUUq&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=df0Wzw7gVUUq&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(9.4.14.v20181114)
content-language
en-GB
location
https://ce.lijit.com/merge?pid=49&3pid=df0Wzw7gVUUq&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5ffd6ccc57-z2hf6
expires
-1
merge
ce.lijit.com/ Frame B2AC
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=grcaNIDtjzV7lYLAp5sK&pi=sovrn&gdpr=0&gdpr_consent=
43 B
971 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=grcaNIDtjzV7lYLAp5sK&pi=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:12 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=grcaNIDtjzV7lYLAp5sK&pi=sovrn&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT, Tue, 07 Feb 2023 08:57:12 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B2AC
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R0hhNXBCWkgyaGIwYTVZZVJ1YTBjaFVV&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R0hhNXBCWkgyaGIwYTVZZVJ1YTBjaFVV&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 07 Feb 2023 08:57:13 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R0hhNXBCWkgyaGIwYTVZZVJ1YTBjaFVV&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6B6A 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=4dc579a3-4ef0-c9c1-0a31-2761dc5b12ca
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D8YT6M26WDP6M8ZGE233
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6B6A
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=1-cW9tDmRfDM4hCn0eRe_NOxQKbMsEX01-eP_Rg5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=1-cW9tDmRfDM4hCn0eRe_NOxQKbMsEX01-eP_Rg5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:11 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=1-cW9tDmRfDM4hCn0eRe_NOxQKbMsEX01-eP_Rg5
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 6B6A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4670916618109018858
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4670916618109018858
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4670916618109018858
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 6B6A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=151305de-525a-723b-ca3f-a5f6b468d92a&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 6B6A 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Mzk3Y2Q2MTQtOWIyZC0yYzlmLWRmZGYtZmY0ZjdlOGExNzRh
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6B6A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDsd_TMrn-9q8H59g4MEKKQ&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDsd_TMrn-9q8H59g4MEKKQ&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDsd_TMrn-9q8H59g4MEKKQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame B773 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
de48f408866c6f7d4cbf8bb0995fe03df2ae99f2bef5d5590d64b712bb487817

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1YNN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:11 GMT
content-encoding
gzip
last-modified
Tue, 07 Feb 2023 06:27:21 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=77371
content-length
10007
expires
Wed, 08 Feb 2023 06:26:42 GMT
generic
match.adsrvr.org/track/cmf/ Frame 2776 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ebda
eb2.3lift.com/ Frame 2776
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI3MjQ0NjkzMjAxMjI4NTYwMjEzNA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 2776
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELJAWW9NDr0d93akCFWGIb8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELJAWW9NDr0d93akCFWGIb8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 07 Feb 2023 08:57:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELJAWW9NDr0d93akCFWGIb8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2776
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI3MjQ0NjkzMjAxMjI4NTYwMjEzNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI3MjQ0NjkzMjAxMjI4NTYwMjEzNA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI3MjQ0NjkzMjAxMjI4NTYwMjEzNA%3D%3D
date
Tue, 07 Feb 2023 08:57:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 2776 		0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2272446932012285602134&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:11 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: F957B6AE8C854631A02259C99BB3B298 Ref B: LTSEDGE1813 Ref C: 2023-02-07T08:57:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX0GFVc2EbfyMZENqcqAA==
xuid
eb2.3lift.com/ Frame 2776
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2272446932012285602134&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=3028f327-e339-4130-867b-be879dcc1607&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=be201fa6-bcd1-480d-a189-43032ee69875&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=be201fa6-bcd1-480d-a189-43032ee69875&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 07 Feb 2023 08:57:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
//eb2.3lift.com/xuid?mid=2409&xuid=be201fa6-bcd1-480d-a189-43032ee69875&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
date
Tue, 07 Feb 2023 08:57:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
xuid
eb2.3lift.com/ Frame 2776
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2272446932012285602134?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-TtNWIwpE2oR9BP_1DKnLiNQ444w53Sn7Aq89gy2Nwg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-TtNWIwpE2oR9BP_1DKnLiNQ444w53Sn7Aq89gy2Nwg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 07 Feb 2023 08:57:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 07 Feb 2023 08:57:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-TtNWIwpE2oR9BP_1DKnLiNQ444w53Sn7Aq89gy2Nwg--~A&dongle=0883
content-length
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 2776 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2272446932012285602134
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
c.gif
c.bing.com/ Frame 2776 		42 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2272446932012285602134&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
last-modified
Tue, 17 Jan 2023 20:36:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5E4822213ADE4BDDA7FCB7BE7085F8E9 Ref B: LON04EDGE0620 Ref C: 2023-02-07T08:57:12Z
etag
"b1c8df6cb32ad91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 2776
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=827309512431448119&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=827309512431448119&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 07 Feb 2023 08:57:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Tue, 07 Feb 2023 08:57:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
838d02b8-fad0-45af-816c-2ac5edcbf96e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=827309512431448119&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame CAC8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ebda
eb2.3lift.com/ Frame CAC8
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI3MjQ0NjkzMjAxMjI4NTYwMjEzNA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame CAC8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELJAWW9NDr0d93akCFWGIb8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELJAWW9NDr0d93akCFWGIb8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 07 Feb 2023 08:57:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELJAWW9NDr0d93akCFWGIb8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CAC8
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI3MjQ0NjkzMjAxMjI4NTYwMjEzNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI3MjQ0NjkzMjAxMjI4NTYwMjEzNA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI3MjQ0NjkzMjAxMjI4NTYwMjEzNA%3D%3D
date
Tue, 07 Feb 2023 08:57:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame CAC8 		0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2272446932012285602134&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:11 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 6E58ABBA94464609B612AF05A75C1B5E Ref B: LTSEDGE1813 Ref C: 2023-02-07T08:57:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX0GFVc9VcyCvnuMAMxNw==
xuid
eb2.3lift.com/ Frame CAC8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2272446932012285602134&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=3028f327-e339-4130-867b-be879dcc1607&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=be201fa6-bcd1-480d-a189-43032ee69875&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=be201fa6-bcd1-480d-a189-43032ee69875&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 07 Feb 2023 08:57:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
//eb2.3lift.com/xuid?mid=2409&xuid=be201fa6-bcd1-480d-a189-43032ee69875&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
date
Tue, 07 Feb 2023 08:57:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
xuid
eb2.3lift.com/ Frame CAC8
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2272446932012285602134?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-TtNWIwpE2oR9BP_1DKnLiNQ444w53Sn7Aq89gy2Nwg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-TtNWIwpE2oR9BP_1DKnLiNQ444w53Sn7Aq89gy2Nwg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 07 Feb 2023 08:57:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 07 Feb 2023 08:57:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-TtNWIwpE2oR9BP_1DKnLiNQ444w53Sn7Aq89gy2Nwg--~A&dongle=0883
content-length
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame CAC8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2272446932012285602134
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
c.gif
c.bing.com/ Frame CAC8 		42 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2272446932012285602134&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
last-modified
Tue, 17 Jan 2023 20:36:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 31CDF32CB8434BC4A9EA58DF363A85A1 Ref B: LON04EDGE0620 Ref C: 2023-02-07T08:57:12Z
etag
"b1c8df6cb32ad91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame CAC8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=827309512431448119&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=827309512431448119&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 07 Feb 2023 08:57:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Tue, 07 Feb 2023 08:57:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e288512d-5aff-48ee-a9bf-16efa39c046d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=827309512431448119&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csi
csi.gstatic.com/ Frame 9B64 		0
0
csi
csi.gstatic.com/ Frame C687 		0
0
csi
csi.gstatic.com/ Frame 4FFD 		0
0
csi
csi.gstatic.com/ Frame 2F23 		0
0
multiple-events
s-110.channelexco.com/vpx/ 		43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-110.channelexco.com/vpx/multiple-events?events=errori%2Cerrori%2Cerrori%2Cerrori%2Cerrori%2Cerrori%2Cerrori&data=mu%3A%2Cp%3A402802331%2Cv%3A1859975197%2Cdmid%3A402802331-1477682188-1371433540-1859975197%2Cen%3A21%2Cem%3Ano%20%3CAd%3E%20element%2Clr%3A1%2Ct%3A0.5%7Cmu%3A%2Cp%3A402802331%2Cv%3A421257535%2Cdmid%3A402802331-1477682188-1371433540-421257535%2Cen%3A21%2Cem%3Ano%20%3CAd%3E%20element%2Clr%3A1%2Ct%3A0.5%7Cs%3A1.6%2Cmu%3A%2Cp%3A402802331%2Cv%3A260672383%2Cdmid%3A402802331-1477682188-1371433540-260672383%2Cen%3A21%2Cem%3Ano%20%3CAd%3E%20element%2Clr%3A1%2Ct%3A0.6%7Cs%3A1.6%2Cmu%3A%2Cp%3A402802331%2Cv%3A820530290%2Cdmid%3A402802331-1477682188-1371433540-820530290%2Cen%3A21%2Cem%3Ano%20%3CAd%3E%20element%2Clr%3A1%2Ct%3A0.5%7Cs%3A1.6%2Cmu%3A%2Cp%3A402802331%2Cv%3A1220972973%2Cdmid%3A402802331-1477682188-1371433540-1220972973%2Cen%3A21%2Cem%3Ano%20%3CAd%3E%20element%2Clr%3A1%2Ct%3A0.5%7Cs%3A4.2%2Cmu%3A%2Cp%3A402802331%2Cv%3A851866206%2Cdmid%3A402802331-1477682188-1371433540-851866206%2Cen%3A10%2Cem%3AThe%20VAST%20response%20document%20is%20empty.%2Ct%3A3.0%7Cs%3A4.2%2Cmu%3A%2Cp%3A402802331%2Cv%3A1304160300%2Cdmid%3A402802331-1477682188-1371433540-1304160300%2Cen%3A10%2Cem%3AThe%20VAST%20response%20document%20is%20empty.%2Ct%3A3.1&sid=&domain=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F&se=43e712e6-cbf0-4f86-87d1-bee079a5d97e&pv=117.25&dd=www.komando.com&gpvck=v022792933__600x337______DEF__nil__347&sa=shd&s=1.5&cb=1675760231970
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.58.133.68 Alameda, United States, ASN7203 (LEASEWEB-USA-SFO, US),
Reverse DNS
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:12 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-length
43
content-type
image/gif
csi
csi.gstatic.com/ Frame 2698 		0
0
csi
csi.gstatic.com/ Frame 777A 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 71F3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56467
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 07 Feb 2023 08:57:12 GMT
expires
Wed, 08 Feb 2023 00:38:19 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6466 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56467
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 07 Feb 2023 08:57:12 GMT
expires
Wed, 08 Feb 2023 00:38:19 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame 6525 		733 B
737 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
1ee6183d2f14ef91860620dcbf9176bf3ded603c8eccb1f57f5a39d5dcfcc012

