urlscan.io logo urlscan.io
SecurityTrails logo

ghosts-of-tabor.en.softonic.com Open in urlscan Pro
35.227.233.104  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ghosts-of-tabor.en.softonic.com/download
Effective URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Submission: On April 02 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 119 IPs in 11 countries across 102 domains to perform 477 HTTP transactions. The main IP is 35.227.233.104, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is ghosts-of-tabor.en.softonic.com.
TLS certificate: Issued by Don Dominio / MrDomain RSA DV CA on December 23rd 2022. Valid for: a year.
This is the only time ghosts-of-tabor.en.softonic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 35.227.233.104 15169 (GOOGLE)
28 2600:1400:d:4... 20940 (AKAMAI-ASN1)
16 151.101.193.91 54113 (FASTLY)
3 2607:f8b0:400... 15169 (GOOGLE)
12 2607:f8b0:400... 15169 (GOOGLE)
1 2620:100:a001::4 19750 (AS-CRITEO)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 184.28.137.117 16625 (AKAMAI-AS)
4 2620:1ec:c11:... 8068 (MICROSOFT...)
3 7 70.42.32.159 13789 (INTERNAP-...)
3 4 2620:100:a001::c 19750 (AS-CRITEO)
1 108.138.106.124 16509 (AMAZON-02)
1 13.225.224.171 16509 (AMAZON-02)
6 143.204.151.99 16509 (AMAZON-02)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 162.19.138.117 16276 (OVH)
1 74.119.119.139 19750 (AS-CRITEO)
3 2a03:2880:f11... 32934 (FACEBOOK)
1 18.164.96.46 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
3 18.164.94.225 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 34.232.131.28 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 172.217.165.134 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 74.119.119.150 19750 (AS-CRITEO)
2 162.19.138.118 16276 (OVH)
2 130.211.23.194 15169 (GOOGLE)
4 2600:1400:d::... 20940 (AKAMAI-ASN1)
6 2607:f8b0:400... 15169 (GOOGLE)
14 2607:f8b0:400... 15169 (GOOGLE)
10 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 24 52.46.151.131 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
6 6 199.127.204.147 26120 (RHYTHMONE)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
1 44.207.77.179 14618 (AMAZON-AES)
3 13 192.40.39.223 27381 (CASALE-MEDIA)
3 184.28.136.221 16625 (AKAMAI-AS)
4 104.107.5.93 16625 (AKAMAI-AS)
3 4 3.225.218.10 14618 (AMAZON-AES)
2 3 199.187.193.197 47043 (SMARTADSE...)
2 4 35.71.139.29 16509 (AMAZON-02)
4 5 68.67.160.186 29990 (ASN-APPNEX)
1 20 52.207.45.55 14618 (AMAZON-AES)
6 7 35.211.178.172 15169 (GOOGLE)
2 2 54.83.15.219 14618 (AMAZON-AES)
5 9 8.43.72.97 26667 (RUBICONPR...)
2 3 34.98.64.218 396982 (GOOGLE-CL...)
1 1 52.200.72.107 14618 (AMAZON-AES)
2 3 2600:1f18:4e9... 14618 (AMAZON-AES)
2 2 52.204.125.50 14618 (AMAZON-AES)
2 2 2603:c020:400... 31898 (ORACLE-BM...)
1 38.91.45.7 398989 (DEEPINTENT)
3 3 64.74.236.63 19024 (INTERNAP-...)
1 2 104.126.112.185 16625 (AKAMAI-AS)
3 4 44.208.221.23 14618 (AMAZON-AES)
2 2 198.148.27.139 19189 (PULSEPOINT)
1 1 199.187.193.202 47043 (SMARTADSE...)
2 2 216.200.232.253 30419 (MEDIAMATH...)
2 3 151.101.66.49 54113 (FASTLY)
10 24 142.251.40.226 15169 (GOOGLE)