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
428
content-type
text/html
date
Tue, 07 Feb 2023 08:57:12 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
merge
ce.lijit.com/ Frame DD2A
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=3386055214060011398&gdpr=0&gdpr_consent=
43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=3386055214060011398&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Tue, 07 Feb 2023 08:57:13 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap5ams1

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Tue, 07 Feb 2023 08:57:12 GMT
location
https://ce.lijit.com/merge?pid=1&3pid=3386055214060011398&gdpr=0&gdpr_consent=
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B095 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56467
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 07 Feb 2023 08:57:12 GMT
expires
Wed, 08 Feb 2023 00:38:19 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 095C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56467
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 07 Feb 2023 08:57:12 GMT
expires
Wed, 08 Feb 2023 00:38:19 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
merge
ce.lijit.com/ Frame 249A
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=3313997620022083462&gdpr=0&gdpr_consent=
43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=3313997620022083462&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Tue, 07 Feb 2023 08:57:13 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap5ams1

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Tue, 07 Feb 2023 08:57:12 GMT
location
https://ce.lijit.com/merge?pid=1&3pid=3313997620022083462&gdpr=0&gdpr_consent=
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
cm
us-u.openx.net/w/1.0/ Frame 1585 		733 B
741 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?us_privacy=1YNN&informer=13388523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
1ee6183d2f14ef91860620dcbf9176bf3ded603c8eccb1f57f5a39d5dcfcc012

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
428
content-type
text/html
date
Tue, 07 Feb 2023 08:57:12 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.js
eus.rubiconproject.com/ Frame 9D41 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
de48f408866c6f7d4cbf8bb0995fe03df2ae99f2bef5d5590d64b712bb487817

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:12 GMT
content-encoding
gzip
last-modified
Tue, 07 Feb 2023 06:27:21 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=77370
content-length
10007
expires
Wed, 08 Feb 2023 06:26:42 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7396 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=GHa5pBZH2hb0a5YeRua0chUU&ex=sovrn.com&gdpr=0&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8XP2SV5MYWPTASJ9AW47
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 7396 		236 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=sov&ovsid=GHa5pBZH2hb0a5YeRua0chUU&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1023%263pid%3D%24%7BUSER%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-38-97.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec3a21a491af4587bee1627d1283c4ec4b36021a7e281dea2ea6e20fd827ce71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 07 Feb 2023 08:57:12 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
236
x-mnet-hl2
E
expires
Tue, 07 Feb 2023 08:57:12 GMT
merge
ce.lijit.com/ Frame 7396
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=G5uROxyawj0AnpdqHZjZMR_Nx2sAzMI5G5u5ZjmT
43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=G5uROxyawj0AnpdqHZjZMR_Nx2sAzMI5G5u5ZjmT
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=G5uROxyawj0AnpdqHZjZMR_Nx2sAzMI5G5u5ZjmT
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 7396
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=be201fa6-bcd1-480d-a189-43032ee69875&ssp=fmx&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=be201fa6-bcd1-480d-a189-43032ee69875&ssp=fmx&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
H3
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=be201fa6-bcd1-480d-a189-43032ee69875&ssp=fmx&gdpr=0&gdpr_consent=
date
Tue, 07 Feb 2023 08:57:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 7396 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
10af108baa8103fb427a2cc0433d74a0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame 7396
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=GHa5pBZH2hb0a5YeRua0chUU/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent=
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=GHa5pBZH2hb0a5YeRua0chUU/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=5001&3pid=e72d9e2bff48a074585eb286d81a16b2&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=5001&3pid=e72d9e2bff48a074585eb286d81a16b2&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:13 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ce.lijit.com/merge?pid=5001&3pid=e72d9e2bff48a074585eb286d81a16b2&gdpr=0&gdpr_consent=
cache-control
no-cache
x-server
10.45.30.38
content-length
0
expires
0
csi
csi.gstatic.com/ Frame 4FFD 		0
0
Y-ISZM-ZfDK4qRZpDs27vgAAB9cAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A9DF 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y-ISZM-ZfDK4qRZpDs27vgAAB9cAAAAB?gdpr_consent=&us_privacy=&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:3a35:c032:6d7e:7081 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame A9DF
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=827309512431448119&gdpr=0
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=827309512431448119&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 07 Feb 2023 08:57:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0c18f6d8-497b-4dfd-b526-80c7c9be50dc
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=827309512431448119&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A9DF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AATRo07HxCUAAB-hrsYcNA&expiration=1676969832&gdpr=0
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AATRo07HxCUAAB-hrsYcNA&expiration=1676969832&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AATRo07HxCUAAB-hrsYcNA&expiration=1676969832&gdpr=0
Date
Tue, 07 Feb 2023 08:57:12 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame A9DF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=0
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=0&_test=Y_ISaAAAA-7kPgAh
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_ISaAAAA-7kPgAh&gdpr=0&_test=Y_ISaAAAA-7kPgAh
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_ISaAAAA-7kPgAh&gdpr=0&_test=Y_ISaAAAA-7kPgAh
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-lcy-eglc8600046-LCY
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:13 GMT
via
1.1 varnish
server
Varnish
x-timer
S1675760233.110321,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_ISaAAAA-7kPgAh&gdpr=0&_test=Y_ISaAAAA-7kPgAh
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
generic
match.adsrvr.org/track/cmf/ Frame A9DF
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Y.ISZM.ZfDK4qRZpDs27vgAA%262007&gdpr_consent=&us_privacy=&gdpr=0
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=b439fbe8f6f2d3a5ff975beeb8cff842&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l1e30_7197335392378338193&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1675760233032075-407
Expires
Tue, 07 Feb 2023 08:57:13 GMT
tp_out
d.adroll.com/cm/index/ Frame A9DF 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:8000:e806:9e7:1bec Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:12 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum.casalemedia.com/ Frame A9DF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=0
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=827309512431448119&gdpr=0
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=827309512431448119&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bl%2FIQeV1mfVIHqNMmiCDSfWgGcqxkwlX8%2B5Atjq88h8Ugc54TD8s%2Fpdz7uOp3mYwZu51QYDUCx2WXrdbfF2pxrMF%2Bd2G%2BvLI2sEs%2FD47G%2FM9p7nkGJS0%2BYXjAeoQ49%2F1hbSyLNF%2F"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
795aeaab4fcb889d-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Tue, 07 Feb 2023 08:57:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
22f73ddc-49e5-401f-b67c-0cca6f6cad6b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=827309512431448119&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A9DF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d54063e2-1268-4900-b503-7db97c0c3b64&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d54063e2-1268-4900-b503-7db97c0c3b64&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 07 Feb 2023 08:57:12 GMT
Server
MT3 441 9053ffc master cdg-pixel-x29 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d54063e2-1268-4900-b503-7db97c0c3b64&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 07 Feb 2023 08:57:11 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A9DF 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?gdpr=0&ex=index.com&id=Y-ISZM-ZfDK4qRZpDs27vgAAB9cAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SBVV4TJJSCB6QS2H75GM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2698 		0
0
csi
csi.gstatic.com/ Frame 777A 		0
0
areq
a.channelexco.com/ 		0
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.channelexco.com/areq?sid=&domain=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F&se=43e712e6-cbf0-4f86-87d1-bee079a5d97e&pv=117.25&dd=www.komando.com&gpvck=v022792933__600x337______DEF__nil__347&sa=shd&dmid1=402802331-1477682188-1371433540-1859975197&dmid2=402802331-1477682188-1371433540-421257535&dmid3=402802331-1477682188-1371433540-260672383&dmid4=402802331-1477682188-1371433540-820530290&dmid5=402802331-1477682188-1371433540-1220972973&dmid6=402802331-1477682188-1371433540-851866206&dmid7=402802331-1477682188-1371433540-1304160300&dmid8=402802331-1477682188-1371433540-1327273929&dmid9=402802331-1477682188-1371433540-1776545283&dmid10=402802331-1477682188-1371433540-310738687&cb=1675760232067
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.147.67 Dallas, United States, ASN394380 (LEASEWEB-USA-DAL, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:12 GMT
cache-control
no-cache
server
openresty
expires
Tue, 07 Feb 2023 08:57:11 GMT
events
e.channelexco.com/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://e.channelexco.com/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.82.15.162 The Colony, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=3a274185-f47e-46f3-b399-e7925773cdc6-tuctadb97e3&uad=074ebd77d21c7159a2340309b5b4b21461361d6efb74e8e4152d002fd3ce186c&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Feb 2023 08:57:12 GMT
cache-control
no-store
server
nginx
async_usersync
ib.adnxs.com/ Frame 3DF4 		0
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:12 GMT
AN-X-Request-Uuid
9400e99b-7943-40a0-8a7d-8a08d3c6e55e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7EB9 		0
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:12 GMT
AN-X-Request-Uuid
0940cc38-b3de-48e9-b023-0f1e1388e792
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1675728771/ 		84 KB
85 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1675728771/landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.92.63 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-92-63.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
6d4947fe79f9aaa1ea4fc61935fa5475c71d19e327d91c2551d19f4d8caa34fe

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range
bytes=42112-128403

Response headers

Date
Tue, 07 Feb 2023 08:57:12 GMT
Cache-Tag
231147416428314524124108814617397708134,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 42112-128403/723612
Connection
keep-alive
Content-Length
86292
X-Served-By
cache-iad-kiad7000117-IAD
Last-Modified
Tue, 07 Feb 2023 00:12:55 GMT
Server
cloudinary
X-Timer
S1675734196.546514,VS0,VE7
ETag
"84468a0a448046d12025f65c28ba98cc"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31531535
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
events
prd-collector-anon.ex.co/main/ 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.174.12 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-174-12.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.komando.com
date
Tue, 07 Feb 2023 08:57:12 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
events
prd-collector-anon.ex.co/main/ 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.174.12 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-174-12.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.komando.com
date
Tue, 07 Feb 2023 08:57:12 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 9D41 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&gdpr=0&gdpr=0&khaos=LDU0DFGQ-1N-E132
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-LoopMe_n-MediaNet_ox-db5_cnv_n-inmobi_n-amobee_n-sharethrough_pm-db5_rbd_n-nativo_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
s2s.t13.io/
Redirect Chain
  • https://ad.turn.com/r/cs?pid=56
  • https://s2s.t13.io/setuid?bidder=amobee&gdpr=&gdpr_consent=&us_privacy=&uid=2732890162731889582
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=amobee&gdpr=&gdpr_consent=&us_privacy=&uid=2732890162731889582
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

location
https://s2s.t13.io/setuid?bidder=amobee&gdpr=&gdpr_consent=&us_privacy=&uid=2732890162731889582
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
prebid-match.dotomi.com/match/bounce/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26networkId%3D72582%26version%3D1%26f%3Di%26uid%3D
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
sync
ssbsync-global.smartadserver.com/api/ 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=&gdpr_consent=&us_privacy=1YNN&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Di%26uid%3D%5Bssb_sync_pid%5D
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:12 GMT
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame DADC 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsteDp21tjLkvmwwEM3eA4R2nJjibpiJcxC34OVY5HH1qba0OFKs3-0Ipxr3jvk4chMMV8WMDFDBFdTWv_oo4l-a8oZCyd5KFb361uNW9WUQ2fyohIPF&sig=Cg0ArKJSzHIeSSVRli-wEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3163003723&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675760230212&rpt=1364&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AB70 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMZpgfBcqt6iHTVY-f2RCavEkpdrSMZ6OmsdCaZlnknKrzxoCOmmstlUUE0puUdwWLe2nHN21gnNX4dLLEFchqGYz6Dnz4OPi4NrnX2Fu1O1CUq4S0&sig=Cg0ArKJSzM9yr8rE7smNEAE&id=lidar2&mcvt=1000&p=887,436,977,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230201&bin=7&avms=nio&bs=1600,1200&mc=0.91&vu=1&app=0&itpl=3&adk=2320392318&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675760230436&rpt=1194&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame ED40 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGBv8IgXvtvM_xGpGwHZcjotiPV8SeujWIsjDCl--qLF0fNPoRYQQNJhzPTOWaShdo3sdlpEBhj2nSTXQfFpgWIlrqW7BiLfwxnma6_PeLDWRUAA33&sig=Cg0ArKJSzLUlX2VlC2gcEAE&id=lidar2&mcvt=1003&p=1057,1080,1307,1380&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&v=20230201&bin=7&avms=nio&bs=1600,1200&mc=0.57&vu=1&app=0&itpl=3&adk=1749413588&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675760230455&rpt=1228&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 1585 		43 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=79fddb1e-b8ee-4836-8d83-1350ccd9e678
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
81d4639a-c2f6-e072-fbe8-b3034b3f1463
pr-bh.ybp.yahoo.com/sync/openx/ Frame 1585 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/81d4639a-c2f6-e072-fbe8-b3034b3f1463?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:3a35:c032:6d7e:7081 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
eu-u.openx.net/w/1.0/ Frame 1585
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Cer6myRP1PpjMR5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Cer6myRP1PpjMR5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:13 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/d601d38#rel-ec2-master i-05a89a035fd5ddeba@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Cer6myRP1PpjMR5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 1585
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=3028f327-e339-4130-867b-be879dcc1607&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=be201fa6-bcd1-480d-a189-43032ee69875&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=be201fa6-bcd1-480d-a189-43032ee69875&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:13 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=be201fa6-bcd1-480d-a189-43032ee69875&gdpr=&gdpr_consent=&us_privacy=
date
Tue, 07 Feb 2023 08:57:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
eu-u.openx.net/w/1.0/ Frame 1585
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=827309512431448119
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=827309512431448119
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:13 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 07 Feb 2023 08:57:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5eb3d2d8-8b2d-4905-85d5-09536c2da34f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=827309512431448119
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ox
match.prod.bidr.io/cookie-sync/ Frame 1585 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ox
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.255.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-255-163.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:12 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 1585
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f28363e2-1269-4c00-a9ab-0a25e9006deb
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f28363e2-1269-4c00-a9ab-0a25e9006deb
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:13 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 07 Feb 2023 08:57:13 GMT
Server
MT3 441 9053ffc master cdg-pixel-x34 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f28363e2-1269-4c00-a9ab-0a25e9006deb
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 07 Feb 2023 08:57:12 GMT
merge
ce.lijit.com/ Frame 6525 		43 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=79fddb1e-b8ee-4836-8d83-1350ccd9e678
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
81d4639a-c2f6-e072-fbe8-b3034b3f1463
pr-bh.ybp.yahoo.com/sync/openx/ Frame 6525 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/81d4639a-c2f6-e072-fbe8-b3034b3f1463?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:3a35:c032:6d7e:7081 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
eu-u.openx.net/w/1.0/ Frame 6525
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Cer6myRP1PpjMR5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Cer6myRP1PpjMR5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:13 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:13 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/d601d38#rel-ec2-master i-080788359912fe49e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Cer6myRP1PpjMR5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6525
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=openx
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=-PT5Am9_QLh4tHwQjQoX3AW7FWY&user_group=1&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=be201fa6-bcd1-480d-a189-43032ee69875&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=be201fa6-bcd1-480d-a189-43032ee69875&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:13 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=be201fa6-bcd1-480d-a189-43032ee69875&gdpr=&gdpr_consent=&us_privacy=
date
Tue, 07 Feb 2023 08:57:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
eu-u.openx.net/w/1.0/ Frame 6525
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=827309512431448119
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=827309512431448119
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:13 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 07 Feb 2023 08:57:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4c4e756e-07dd-47c5-8521-340a4b9be83f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=827309512431448119
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ox
match.prod.bidr.io/cookie-sync/ Frame 6525 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ox
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.255.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-255-163.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 07 Feb 2023 08:57:12 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 6525
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=28f563e2-1269-4e00-b4a5-308058b4ad1a
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=28f563e2-1269-4e00-b4a5-308058b4ad1a
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:13 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 07 Feb 2023 08:57:13 GMT
Server
MT3 441 9053ffc master cdg-pixel-x27 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=28f563e2-1269-4e00-b4a5-308058b4ad1a
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 07 Feb 2023 08:57:12 GMT
pbsync
ads.yieldmo.com/ 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1YNN&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNN%26f%3Di%26uid%3D%24UID
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.103.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-103-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:13 GMT
landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.m3u8
mcd.ex.co/video/upload/c_limit,w_480,h_360,vc_h264:baseline:3.0,br_800k/v1675728771/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_480,h_360,vc_h264:baseline:3.0,br_800k/v1675728771/landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.m3u8
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.92.63 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-92-63.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
1c47a29574d9a82b1b3ba0651cbdfc2058fe233ca0c3c31c4e30ee3f0dfb43e5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 08:57:13 GMT
Cache-Tag
231147416428314524124108814617397708134,209424763145246809836932852728159581700,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1226
X-Served-By
cache-iad-kiad7000124-IAD
Last-Modified
Tue, 07 Feb 2023 00:12:56 GMT
Server
cloudinary
X-Timer
S1675733466.739542,VS0,VE1
ETag
"da85dac8854996ccbc49bf5ad6281f76"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31530766
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.ts
mcd.ex.co/video/upload/c_limit,w_480,h_360,vc_h264:baseline:3.0,br_800k/v1675728771/ 		114 KB
115 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_480,h_360,vc_h264:baseline:3.0,br_800k/v1675728771/landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.92.63 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-92-63.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
01c3af337465d189452ebe7ecf94fc7488ec259f8984150aaf6710b5db458717

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range
bytes=205672-322795

Response headers

Date
Tue, 07 Feb 2023 08:57:13 GMT
Cache-Tag
231147416428314524124108814617397708134,209424763145246809836932852728159581700,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 205672-322795/1211848
Connection
keep-alive
Content-Length
117124
X-Served-By
cache-iad-kiad7000124-IAD
Last-Modified
Tue, 07 Feb 2023 00:12:56 GMT
Server
cloudinary
X-Timer
S1675733466.893190,VS0,VE2
ETag
"e656a26b3bdc384a0a7e3731a731619d"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31530705
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.m3u8
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1675728771/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1675728771/landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.m3u8
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.92.63 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-92-63.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
d6e83f57d3aa70474606e050b6671b11b07dc1d87b4ede5827fdbeff42f996ec

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 08:57:13 GMT
Cache-Tag
231147416428314524124108814617397708134,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1230
X-Served-By
cache-iad-kiad7000124-IAD
Last-Modified
Tue, 07 Feb 2023 00:13:01 GMT
Server
cloudinary
X-Timer
S1675733405.100685,VS0,VE2
ETag
"bcb039cc6653954750fa4cb0713742ca"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31530781
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1675728771/ 		203 KB
204 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1675728771/landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.92.63 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-92-63.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
7ad2bc66df2491dc7cab0cfdf345640bdeaef18e1afeec2c911b61b34c38eb68

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range
bytes=469812-677739

Response headers

Date
Tue, 07 Feb 2023 08:57:13 GMT
Cache-Tag
231147416428314524124108814617397708134,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 469812-677739/1748400
Connection
keep-alive
Content-Length
207928
X-Served-By
cache-lga21977-LGA
Last-Modified
Tue, 07 Feb 2023 00:13:01 GMT
Server
cloudinary
X-Timer
S1675733405.361643,VS0,VE1
ETag
"d86731d6c8da15d40a46c312cd4a6f7d"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31530853
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
v1
match.sharethrough.com/universal/ Frame 989D 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.94.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-94-204.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:57:13 GMT
generic
match.adsrvr.org/track/cmf/ Frame 989D
Redirect Chain
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-c9d9xYWjIPgvvvNc2wMupGPjSxScmJdgTqYBixyIsA&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_...
  • https://id5-sync.com/c/102/102/8/2.gif?puid=7396329761718876590&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AATRo07HxCUAAB-hrsYcNA
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Tue, 07 Feb 2023 08:57:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
pixel
cm.g.doubleclick.net/ Frame 989D
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NzM5NjMyOTc2MTcxODg3NjU5MA==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NzM5NjMyOTc2MTcxODg3NjU5MA==&gdpr=0&gdpr_consent=
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NzM5NjMyOTc2MTcxODg3NjU5MA==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:13 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
711890.gif
id.rlcdn.com/ Frame 989D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
/
rtb-csync.smartadserver.com/redir/ Frame 989D
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=e7d9888b-b1e7-421d-8e2c-267f36f45b20&gdpr_consent=null&gdpr=0
43 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=e7d9888b-b1e7-421d-8e2c-267f36f45b20&gdpr_consent=null&gdpr=0
Requested by
Host: www.komando.com
URL: https://www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/?fbclid=IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
Protocol
HTTP/1.1
Server
185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.komando.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Feb 2023 08:57:13 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=e7d9888b-b1e7-421d-8e2c-267f36f45b20&gdpr_consent=null&gdpr=0
date
Tue, 07 Feb 2023 08:57:13 GMT
server
_
content-length
0
landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1675728771/ 		168 KB
169 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1675728771/landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.92.63 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-92-63.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
28f21561aab3607a7777cc0427204595e19151464732c1bffacb7af6a8699af7