7 7 3.33.220.150 16509 (AMAZON-02)
1 2 124.146.215.52 2514 (INFOSPHER...)
1 1 80.77.87.162 46636 (NATCOWEB)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 1 72.247.65.83 16625 (AKAMAI-AS)
5 6 8.43.72.98 26667 (RUBICONPR...)
2 104.36.115.113 62713 (AS-PUBMATIC)
1 3 3.221.116.31 14618 (AMAZON-AES)
1 2 52.3.62.68 14618 (AMAZON-AES)
1 13 8.28.7.83 62713 (AS-PUBMATIC)
1 1 34.150.170.96 396982 (GOOGLE-CL...)
1 1 52.220.229.2 16509 (AMAZON-02)
2 2 185.167.164.39 198622 (ADFORM)
1 2 141.226.224.48 200478 (TABOOLA-AS)
31 69.164.46.185 22822 (LLNW)
4 2607:f8b0:400... 15169 (GOOGLE)
2 52.116.53.150 36351 (SOFTLAYER)
9 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
9 34.102.128.115 396982 (GOOGLE-CL...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 52.95.126.138 16509 (AMAZON-02)
27 52.206.134.14 14618 (AMAZON-AES)
6 174.129.16.102 14618 (AMAZON-AES)
1 104.18.115.97 13335 (CLOUDFLAR...)
6 2607:f8b0:400... 15169 (GOOGLE)
1 3.222.243.70 14618 (AMAZON-AES)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2 135.125.160.160 16276 (OVH)
2 2 23.216.84.23 16625 (AKAMAI-AS)
1 159.203.145.121 14061 (DIGITALOC...)
3 3 174.137.133.49 27257 (WEBAIR-IN...)
4 2607:f8b0:400... 15169 (GOOGLE)
1 139.45.240.92 57304 (RUBY-AS)
2 74.119.118.138 19750 (AS-CRITEO)
4 6 68.67.160.114 29990 (ASN-APPNEX)
1 52.18.137.128 16509 (AMAZON-02)
1 104.72.156.23 16625 (AKAMAI-AS)
1 54.166.160.90 14618 (AMAZON-AES)
1 184.28.137.83 16625 (AKAMAI-AS)
1 1 185.255.84.152 200271 (IGUANE-)
1 195.244.31.11 63140 (IGUANA-WO...)
1 63.251.28.233 13789 (INTERNAP-...)
1 34.117.157.22 396982 (GOOGLE-CL...)
2 2 35.173.101.214 14618 (AMAZON-AES)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 3.220.205.252 14618 (AMAZON-AES)
1 44.206.182.6 14618 (AMAZON-AES)
2 3 2600:9000:220... 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 2 34.196.131.192 14618 (AMAZON-AES)
1 23.40.172.207 16625 (AKAMAI-AS)
1 108.138.128.124 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
19 54.237.139.35 14618 (AMAZON-AES)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 51.222.39.187 16276 (OVH)
9 9 54.234.211.69 14618 (AMAZON-AES)
4 4 2606:ae80:147... 25751 (VALUECLICK)
1 2 23.92.190.69 32475 (SINGLEHOP...)
1 10 44.238.78.48 16509 (AMAZON-02)
3 3 34.111.113.62 396982 (GOOGLE-CL...)
1 1 2a04:4e42::300 54113 (FASTLY)
4 4 35.207.24.140 15169 (GOOGLE)
5 216.52.2.16 32475 (SINGLEHOP...)
1 1 2620:116:800b... 14618 (AMAZON-AES)
3 8.28.7.84 62713 (AS-PUBMATIC)
1 35.166.130.85 16509 (AMAZON-02)
4 2800:3f0:4002... 15169 (GOOGLE)
2 2 173.231.178.115 32475 (SINGLEHOP...)
1 34.230.139.137 14618 (AMAZON-AES)
1 34.192.9.105 14618 (AMAZON-AES)
1 54.220.72.158 16509 (AMAZON-02)
1 52.207.206.215 14618 (AMAZON-AES)
1 2600:1f18:612... 14618 (AMAZON-AES)
2 104.18.25.185 13335 (CLOUDFLAR...)
477 119
6    35.227.233.104 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 104.233.227.35.bc.googleusercontent.com
ghosts-of-tabor.en.softonic.com
softonic.com
28    2600:1400:d:4a6::29cc (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
images.sftcdn.net
16    151.101.193.91 (United States)