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range
bytes=677740-850135

Response headers

Date
Tue, 07 Feb 2023 08:57:13 GMT
Cache-Tag
231147416428314524124108814617397708134,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 677740-850135/1748400
Connection
keep-alive
Content-Length
172396
X-Served-By
cache-lga21977-LGA
Last-Modified
Tue, 07 Feb 2023 00:13:01 GMT
Server
cloudinary
X-Timer
S1675733405.361643,VS0,VE1
ETag
"d86731d6c8da15d40a46c312cd4a6f7d"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31530853
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
pbjs
htlb.casalemedia.com/openrtb/ Frame 989D 		35 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=624104&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2291dd99b6be795%22%2C%22site%22%3A%7B%22ref%22%3A%22%22%2C%22page%22%3A%22https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%22%2C%22domain%22%3A%22%22%2C%22content%22%3A%7B%22id%22%3A%22315c0b98-4f18-4644-910f-a9c248fb6c28%22%2C%22title%22%3A%22Trending%20Now%20on%20Komando%22%2C%22url%22%3A%22https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_sd%2Fv1490095101%2Flandscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.m3u8%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.2.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F%22%2C%22tmax%22%3A3000%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221036d8ce2f4407e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22624104%22%2C%22sid%22%3A%22360x202%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B360%2C202%5D%5D%2C%22api%22%3A%5B1%2C2%2C7%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22playbackmethod%22%3A%5B2%5D%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22minduration%22%3A1%2C%22startdelay%22%3A0%2C%22maxduration%22%3A60%2C%22skip%22%3A0%2C%22w%22%3A360%2C%22h%22%3A202%7D%2C%22bidfloor%22%3A2.5%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22playbuzz.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%220016M00002LRAT1QAP%22%7D%5D%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*j9-ifyljZWYUyXi1sD3FaEiFJQ34el7RjKhgR2f6TvY4bql0e0iPeIWZGKz4J0kH%22%2C%22ext%22%3A%7B%22linkType%22%3A2%2C%22abTestingControlGroup%22%3Afalse%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e41d1296-8ee0-4263-aa88-25aae91678f6%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221YNN%22%7D%7D%7D
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/prebid/pb-7.2.21.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d80f5f881e23bb61bd8a60f36f198e0c2d66742fc2b441bb400aac069940543f

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5npID%2BbHR256PdAcF%2FXGDaJeDl4Nky3RcuzPMoRbEPsSDcp7MdxIEWAXWgCYPeYsYAo%2BrHlcZ8mkeDMri7PSDprLGTcldMUjl4FlZS3NMVlFZrCndwHp%2FE%2FTqR3xHwIgyFB0q7v"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.komando.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
795aeab54aae2401-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
expires
0
translator
hbopenbid.pubmatic.com/ Frame 989D 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/prebid/pb-7.2.21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.komando.com
date
Tue, 07 Feb 2023 08:57:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
avjp
playbuzzltd-d.openx.net/v/1.0/ Frame 989D 		106 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://playbuzzltd-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.komando.com%2Ftech-tips%2Fsigns-your-phone-or-computer-is-infected-with-a-virus-or-keylogger%2F456930%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2c4ce9e8-a7c2-46c2-b334-94110efdc787&nocache=1675760233796&gdpr=0&us_privacy=1YNN&id5id=ID5*j9-ifyljZWYUyXi1sD3FaEiFJQ34el7RjKhgR2f6TvY4bql0e0iPeIWZGKz4J0kH&pubcid=141b9cc1-127c-4cf8-9351-647754a4ad81&schain=1.0%2C1!playbuzz.com%2C0016M00002LRAT1QAP%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A360%2C%22h%22%3A202%2C%22api%22%3A%5B1%2C2%2C7%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22playbackmethod%22%3A%5B2%5D%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22minduration%22%3A1%2C%22startdelay%22%3A0%2C%22maxduration%22%3A60%7D%7D%5D%7D&auid=557057725&vwd=360&vht=202&aumfs=2500
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/prebid/pb-7.2.21.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:13 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.komando.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 989D 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/prebid/pb-7.2.21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
037cfdee59c7cf2baa980f40924c8a2de5ffa598a4fcba8013ec3f02edc2e3ee

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:13 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.komando.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1675728771/ 		199 KB
200 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1675728771/landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.92.63 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-92-63.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
ab6951376534176079d382ad91b5cd821b226b7939954a71dbc07ef2f5c6292a

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range
bytes=850136-1053927

Response headers

Date
Tue, 07 Feb 2023 08:57:13 GMT
Cache-Tag
231147416428314524124108814617397708134,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 850136-1053927/1748400
Connection
keep-alive
Content-Length
203792
X-Served-By
cache-lga21977-LGA
Last-Modified
Tue, 07 Feb 2023 00:13:01 GMT
Server
cloudinary
X-Timer
S1675733405.361643,VS0,VE1
ETag
"d86731d6c8da15d40a46c312cd4a6f7d"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31530853
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
events
prd-collector-anon.ex.co/main/ 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.174.12 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-174-12.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.komando.com
date
Tue, 07 Feb 2023 08:57:14 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
events
pe.ex.co/ 		0
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pe.ex.co/events?v=2
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.189.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-189-113.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 07 Feb 2023 08:57:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, PUT, DELETE
access-control-allow-origin
*
access-control-max-age
600
access-control-allow-headers
Accept, Authorization, Content-Type
content-length
0
landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1675728771/ 		203 KB
203 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1675728771/landscape315c0b98-4f18-4644-910f-a9c248fb6c28_1675728703646.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.92.63 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-92-63.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
df460454aa3d0e187cd1caa4e17bb1455fc9b4be42da495d629ad6510ee6f7fd

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range
bytes=1053928-1261479

Response headers

Date
Tue, 07 Feb 2023 08:57:16 GMT
Cache-Tag
231147416428314524124108814617397708134,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 1053928-1261479/1748400
Connection
keep-alive
Content-Length
207552
X-Served-By
cache-lga21977-LGA
Last-Modified
Tue, 07 Feb 2023 00:13:01 GMT
Server
cloudinary
X-Timer
S1675733405.361643,VS0,VE1
ETag
"d86731d6c8da15d40a46c312cd4a6f7d"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31530850
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
events
prd-collector-anon.ex.co/main/ 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.174.12 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-174-12.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.komando.com
date
Tue, 07 Feb 2023 08:57:16 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
events
e.channelexco.com/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://e.channelexco.com/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/7e725acd-c78b-4d57-bc80-749a46cf1f09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.82.15.162 The Colony, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.komando.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 08:57:16 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ldu0dgo0&c=6550566686703&slotId=3275283343351.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ldu0dgm7&c=6550566686703&slotId=3275283343351.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ldu0dgrc&c=6550566686703&slotId=3275283343351.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
aorta.clickagy.com
URL
https://aorta.clickagy.com/pixel.gif?ch=185&cm=GHa5pBZH2hb0a5YeRua0chUU&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ldu0di8c&c=6550566686703&slotId=3275283343351.5&uet=2&ghmsh_eids=44748969%2C44765701%2C44770824%2C44777649
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ldu0di8g&c=6550566686703&slotId=3275283343351.5&uet=2&ghmsh_eids=44748969%2C44765701%2C44770824%2C44777649
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ldu0dgq4&c=6550566686703&slotId=3275283343351.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ldu0di98&c=6550566686703&slotId=3275283343351.5&uet=2&ghmsh_eids=44748969%2C44765701%2C44770824%2C44777649
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ldu0dgk7&c=6550566686703&slotId=3275283343351.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ldu0dgz1&c=6550566686703&slotId=3275283343351.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ldu0dicf&c=6550566686703&slotId=3275283343351.5&uet=2&ghmsh_eids=44748969%2C44765701%2C44770824%2C44777649
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ldu0dicq&c=6550566686703&slotId=3275283343351.5&uet=2&ghmsh_eids=44748969%2C44765701%2C44770824%2C44777649
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ldu0dicv&c=6550566686703&slotId=3275283343351.5&uet=2&ghmsh_eids=44748969%2C44765701%2C44770824%2C44777649

Verdicts & Comments Add Verdict or Comment

281 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| oncontentvisibilityautostatechange function| _typeof function| __tcfapi function| __uspapi object| _sp_queue object| _sp_ function| e function| t object| marfeel function| admiral object| googletag object| dataLayer number| k3ModalDisplayBreakpoint object| webpackChunk_marfeel_marfeel_sdk object| tp object| _sp_wp_jsonp object| m101Widget function| observeDom function| init undefined| $ function| jQuery object| ceggPriceAlert object| userSettings object| wpCookies function| getUserSetting function| setUserSetting function| deleteUserSetting function| getAllUserSettings string| k3ListsCookieName object| freestar object| _taboola object| m101 boolean| mtz101Loaded function| extend object| config function| isSkimlinks function| widegetURL function| inText function| shoppingWidget function| priceComparison function| shoppingGallery object| lazySizesConfig object| WPCOM_sharing_counts object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wp function| sprintf function| vsprintf object| Komando object| komandoLoadMore object| personalizationSettings object| newContentNotificationSettings object| customModals object| lazySizes object| formSubscribeOptions object| newsletterTopics function| setupSubscribeForm function| modalCheck function| postGateHandler function| loadModalListeners function| getFormCheckboxes function| refactorFormForSecondary function| resetLists function| getSignedUpFor function| userDataUpdate function| setCookie function| getCookie object| sharing_js_options object| WPCOMSharing undefined| windowOpen object| _stq object| firebase object| firebaseConfig function| st_go function| linktracker_init object| wpcom function| 4dm1r11545242527 object| STREAM_CONFIGS string| STREAM_ID object| __EXCO string| __EXCO_INTEGRATION_TYPE object| wpJsonpExCoStreamSdk object| CEDATO_TAG object| ID5 object| CEDATO_API string| pbPageIdentifier object| CEDATO_INIT object| TRC object| _tblConsole undefined| msg string| pm_pgtp object| _comscore object| fsdata object| fsprebid object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| onYouTubeIframeAPIReady number| j object| __mrfCompass boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL object| COMSCORE function| udm_ object| ns_p function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl function| load_script object| confiant string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| google_optimize boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| gaGlobal object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT object| _pmk function| TBWidgetFacebook function| TBWidgetTwitter function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Bi object| _pm_mcg object| fsprebidChunk object| _pbjsGlobals object| mnet object| ggeac object| google_js_reporting_queue object| gaplugins object| gaData object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl boolean| __bt_already_invoked object| __bt number| taboola_view_id undefined| google_measure_js_timing object| apstag object| _qevents function| quantserve function| __qc object| ezt object| _qoptions string| nam object| placementData boolean| apstagLOADED object| apscustom boolean| creativeVendorLibraryLoaded object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| closure_lm_175790 function| processGoogleToken object| googleToken object| googleIMState number| google_unique_id function| Hls object| PublisherCommonId object| closure_lm_592008 object| __uid2SecureSignalProvider object| __uid2 object| pbjs object| ox_esp

170 Cookies

Domain/Path Name / Value
www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930 Name: exco-uid
Value: 6xk84zcedmgaj5wr
.3lift.com/sync Name: sync
Value: CgoIoQEQ38rf2OIwCgoIgQIQ38rf2OIwCgoI4gEQ38rf2OIwCgoI5gEQ38rf2OIwCgoIhwIQ38rf2OIwCgkICRDfyt_Y4jAKCQg6EN_K39jiMAoKCIwCEN_K39jiMAoJCF8Q38rf2OIwCgkIHxDfyt_Y4jA=
www.komando.com/ Name: k3ModalInserters
Value: %7B%2215940550964%22%3A%222023-02-14%2008%3A53%3A50%22%2C%22generalExpiration%22%3A%222023-02-10%2008%3A53%3A50%22%7D
www.komando.com/ Name: k3FormInserters
Value: %7B%2215940512960%22%3A%222023-02-14+08%3A53%3A50%22%2C%22generalExpiration%22%3A%222023-02-10+08%3A53%3A50%22%7D
www.komando.com/ Name: fs.bot.check
Value: true
.pub.network/ Name: _fsuid
Value: a6b8cf05-da66-48f2-b75c-223bb5bce891
.komando.com/ Name: dnsDisplayed
Value: undefined
.komando.com/ Name: ccpaApplies
Value: true
.komando.com/ Name: signedLspa
Value: undefined
.komando.com/ Name: _sp_su
Value: false
.komando.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1675760226%2C%22currentVisitStarted%22%3A1675760226%2C%22sessionId%22%3A%229b6b4d66-5640-4637-b0a6-9dcdee3885b7%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA%22%2C%22referrer%22%3A%22%22%7D
.komando.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1675760226%2C%22userId%22%3A%2244257886-e996-4297-9110-939303fae634%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1675760226%2C%22timesVisited%22%3A1%7D
.komando.com/ Name: compass_uid
Value: 44257886-e996-4297-9110-939303fae634
.scorecardresearch.com/ Name: UID
Value: 13467651769d8a12236fe0d1675760226
events.newsroom.bi/ Name: 1718_u
Value: 44257886-e996-4297-9110-939303fae634
events.newsroom.bi/ Name: 1718_s
Value: 9b6b4d66-5640-4637-b0a6-9dcdee3885b7
events.newsroom.bi/ Name: 1718_lv
Value: null
events.newsroom.bi/ Name: 1718_ut
Value: 0
www.komando.com/ Name: fs.session.id
Value: 98aa5147-e605-493c-adec-c647d9f670af
.komando.com/ Name: _ga_KQ59L32B98
Value: GS1.1.1675760226.1.0.1675760226.0.0.0
.komando.com/ Name: _fbc
Value: fb.1.1675760227022.IwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
.komando.com/ Name: _fbp
Value: fb.1.1675760227025.413428420
.komando.com/ Name: _awl
Value: 2.1675760226.5-ddbfa2f2e1f5d8129604c3cf46f2b02d-6763652d6575726f70652d7765737431-0
.komando.com/ Name: FPLC
Value: 0SBj7APO%2Bam39%2BO3WdVSjY7w9CbwJocgTALM62EqLIsjTpOTeU7ZJ3qRHZnkiIQdYc75mfAKqJOw1ZpOzgITzSCV4RjRIQ6oKOGvrs2w9APhBrQkyDhJP1tKvBdvXw%3D%3D
.komando.com/ Name: FPID
Value: FPID2.2.LE0Shoa6D6qVF7kF7k7Bspt3ZGEU7QsXj7R18eniwsA%3D.1675760227
www.komando.com/ Name: _tb_sess_r
Value:
www.komando.com/ Name: _tb_t_ppg
Value: https%3A//www.komando.com/tech-tips/signs-your-phone-or-computer-is-infected-with-a-virus-or-keylogger/456930/%3Ffbclid%3DIwAR1WdV-kqI4yJWhBhp8QisEOE5NLjlRVy5dHsBb5NcsM3p1bl9k45xNS0hA
.channelexco.com/ Name: cedsess
Value: de516f26-165d-4881-9cfe-b5cfc903fcdb
.komando.com/ Name: cebs
Value: 1
.komando.com/ Name: _ce.s
Value: v~c7eebe2488344c9d45961074e84f23734855cfd9~vpv~0
.komando.com/ Name: _admrla
Value: 2.2-80644dbb8f3041ea-6623e5ec-a6c5-11ed-ad2a-54f53c778d93
.komando.com/ Name: _ga
Value: GA1.2.1063574874.1675760227
.komando.com/ Name: _gid
Value: GA1.2.926592009.1675760228
.komando.com/ Name: _gat_UA-230639-2
Value: 1
.komando.com/ Name: _ce.clock_event
Value: 1
www.komando.com/ Name: _fs-test
Value: {"id":"42578937-7673-4757-b451-9648a8dcb533","split":0.5,"percentageOfTraffic":1,"expiry":1675839599000,"items":["https://a.pub.network/komando-com/pubfig.min.js","https://a.pub.network/komando-com/ab_test/f688ed40-e0a5-4ff3-bf28-62d818f461dd/pubfig.min.js"],"selection":"https://a.pub.network/komando-com/ab_test/f688ed40-e0a5-4ff3-bf28-62d818f461dd/pubfig.min.js"}
.komando.com/ Name: _ce.clock_data
Value: 59%2C5.187.21.102
.komando.com/ Name: cebsp
Value: 1
.rubiconproject.com/ Name: khaos
Value: LDU0DFGQ-1N-E132
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EjJwFgxJIS9GqJvvWgC/Qcxgndhc+y7+ZA5P1qXGeqpr7f3U9SVLXalTe6941fdfDWt82A+U7zOoMxuhZpbWKLt+/AMC2wiya8=
www.komando.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D3a274185-f47e-46f3-b399-e7925773cdc6-tuctadb97e3
.quantserve.com/ Name: mc
Value: 63e21264-6cc00-82e3b-d6063
.lijit.com/ Name: ljt_reader
Value: GHa5pBZH2hb0a5YeRua0chUU
.sharethrough.com/ Name: stx_user_id
Value: f36ec082-32b9-4195-9bfe-31a313b78e86
.komando.com/ Name: __qca
Value: P0-307769808-1675760228224
.omnitagjs.com/ Name: ayl_visitor
Value: 10423f93e6ccecbae2bf7d8b2c0f6526
.3lift.com/ Name: tluid
Value: 2272446932012285602134
.casalemedia.com/ Name: CMID
Value: Y.ISZM.ZfDK4qRZpDs27vgAA
.casalemedia.com/ Name: CMPS
Value: 2007
.casalemedia.com/ Name: CMPRO
Value: 2007
.creativecdn.com/ Name: u
Value: grcaNIDtjzV7lYLAp5sK
.creativecdn.com/ Name: ts
Value: 1675760228
.smartadserver.com/ Name: pid
Value: 7396329761718876590
.adnxs.com/ Name: uuid2
Value: 827309512431448119
.e-volution.ai/ Name: v_usr
Value: 6bf25c91-c93c-444c-bcec-1fd1167e778f
.bidswitch.net/ Name: c
Value: 1675760228
.bidswitch.net/ Name: tuuid
Value: be201fa6-bcd1-480d-a189-43032ee69875
.prnewswire.com/ Name: __cf_bm
Value: RAUT45Gln0sj21NPhyfiGfyLsgSozcRUDyQ.gAOxAT8-1675760229-0-Ad2wnIzVnorKPGxpCbX6OpY6esglM1d3pxgnS9Fus6rfdgQONdIRWURoj0TxUqV59N2Mc16Sdqb8QFuUW4UzAng=
.bidswitch.net/ Name: tuuid_lu
Value: 1675760229
.bidr.io/ Name: bito
Value: AATRo07HxCUAAB-hrsYcNA
.bidr.io/ Name: bitoIsSecure
Value: ok
.adotmob.com/ Name: uid
Value: 08b42204020ea2dc9467ac4c
.adotmob.com/ Name: uuid
Value: 08b42204020ea2dc9467ac4c
.adotmob.com/ Name: partners
Value: AYL%3A1675760229391
.tidaltv.com/ Name: tidal_ttid
Value: ebf6e778-689d-45ea-8ac6-7b4c59e346ed
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 4670916618109018858
.doubleclick.net/ Name: IDE
Value: AHWqTUkGuouxQ-tfmaTIqvH27Niy_wJwRhGIq_ow2teCMmNChLNXZz4WqcUOwV0r0fI
.openx.net/ Name: i
Value: c6bf3a87-fbdd-4dcc-90e9-6d1ed04fead7|1675760229
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NrYwszI0NgMAQ4QsCgkAAAA="
.admixer.net/ Name: am-uid
Value: f31693b3f1b54cb1aaa8e3cfa6e14099
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.adgrx.com/ Name: ADGRX_UID
Value: 67cccad2-a6c5-11ed-a258-2ccbc8064eef
.ads.stickyadstv.com/ Name: UID
Value: b439fbe8f6f2d3a5ff975beeb8cff842
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 860cce07-f64e-5226-9781-b95ff463ab3a
.betweendigital.com/ Name: ss
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f8f4f902-6f7f-40b8-78b4-7c108d0a17dc.2LOwNGN%2BqOlEsjqaR6RdhiU7NyNiTi0I2rKCfFYsepQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A-PT5Am9_QLh4tHwQjQoX3AW7FWY.aJ8EOMGu7v9dkD2qaPLVLClBWnl%2FhFx2D1s5iaV99PM
.spotim.market/ Name: vmuid
Value: bb3355bd6d59a692
.emxdgt.com/ Name: euid
Value: 57491675760229932974f1
www.komando.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.spotim.market/ Name: a644680
Value: 2272446932012285602134
.spotim.market/ Name: a271858
Value: 827309512431448119
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.betweendigital.com/ Name: ut
Value: Y-ISZgAEPfB5wHu_qWHmf4FsHLFOnExVz41SSg==