ASN54113 (FASTLY, US)
sc.sftcdn.net
3    2607:f8b0:4006:81f::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
12    2607:f8b0:4006:816::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    184.28.137.117 (Sterling, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-137-117.deploy.static.akamaitechnologies.com
amplify.outbrain.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
7    70.42.32.159 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
tr.outbrain.com
sync.outbrain.com
4    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    108.138.106.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-124.jfk50.r.cloudfront.net
static.hotjar.com
1    13.225.224.171 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-224-171.jfk51.r.cloudfront.net
www.datadoghq-browser-agent.com
6    143.204.151.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-151-99.ewr52.r.cloudfront.net
c.amazon-adsystem.com
1    2606:4700:10::ac43:4e7 (United States)

ASN13335 (CLOUDFLARENET, US)
c.aaxads.com
1    2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
4    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
3    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    18.164.96.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-46.jfk50.r.cloudfront.net
script.hotjar.com
1    2607:f8b0:4006:817::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    2607:f8b0:4006:817::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    18.164.94.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-94-225.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
2    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
4    34.232.131.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-131-28.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
1    2607:f8b0:4006:81d::2010 (Nutley, United States)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    172.217.165.134 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s70-in-f6.1e100.net
ad.doubleclick.net
2    2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
3    2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2607:f8b0:4006:81f::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.ca
fonts.gstatic.com
1    2607:f8b0:4006:809::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
sslwidget.criteo.com
2    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
4    2600:1400:d::1721:ee09 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
articles-img.sftcdn.net
6    2607:f8b0:4006:809::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
14    2607:f8b0:4006:821::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
pubads.g.doubleclick.net
10    2607:f8b0:4006:80c::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2607:f8b0:4006:81e::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)
9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
24    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2607:f8b0:4006:80d::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
ampcid.google.ca
6    199.127.204.147 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    44.207.77.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-77-179.compute-1.amazonaws.com
rtb.gumgum.com
13    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
r.casalemedia.com
3    184.28.136.221 (Sterling, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-136-221.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    104.107.5.93 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-107-5-93.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
3    199.187.193.197 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync-us.smartadserver.com
rtb-csync.smartadserver.com
4    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
5    68.67.160.186 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
20    52.207.45.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-45-55.compute-1.amazonaws.com
usersync.gumgum.com
7    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    54.83.15.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-15-219.compute-1.amazonaws.com
ads.creative-serving.com
9    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    52.200.72.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-72-107.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    2600:1f18:4e9:5a02:460b:2b68:c137:43d7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
2    52.204.125.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-125-50.compute-1.amazonaws.com
sync.ipredictive.com
2    2603:c020:400d:3000:7130:bb0b:d7e:bee2 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
3    64.74.236.63 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
2    104.126.112.185 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-185.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
4    44.208.221.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-221-23.compute-1.amazonaws.com
ad.360yield.com
match.360yield.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    199.187.193.202 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
2    216.200.232.253 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
24    142.251.40.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net
cm.g.doubleclick.net
pagead2.googlesyndication.com
7    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    124.146.215.52 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    72.247.65.83 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-65-83.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    3.221.116.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-116-31.compute-1.amazonaws.com
sync.crwdcntrl.net
bcp.crwdcntrl.net
2    52.3.62.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-62-68.compute-1.amazonaws.com
thrtle.com
13    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    34.150.170.96 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com
um.simpli.fi
1    52.220.229.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
cm-supply-web.gammaplatform.com
2    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
sync-t1.taboola.com
31    69.164.46.185 (New York, United States)

ASN22822 (LLNW, US)
PTR: https-69-164-46-185.jfk.llnw.net
player.anyclip.com
config.anyclip.com
assets.anyclip.com
cdn5.anyclip.com
4    2607:f8b0:4006:80f::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    52.116.53.150 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 96.35.7434.ip4.static.sl-reverse.com
8proof.com
9    2607:f8b0:4006:809::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2607:f8b0:4006:80f::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    34.102.128.115 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 115.128.102.34.bc.googleusercontent.com
g.bidbrain.app
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    52.95.126.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
27    52.206.134.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-134-14.compute-1.amazonaws.com
pixel.anyclip.com
6    174.129.16.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-16-102.compute-1.amazonaws.com
trafficmanager.anyclip.com
1    104.18.115.97 (None, )

ASN13335 (CLOUDFLARENET, US)
ipv4.icanhazip.com
6    2607:f8b0:4006:81d::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    3.222.243.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-243-70.compute-1.amazonaws.com
vid.springserve.com
3    2607:f8b0:4006:806::2006 (Nutley, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    135.125.160.160 (France)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu
c.eu1.dyntrk.com
2    23.216.84.23 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-216-84-23.deploy.static.akamaitechnologies.com
cs.media.net
1    159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
cs.chocolateplatform.com
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
4    2607:f8b0:4006:81d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    139.45.240.92 (Russian Federation)