.smadex.com/ Name: smxtrack
Value: 250209e7-da98-4f25-b629-0447840758b0
.smadex.com/ Name: smxbds
Value: 1
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8a302368-9057-4ff5-927b-e618376766bd-003%22%7D
.komando.com/ Name: __gads
Value: ID=59ff0f588ee0f02c:T=1675760229:S=ALNI_MYsbIz0-X0jOmSHvLx5a0uvMsnaXQ
.komando.com/ Name: __gpi
Value: UID=00000bb13cc526fe:T=1675760229:RT=1675760229:S=ALNI_Mbe8kL44R9D7ODTJ566TbcL3u4WsA
.amazon-adsystem.com/ Name: ad-id
Value: A1MseZhRy0CbuIEbHMjEp6Q
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.smartadserver.com/ Name: vs
Value: 342899=5312697
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1500007100%3B%24ql%3DUnknown%3B%24qpc%3Dse1%3B%24qt%3D78_2531_70260t%3B%24dma%3D0&c=1&l=-1013026256&lo=-906521368&lt=638113570304244400&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1500007100%3B%24ql%3DUnknown%3B%24qpc%3Dse1%3B%24qt%3D78_2531_70260t%3B%24dma%3D0
.spotim.market/ Name: a482928
Value: 2ccd8a11-ebc5-41d2-a1b3-65e335331ba7
.emxdgt.com/ Name: eapn_id
Value: 827309512431448119
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&901d5ac7-d67f-4635-80eb-a9b4b6c16aed"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzU3NjAyMzE7MjswMjGK2tzhWyk5Edo9TRoX0S2ShWt3aSTVv4R6LIwnBlM38A==
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2943:u=1:x=1:i=1675760231:t=1675846631:v=2:sig=AQHXfb4BH7SCOZLCTlP6t7oYKeUMQfk4"
.media.net/ Name: visitor-id
Value: 3187618314679037000V10
.quantserve.com/ Name: d
Value: EGMBEwGeKIqsMM2MgQA
.lijit.com/ Name: ljtrtbexp
Value: eJxdkLsRwzAMQ3dR7YKQ%2BM1qPu%2BeyHYRonw4AgR5DowPPCzVfc1jzBu9vHKjIaMrq2OADCL%2FCo4BIYc%2FvNxkM2hlVUXv9FOyz8A7J%2B1IaplKbMSUN9lPT8iieX8by9Kbo99YdKNSvlKeUR%2FLng9pDXF9AfhjWsg%3D
.openx.net/ Name: pd
Value: v2|1675760231.1|iygevNgun0.kigqommOnsgi
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8a302368-9057-4ff5-927b-e618376766bd-003%22%2C%22zdxidn%22%3A%222032%22%2C%22nxtrdr%22%3Afalse%7D
.yahoo.com/ Name: A3
Value: d=AQABBGgS4mMCEF9EF-vWCemK2r2KSURr-rcFEgEBAQFj42PrYwAAAAAA_eMAAA&S=AQAAAi0tuXAHZuHgHkgiRK80WTs
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: Y.ISZM.ZfDK4qRZpDs27vgAA&2007
.analytics.yahoo.com/ Name: IDSYNC
Value: 19aa~29uw
s2s.t13.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYWR5b3VsaWtlIjp7InVpZCI6IjEwNDIzZjkzZTZjY2VjYmFlMmJmN2Q4YjJjMGY2NTI2IiwiZXhwaXJlcyI6IjIwMjMtMDItMjFUMDg6NTc6MDguNzkwODg5MDM5WiJ9LCJ1bnJ1bHkiOnsidWlkIjoiUlgtOGEzMDIzNjgtOTA1Ny00ZmY1LTkyN2ItZTYxODM3Njc2NmJkLTAwMyIsImV4cGlyZXMiOiIyMDIzLTAyLTIxVDA4OjU3OjEwLjYyNzExMjY5WiJ9LCJ5YWhvb3NzcCI6eyJ1aWQiOiJ5LVFYZDVIRlJFMnVHNzR4NzN1WFRRZGNtRkdpS0ljblljNjRRWXNISS1-QSIsImV4cGlyZXMiOiIyMDIzLTAyLTIxVDA4OjU3OjEyLjQzMDg3NDQwOVoifSwiYW1vYmVlIjp7InVpZCI6IjI3MzI4OTAxNjI3MzE4ODk1ODIiLCJleHBpcmVzIjoiMjAyMy0wMi0yMVQwODo1NzoxMi41MDMwNjk3ODFaIn19LCJiZGF5IjoiMjAyMy0wMi0wN1QwODo1NzowOC43OTA3NjAwMTNaIn0=
.lijit.com/ Name: _ljtrtb_86
Value: grcaNIDtjzV7lYLAp5sK
.turn.com/ Name: uid
Value: 3313997620022083462
.lijit.com/ Name: _ljtrtb_43
Value: G5uROxyawj0AnpdqHZjZMR_Nx2sAzMI5G5u5ZjmT
ads.avct.cloud/ Name: uuid
Value: 3028f327-e339-4130-867b-be879dcc1607
pool.admedo.com/ Name: tuuid
Value: 72531c07-0572-4bbd-9f4c-b0fa4b456ae6
pool.admedo.com/ Name: c
Value: 1675760232
.simpli.fi/ Name: suid
Value: 2E8F22B8B7E44B2794413FD3E0B82834
.lijit.com/ Name: _ljtrtb_85
Value: AATRo07HxCUAAB-hrsYcNA
.bing.com/ Name: MUID
Value: 1B28300E180E619205F622BF19296010
.lijit.com/ Name: _ljtrtb_92
Value: 827309512431448119
.fwmrm.net/ Name: _uid
Value: "l1e30_7197335392378338193"
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjY1MAdCM0sDIT5D3eR8s0Jzn9zMUkPjSABNDkfSJQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjY1MAdCM0sDIT5D3eR8s0Jzn9zMUkPjSABNDkfSJQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zvEyGtoZm5qbmZgZGxkaWYOACqCcvcQAAAA
.owneriq.net/ Name: p2
Value: sv
.clickagy.com/ Name: cb
Value: Y-ISaIkp7r3xPXInHhO-F9a3
aorta.clickagy.com/ Name: chs
Value: [{"ch":"185","t":"2023-02-07 08:57:12"}]
.lijit.com/ Name: _ljtrtb_12
Value: 827309512431448119
.sportradarserving.com/ Name: zuuid
Value: 64277ce9-3d9c-41fc-8c8b-852bdca079ea
.sportradarserving.com/ Name: c
Value: 1675760233
.sportradarserving.com/ Name: zuuid_lu
Value: 1675760233
.id5-sync.com/ Name: callback
Value:
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y_ISaAAAA-7kPgAh
.mfadsrvr.com/ Name: c
Value: 1675760233
.mfadsrvr.com/ Name: tuuid_lu
Value: 1675760233
.mfadsrvr.com/ Name: tuuid
Value: b9c6c29a-60c3-4518-922f-785bb3a169db
.mathtag.com/ Name: uuid
Value: f28363e2-1269-4c00-a9ab-0a25e9006deb
.lijit.com/ Name: _ljtrtb_2
Value: 2E8F22B8B7E44B2794413FD3E0B82834
.lijit.com/ Name: _ljtrtb_76
Value: 79fddb1e-b8ee-4836-8d83-1350ccd9e678
.lijit.com/ Name: _ljtrtb_1
Value: 3313997620022083462
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1675760233
.mfadsrvr.com/ Name: ssh
Value: !sovrn,1675760233
pool.admedo.com/ Name: tuuid_lu
Value: 1675760233
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: e72d9e2bff48a074585eb286d81a16b2
.owneriq.net/ Name: si
Value: Q7290466331036472501
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: l1e30_7197335392378338193
.ads.stickyadstv.com/ Name: MRM_UID
Value: l1e30_7197335392378338193
.lijit.com/ Name: _ljtrtb_3
Value: 628263e2-1268-4600-a748-7784a9459397
.lijit.com/ Name: _ljtrtb_84
Value: Y-ISaIkp7r3xPXInHhO-F9a3
.lijit.com/ Name: _ljtrtb_10
Value: 5141210823507070690
.lijit.com/ Name: _ljtrtb_87
Value: b9c6c29a-60c3-4518-922f-785bb3a169db
.w55c.net/ Name: wfivefivec
Value: Cer6myRP1PpjMR5
.lijit.com/ Name: _ljtrtb_5001
Value: e72d9e2bff48a074585eb286d81a16b2
.w55c.net/ Name: matchopenx
Value: 5
.lijit.com/ Name: _ljtrtb_26
Value: be201fa6-bcd1-480d-a189-43032ee69875
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: b4627e3500355cd5
.id5-sync.com/ Name: id5
Value: 0262c4dc-fbd9-76a1-823d-7b305d178189#1675760228459#4
.lijit.com/ Name: ljtrtb
Value: eJx1kU1vEzEQhv%2FLnrE0X%2FaMue3SpFlBUxQKIrlU9u6GKkAJCYhQxH%2FvLHfk4%2FPo9cy8fxqk5mVjpAw5IgmjiCHm5kUTAdDZpDTmiep%2BL1ZAJVqcKlkaDQumSm5Scq9OBLgvKdRhxCAGYyhoOQgD0zSlbBrdnSOZkXPWRABEYCzpX4oTWtiSqLNOFyIdaRZBXl7xAjojF11j1xIZJZ4oICULkgBCUbGgalKyxMxZXc3%2F3c3EyTb070r%2F%2Bagnvrz92D%2BuHm7DMheeeXTetnebb6Cry6v3bduFh9N5O6zbmc77fjoNZd1f%2FTg8fdAv2zftMZ5fz%2FuBs4iChGDEEdRfyuBI5tGv48%2FN7eV3%2BXWA9vE4fl%2FtDrubzf36Quf26aaPzuPu8PXOfZ2%2F0bwfx4pTqDZNflZOwUbjgB49DN5MUptH0rmCPKSBcgkJBg4S0UIm2ge1WCt7W3mszd9nJSl5zQ%3D%3D
.lijit.com/ Name: _ljtrtb_49
Value: df0Wzw7gVUUq
.csync.loopme.me/ Name: viewer_token
Value: e7d9888b-b1e7-421d-8e2c-267f36f45b20
.id5-sync.com/ Name: cf
Value: gif
.id5-sync.com/ Name: cip
Value: 102
.id5-sync.com/ Name: gdpr
Value: 0|
.smartadserver.com/ Name: csync
Value: 22:4670916618109018858|76:CAESEFex6hFs_ItCysKy_B5AUw8|111:ID5-c9d9xYWjIPgvvvNc2wMupGPjSxScmJdgTqYBixyIsA|117:10423f93e6ccecbae2bf7d8b2c0f6526|124:e7d9888b-b1e7-421d-8e2c-267f36f45b20|134:OB_OK
.id5-sync.com/ Name: 3pi
Value: 102#1675760233806#-2050533022|155#1675760233931#-983802207#AATRo07HxCUAAB-hrsYcNA
.id5-sync.com/ Name: cnac
Value: 6
.id5-sync.com/ Name: car
Value: 4

10 Console Messages

Source Level URL
Text
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 469)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 469)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 469)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 469)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 469)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 469)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network error URL: https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R0hhNXBCWkgyaGIwYTVZZVJ1YTBjaFVV&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R0hhNXBCWkgyaGIwYTVZZVJ1YTBjaFVV&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
69c3be3f32e2a22dbed17869481edb0c.safeframe.googlesyndication.com
a.channelexco.com
a.pub.network
a.sportradarserving.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.avct.cloud
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
adservice.google.com
am-trc-events.taboola.com
amazon-tam-match.dotomi.com
aorta.clickagy.com
ap.lijit.com
api-2-0.spot.im
api.btloader.com
api.pinterest.com
assets-tracking.crazyegg.com
b1681952.smushcdn.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
btloader.com
btlr.sharethrough.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c.pub.network
c1.adform.net
cdn.confiant-integrations.net
cdn.ex.co
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.privacy-mgmt.com
cdn.prod.uidapi.com
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cm.smadex.com
cms.quantserve.com
connect.facebook.net
contextual.media.net
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
cs.media.net
csi.gstatic.com
csync.loopme.me
d.adroll.com
d.pub.network
d.turn.com
data.adsrvr.org
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.channelexco.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
events.newsroom.bi
fastlane.rubiconproject.com
flowcards.mrf.io
fonts.googleapis.com
fonts.gstatic.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
g4tagging.komando.com
gpv.ex.co
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
imasdk.googleapis.com
inv-nets.admixer.net
js-sec.indexww.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
link.monetizer101.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mcd.ex.co
mma.prnewswire.com
oa.openxcdn.net
odr.mookie1.com
onetag-sys.com
optimise.net
p.channelexco.com
p.rfihub.com
pagead2.googlesyndication.com
pagestates-tracking.crazyegg.com
pe.ex.co
pips.taboola.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.wp.com
playbuzzltd-d.openx.net
player.ex.co
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prd-collector-anon.ex.co
prebid-match.dotomi.com
prg.smartadserver.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pubads.g.doubleclick.net
px.ads.linkedin.com
px.owneriq.net
rtb-csync.smartadserver.com
rtb.channelexco.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s-110.channelexco.com
s.amazon-adsystem.com
s.spotim.market
s0.2mdn.net
s2s.t13.io
sb.scorecardresearch.com
script.crazyegg.com
sdk.mrf.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
spookyexchange.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.e-volution.ai
sync.inmobi.com
sync.mathtag.com
sync.spotim.market
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tracking.crazyegg.com
trc-events.taboola.com
trc.taboola.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vid.vidoomy.com
visitor-usa02.omnitagjs.com
visitor.omnitagjs.com
widget.perfectmarket.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagservices.com
www.gstatic.com
www.komando.com
x.bidswitch.net
aorta.clickagy.com
csi.gstatic.com
104.103.89.173
104.18.33.19
104.96.145.246
104.96.159.65
109.206.161.21
116.202.150.116
13.248.245.213
130.211.23.194
141.226.224.32
141.226.228.48
142.250.180.230
142.250.185.130
143.204.215.103
146.0.227.110
15.197.193.217
151.101.1.44
151.101.129.108
151.101.129.44
151.101.194.132
151.101.2.207
151.101.66.49
162.19.138.120
162.19.138.83
172.64.151.162
172.64.154.237
18.134.84.26
18.144.106.164
18.185.230.98
18.65.35.220
18.66.15.14
185.183.112.148
185.184.8.90
185.24.11.18
185.255.84.152
185.29.134.244
185.64.190.77
185.80.39.216
185.86.138.142
185.86.138.150
185.86.139.102
185.86.139.116
185.89.210.20
185.89.210.244
188.42.34.64
192.0.76.3
192.132.33.46
193.0.160.129
195.244.31.11
198.148.27.139
2.18.36.193
2.18.79.139
20.127.253.7
2001:41d0:701:1000::96f
2001:4860:4802:36::15
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
209.58.133.68
209.58.147.67
213.19.147.45
216.52.2.48
216.52.2.91
23.203.124.21
23.62.220.203
23.82.15.162
2600:1901:0:4277::1
2600:9000:2057:a00:a:e047:752:5701
2600:9000:211e:0:6:44e3:f8c0:93a1
2600:9000:2304:ba00:8:48e:53c0:93a1
2602:803:c003:200::51
2606:4700:10::6816:3456
2606:4700:20::681a:68b
2606:4700:20::681a:932
2606:4700:20::ac43:4513
2606:4700::6810:5614
2606:4700::6812:116b
2606:4700::6812:13d1
2606:4700::6812:15ce
2606:4700::6813:9408
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:827::2003
2a00:1450:400d:802::2003
2a00:1450:400d:806::2001
2a00:1450:400d:806::2002
2a00:1450:400d:808::2002
2a00:1450:400d:808::200a
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::2006
2a00:1450:400d:80a::200a
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::2004
2a00:1450:4025:401::9a
2a02:2638::1c
2a02:6ea0:f400::4
2a02:fa8:8806:13::1370
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42::300
2a05:d018:24:b001:dd08:e1ef:6d82:479c
2a05:d018:cc3:fe05:8000:e806:9e7:1bec
2a05:d018:d29:3605:3a35:c032:6d7e:7081
2a0c:5c81:5139::2
3.122.125.162
3.126.58.16
3.228.189.113
3.70.105.175
3.73.229.242
3.75.3.113
3.76.151.8
34.102.146.192
34.107.140.113
34.111.152.239
34.160.110.8
34.202.66.243
34.98.64.218
34.98.67.61
35.204.74.118
35.210.53.219
35.214.223.115
35.227.252.103
35.243.221.239
35.244.159.8
35.244.174.68
37.157.2.239
37.157.5.142
44.207.220.40
51.75.86.98
52.213.152.139
52.215.255.163
52.222.139.61
52.222.209.55
52.29.94.204
52.46.151.131
52.57.157.161
52.94.223.167
54.161.174.12
54.208.243.98
54.216.196.145
54.220.103.172
54.87.52.15
62.149.1.122
64.74.236.31
65.9.86.105
65.9.86.116
69.173.144.138
69.173.144.139
69.173.144.165
72.251.245.181
79.125.68.7
8.43.72.97
80.77.87.161
88.221.92.63
92.123.38.97
98.98.134.243
99.86.4.102
99.86.4.31
01ad2b1c819f5d3a865547cae1288e6f30d9de9e078999caa2f9d077f61c0e45
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
01c3af337465d189452ebe7ecf94fc7488ec259f8984150aaf6710b5db458717
037cfdee59c7cf2baa980f40924c8a2de5ffa598a4fcba8013ec3f02edc2e3ee
03c674f4fe2e9597d9ea52c9251b224697f53ff254bd2144259bd82bdfa5f328
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
057e7bc38701f46a49cfcf6ad65f5774a633b82ebfa82d25cd0bd9a12970340d
0598e98bc97e5b9aeb32aa40cae407814d13a7333e055071107519d7b4fcb0d7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d9133258a9ce442b3dbb7910b0668b1c15aac629ff6cafe7560c24bf80e4af
080fa4875b81328586d85039c5268a9f0f462099a1fdfdeb192f2af2ca3a1677
08849084a99028cb9f0f8856f0164f07951347131f16c92f8fd5626a87140cdf
08e595ed7532e4d18f82baf1f7bd292c86e8c83331343b15e47da8738ef37676
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c3b0286055996517f49d3dd51516f7a2743f928f6b28fc3ab988a0b57898266
0d2fe14aa9a6600f565f3dd71072f56584fffddc7e0d4b377836775c440965f0
0e394310d59954f279ef99b39b416c950da0e2b5193ae75579033955bbfc703f
1010cd9dd08269f38fce8d9abb769bfc1ae8688c7cc752c67576dc520f5a95e7
16f5304d2d3dd5a58c41349b9a207663af0c49903d4eb1b74ed4fb07ab1161d3
17ef80d4c5062d417af8b2f40aa72a463f34478420eb300b08176f3d3f5bf1ac
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
198669e40d6e07717ff7bd3253781a001da0a2288c5b591b615d642cd561251a
1a72d6dc98266e970b3bee02e5ce7b927e59b9c835ca1ee0735f95fb0d765290
1af429d1f720a6ec97315cc1d279eadd708edf2176d07eb1fe131e84d3ce19ee
1b299f69137f33766ad346a8192497adca966e73d06d292080ac83f383887f5a
1b540981e497f507aa3d4a4e4707603bd3cc4a5fc80ba67078ccfece3e9f0f10
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1c47a29574d9a82b1b3ba0651cbdfc2058fe233ca0c3c31c4e30ee3f0dfb43e5
1caae31a6a05aa0be067b968fb12c9421ee72184a2a2db915a54d3330f7be923
1dab1bc4819817d0d15c36cdcaef6398942e08949af65b1d752cfd3c54c8e792
1dffe36e9d4d870dbf7c798cc1d1f3d219897f2a985a69224f557a9fb3031a6b
1ee6183d2f14ef91860620dcbf9176bf3ded603c8eccb1f57f5a39d5dcfcc012
20253a457b59db3b1754706bdb87dd925eaf2869797971286c60f1264487209f
20bc5aeac8cf27971ed187f82432fe9fd11049d30507f806991d20e7837a1be9
210ce64dea6568972b870366f9ecea92e697af18bf92cd92bf306ee6dcbcda61
226e276f6230b9b9338a5c06633f8ff6eb9e5a628c411d9e1225e8431055278f
2661e7d6c21d455d3f2d6bb759f03530ca5b74833367c0d08b0d6c862739d55e
28f21561aab3607a7777cc0427204595e19151464732c1bffacb7af6a8699af7
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2a15822e997e4b7b172e4b1e4c1366dd01f10ff936a8971ce15510f207b5d25c
2cd7b884f4ddda0ec55f9941339b2f967041c0b391d3f133675bd444cda3384d
2e11b75129198c452c9d69e05b4d17df9e9ab5add9efe74cd3dd0daaf7723184
2f0afff2ab0961d798d41159fea42968c8d99788872f9abfc6860dc74b74cd20
2fb500f34c1e92bea56bab8e0e5ccd68f794b9a514e5302a2f7e07723938d91b
306aa3e9ac2218b04789d6be6f4a3f4961ea0964026411aebeb9420d5a67d512
308bd0a24c56e6f5493cec856177e77ef59cb2c885df38fbec9961cd97f4e368
30c6cbdb4497c944947dc733e37c6c7d6b9929f531b512601aff6b7c6568911f
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
323f7cdf82fc4d5ea65ec5ceafc2b45a8c95e9c5d4eebc6f220fdfc8f8bad1a9
36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4
37e786c3243aba4dd121c4fab565a82608e474a17cb898def2ee758b7ffe75f5
387b5b5e780a2160c732aa818ed7d1c316b5389149bf4e2fd01d5b78c444e699
39cb258393aeddcd1413acfbbe26328a53c285825365518d92ddf7305f7d4f78
3a5473b62e71d3164b95391e8342e6abe3215428bcaf828a72dc2f23fc540337
3cd1ca80c97f3e96c12660aa116c23616b8d4945f59d01f923346a9d85c23050
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dc2d3a81cba3bf2e53254efe094ad5f5c66b87322df177d2094406236cb9075
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3f6bae8ccfba966260d4917a5e1487fc1f6e67bbb4c855516171d5d28ff3ffd2
3f921ad528f18411472daf5a169f99678086aec6ac4a71f00730575a092621f5
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4109c9d972d4651eaef82fcd54e4b218c39eab3c762287614dd0c20bd0de379b
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44daba1a4c6206f6531594af260c46f227661224ca734193abaea24a55a7ba11
44ef7f01d102ee70e48b8f889583f38b6087ad25e4815e14f8f38cc631cb3d0b
462f27a23d7658a83f84aedfd225d8c5e0a41e86b04b0d9a7577bc996816be42
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4963b09462b5db20b9a820b98581b6f8a4058a2eeb2d4d7b4177ac3a9cc33f80
4bc39edb1ee23f938dd369c971ab57140aa2aeec3cba2553de7fd6159382fd60
4c5caea5d9636db280e7b487edd7ea9ed9d6abd93f4d3506061a6739f09829f3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5136daeffa3c8a6f6e2e03c22f560d16a318ad750236152dcd4ae310062ce3c8
51885f3f46c7317c00dc6b36ae543d48f1b3d1c3768381c9f7c8fb47e38214f1
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5642478af9f2c14e926a8593cdde5e215e3f5ff939d160ce9bc4005353f364b8
5649ce138ab157ce45ed7526137683ddb9428480a7d8820814233708fb29dd6a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b08212d3240061542f898bd0cabc9976d8697bc20e3f5e69c037c32dc7d16cf
5df38aa5657df31ee1f3726e5098ec3ff471194062626418808f1a30d1f81e22
5e7af29081c139cc8926c324a230ee360afdcde48f915a5e50d466f6a5846435
615611ee1db24e304a27ee25b8d08bdff3a603ef77a8d19e462d35907b5cab26
61ac67c629dc09e4d1f22dc4331487950d29cf2ecde13f75fa5cf9855b258901
61fbc34f91d8af09b7d8434e27d4f7f12fdfae8311d2d26d0eea187ad16c4dd6
62a2def3eff6612be37efc0357620d8ca3c00e90d4e92f0e7e2ee702943fe436
647ab9863bd944a209b391394a1b9d60ff053c8b204efe83d2789a4926ff1866
6543c57e916cd39b41c82517846791babf3843056546379861ad5b1e70756398
66a69f00752df4356baf7da9c60d42d4d6017a0fec329dd57d42033a73246e40
670c015028dbf988d72cc0739742600c5c368281cacb45ab62df525eee50238e
67d7eb6805d29f099e89378123cfcf4f377d45ee2d660fffed82a5c1e3e1dbc5
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bd1bf132ec5ff3af32210bad8826a1a319d70a5325dafe439a78d039a5cc305
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
6c00bbc1f7d10add1af00920d9f7f9bd3d1921686abaf084980b9af003738870
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
6d4947fe79f9aaa1ea4fc61935fa5475c71d19e327d91c2551d19f4d8caa34fe
6d4b563a86aec8a1bf28a0459de70130708502d9de0265a680688f1e1a9c70be
6ede6d755df1ea32715511984ba06c0b39cee7e586548fcf586b92ddefa38e7c
6f7686dfc0581720f0f08b379ae24ebb16255f212abcf558301b01d8077416c6
715e2bb869d945c8c56577da9be3ea901886409d3adab2070d9d299c90b729b8
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0
74d4226ab472f66acfaaa34c0bd8288ae3dc7b87b90cf05fc28637177a320931
75b53e93f5b67be4f3b8e5f23fb71e059b0a503f211f43c857d34d05d056b33e
76584444620716c18a6dce43ba175dc06f6e4547872fb11674b973ed1f89f3ca
77aa142ae9ef1f5662e8d64f2cdb0f0280d0fc658655ec8ff2308493af331230
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
78df1ed8d6b8a691f4bff095a5b11a83cb6421a2e7b3b039699b974266168ed7
7939f979c445a868d4ed632cf4a5d7d962fd416ef41765327070a014e003adb0
79803d78aaa09409a72b13aeca2f84e17e6cdb792e7c2122f4e1c3990485bc1a
7ad2bc66df2491dc7cab0cfdf345640bdeaef18e1afeec2c911b61b34c38eb68
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7f3f58c2fd4529fffc91067658a9689ffc59257d6e329de3f156539fdc9d44c3
80e3e52d0683c48d03b4a2e997851a60039c034a179ab5ebe777816745c89a0e
819cd11b48e7f2d1a6ba85d2b0ce07950b52bcc9b04d27587f59cfce03d8c999
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
83f3a9a80ff900dcea8d48105f9715e5112703894d16f9cf7aa51537e5724336
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
89d10dceb02fed084f5dbeb501e5dd7f8bd735b8c5116dcbcff08cfb73346b83
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cb6628eef26dc0e180dd5934b78d36034a083b848e29c49a5194eaab4fe3a9e
8cc28ac27a3fe14720d82c5b681f8531381764074a669aa3e0ee58bc86bfabc7
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dcdf3d0af3384ef3c86dea8a51e3ef45372f50785db9b23f147e549caa6e92f
8dcf83fa5613aa949fe76d26a0947195eb42e0326f485be666cc648addc7662c
96653b9b6b919a16dcfce983c42fa78193d2b2e5cec34cceb23a02572c994485
9744336b70c6f9991d4dc09a826827ba40ef82dead84545dbb7cf902aea80363
97c11e7b2e464bcead9ac97805a8118afdc79645550418a98f5e8dc9e92ab567
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a5380338b5bc3e01b2c3837050167cb34b80efd3cea413ade7bb4242dcdd9e3
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9c1fb17d65ce5caf92816cba37759ac51786fd7133e6653f6293b85ca5ba6ca7
9d7bb0ba0ca6302c3de83f519e1f4a1b85010d1056e6404943682f77a9d1f3ff
9dc8e62b83994a1eda313381316790cec86d097f2c843ae416a097747864382b
9ea945329a959858c03e0a695e71d57caf05cae37a780c84226bc00fd40af9df
9eff412c1198930f1d219490894e17733ccd8b992e9ddb7546971f783c00431e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2687fe8e299a3aad2d4701478f7a7ea3689ef4f470372e3484cf28b84b019b1
a2e92286a0624600d5ec4f72baa54396a44de7c28780337d97da61c65b498217
a3a1353fae07a2c513496df414eeb64a24d3dda1c6564264c1af10b74346f3cc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a7b97147d39d2583a88140e6aa19b6c862eddc289261686d51f1fd9e45f87d8f
a91cca7f74336037c5f4737de98307f2dab24c394d5e5fc3a8a9806a7ddf6840
ab6951376534176079d382ad91b5cd821b226b7939954a71dbc07ef2f5c6292a
acdf7f8f87e5a6231c2b8cdc8fb693ac607bc022907f096aa06c92d557f4aaf2
af425116e6d376e643f052ba62513f25ca973d319aba26ae3ad5b1f8ae5373be
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b13ead8cd1b832c7f62137108f577d6ff406c66090c8e21fc1097e206cc36697
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e152b16ec07695cdf791ad3f8610079a488a893f40d8aadd857735cd12337f
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b84b1f8f52574cfb30d12b855b6a7d9a73f5a91922f98b13ee66357a24549b77
b8fa330868d43619bbb372ba3f1ca57cb8eb550b23ca87f0bf912e992f399ddd
b94c0c588c960ee9b1b4fdc774c776f770059745e5219ecc28c1cbe5f633ba84
b9eb5f23cd494550d03dd5c01e6653576c5851f7775dbf84b51ebae874ee4740
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbc5144df3b5b512fc0e77411efba3dcace651f4e55679969a1ac12feaf2554a
bdc6f35981582b0bb0423b70243eac10776c99215aaa26dede1b002555215e99
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be4079d413e801f4d92bae17f83cb59a350c0b27ccc76171579182426144f128
be6782a8a0617c64e1eaf887f6771ac1e4ead25232ffcf133e5cba77b7379e76
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c6954b2245c105f5ef0e89223599d95d933f590794727fc4282321528ed27524
c6e6a01fbe3ee54802f40a40d4c05d4ad4760f4c813b2643523721d0a684922d
c7f3fa7b9fe34cf96b38a78996e5b9c68e2249bc31009322b5a44eb2cf5a063d
c8fbf8f0bba40d99a2dfe95009f71cb34bf640d3c71ff0abcd57cc41b4262831
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
c9190d278295c05be2d88d8734873f21777ecd838d887bd99a2f3f2051ad657a
c9dd859ef10e3134d568f88192e90148b1ff8ca734e3b9ef0da63e65b053edfc
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cd353b1975f12f3ba2665f6ed6c298d13375297f7b744c2914eeebaea2923384
cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d2dee4d08a598d7777c8c5f70bab11cda670f35407a912749bfd62fdd4e76ef9
d3dbe61c0d4bd6843709a0c3287613e78c6699b608001771c5d02fc4927a81ff
d6e83f57d3aa70474606e050b6671b11b07dc1d87b4ede5827fdbeff42f996ec
d75e7796cd5ce3493e77afc5f8cf91ca6064722f3cfb4e9f27e5e16f810a8551
d80f5f881e23bb61bd8a60f36f198e0c2d66742fc2b441bb400aac069940543f
d8400420064efcd62c29d75ad0a6bf0218832b1918da16c5300127bcc868cb7a
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9747f5722c7c42437d63d6bc6541a64eef344d775abeb7885abc95ae2f0d507
db03313b117d5687f500d3a57cf5a279c0e9c92cf8b2182b5ec74257257537c3
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
db32b6eacb18a1770fd81b7f6d465731164188aa58238614f5127d7e937dd6ba
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de48f408866c6f7d4cbf8bb0995fe03df2ae99f2bef5d5590d64b712bb487817
de60b41e15abf39c0fe9c62cb9879a8083f98e40cbbfb088b3f3fcd0ac236abe
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
df460454aa3d0e187cd1caa4e17bb1455fc9b4be42da495d629ad6510ee6f7fd
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e1f6ff49aaeb442ee325d36cf1ebb724f26ebc83a1d6c947b022d2098aa6f2c4
e20794a189527e5c19437769821355dadc366a7d62c80d22d1c19d2fed617d1b
e3518eefe7f34002310bcd80ade06f9c22312742125356aa40b75ec38776456c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d3dc0375ec17aba2b1a4f5773fd0d52f2d219db164f1edcc4f9c06292865a7
e3f5130c846dd2b8362310a320f23c7f7969ac5cc50143e5d39ec4355a498597
e636f143c6c1105555f9b3a821719306b9028092c433f14b0baf7a1682e8ffb8
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e6934a9a6a983d3e16ab4119ad093f886cb41fe49eed4f8ff7cb06ed3ba1d9be
e8f06f3f7654b4ef4618604d80e14fb81d36fe27cc5a4634529392131908487c
e930eb9942673b108eba8c47ea12c8f78c1731fc3e18767cf4c53733a64fc402
e9e40f737e08ad5b6c7ec3d3ee2232ce91f00b1f4f753c79f5e8e4f74c1c4a60
ea577783d810f83cf7bd4196b3e52d2f97d853e2015d463803647e4aa36be67b
ec3a21a491af4587bee1627d1283c4ec4b36021a7e281dea2ea6e20fd827ce71
ec52c92bd844889ac4997fe38fbfd0ac09c4111738ca64b5e873662a674e207d
ecb66647693aa5edf27fce8fb6f7156f7a403de654f1b559bb62ecdc1494fa33
edbae5af5e5888d25d658b68ffc6fdd47d9642cf89b9d079d83d9527d89ece5c
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f041cb773186f39216a75e87772c94f33fddf655d1022cb593ac2d231c874e98
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f3a0a60c73c3170eb91a49081e375dfebdd1b750df35661600187907b0e925b5
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4eda003a8a780036a8a7398a2f7d054031d96a1ad15bf0e39b9d43444f05770
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc138e05c08491f10c2e626e372ca18cf7171521afb63d6ad0e691c5ab84ad59
fc2d6a05a562d6b286906cc9f908db8d8c19342bb002abd94e5f5db636063864
fc871e89201aa44e7380e81e7f7846c4164e5a5d3374ba722a90e518ad48feae
fcebc3f2e622f96095255ba33d9b5efe910d7c413e74826c8f51294b79dc79b9
fd2fe17b45d50a90ff8ee0f8fbee582f729060fea437b151da36cf1cab64b9f2
fe59dc311053c3c430bdf82eefd45fd9fd9fdcc85119067be7f2215b386f1462