ASN57304 (RUBY-AS, RU)
notix.io
2    74.119.118.138 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
6    68.67.160.114 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    52.18.137.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-137-128.eu-west-1.compute.amazonaws.com
partner.mediawallahscript.com
1    104.72.156.23 (Sterling, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-72-156-23.deploy.static.akamaitechnologies.com
contextual.media.net
1    54.166.160.90 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-160-90.compute-1.amazonaws.com
match.sharethrough.com
1    184.28.137.83 (Sterling, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-137-83.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
1    185.255.84.152 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
1    195.244.31.11 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor-usa02.omnitagjs.com
1    63.251.28.233 (United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
2    35.173.101.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-101-214.compute-1.amazonaws.com
i.liadm.com
1    2600:1f18:ed:550a:f829:6715:25ad:4b5d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    3.220.205.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-205-252.compute-1.amazonaws.com
exchange.mediavine.com
1    44.206.182.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-182-6.compute-1.amazonaws.com
trends.revcontent.com
3    2600:9000:2209:3600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    2600:1f18:612b:4200:2359:9f97:ea6d:7162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
1    2600:141b:13::17d7:8379 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
ade.clmbtech.com
2    34.196.131.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-131-192.compute-1.amazonaws.com
dpm.demdex.net
1    23.40.172.207 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-172-207.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    108.138.128.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-124.jfk50.r.cloudfront.net
tags.crwdcntrl.net
2    2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
3    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
p.ad.gt
19    54.237.139.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-139-35.compute-1.amazonaws.com
marketplace.anyclip.com
2    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
1    51.222.39.187 (Canada)

ASN16276 (OVH, FR)
PTR: ip187.ip-51-222-39.net
onetag-sys.com
9    54.234.211.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-211-69.compute-1.amazonaws.com
match.prod.bidr.io
4    2606:ae80:1471:11::410 (United States)

ASN25751 (VALUECLICK, US)
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
2    23.92.190.69 (Charlotte, United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
10    44.238.78.48 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-78-48.us-west-2.compute.amazonaws.com
ids.ad.gt
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
4    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
5    216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
1    2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
3    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
1    35.166.130.85 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-130-85.us-west-2.compute.amazonaws.com
pixels.ad.gt
4    2800:3f0:4002:801::2003 (Argentina)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    173.231.178.115 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: lga-delivery-7.sys.adgear.com
cm.adgrx.com
1    34.230.139.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-139-137.compute-1.amazonaws.com
crb.kargo.com
1    34.192.9.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-9-105.compute-1.amazonaws.com
sync.bfmio.com
1    54.220.72.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-72-158.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
1    52.207.206.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-206-215.compute-1.amazonaws.com
rtb.adentifi.com
1    2600:1f18:612b:4200:439e:5582:9089:1d9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
oryj8-4pmb8.ads.tremorhub.com
2    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
Apex Domain
Subdomains		 Transfer
83 anyclip.com
player.anyclip.com — Cisco Umbrella Rank: 16044
config.anyclip.com — Cisco Umbrella Rank: 21300
pixel.anyclip.com — Cisco Umbrella Rank: 15806
trafficmanager.anyclip.com — Cisco Umbrella Rank: 20325
assets.anyclip.com — Cisco Umbrella Rank: 20460
cdn5.anyclip.com — Cisco Umbrella Rank: 20895 Failed
marketplace.anyclip.com — Cisco Umbrella Rank: 16332
4 MB
50 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
ad.doubleclick.net — Cisco Umbrella Rank: 172
stats.g.doubleclick.net — Cisco Umbrella Rank: 100
cm.g.doubleclick.net — Cisco Umbrella Rank: 228
pubads.g.doubleclick.net — Cisco Umbrella Rank: 434
204 KB
48 sftcdn.net
images.sftcdn.net — Cisco Umbrella Rank: 91019
sc.sftcdn.net — Cisco Umbrella Rank: 89756
articles-img.sftcdn.net — Cisco Umbrella Rank: 268941
517 KB
34 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 309
aax.amazon-adsystem.com — Cisco Umbrella Rank: 412
s.amazon-adsystem.com — Cisco Umbrella Rank: 301
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 964
139 KB
21 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 509
image6.pubmatic.com — Cisco Umbrella Rank: 779
image2.pubmatic.com — Cisco Umbrella Rank: 999
simage2.pubmatic.com — Cisco Umbrella Rank: 733
simage4.pubmatic.com — Cisco Umbrella Rank: 1232
image4.pubmatic.com — Cisco Umbrella Rank: 1076
36 KB
21 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1657
usersync.gumgum.com — Cisco Umbrella Rank: 1901
7 KB
21 googlesyndication.com
9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 145
pagead2.googlesyndication.com — Cisco Umbrella Rank: 111
86 KB
20 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 577
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1074
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1069
token.rubiconproject.com — Cisco Umbrella Rank: 574
pixel.rubiconproject.com — Cisco Umbrella Rank: 340
31 KB
19 google.com
analytics.google.com — Cisco Umbrella Rank: 314
ampcid.google.com — Cisco Umbrella Rank: 2399
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 90
3 KB
16 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 3838
a.ad.gt — Cisco Umbrella Rank: 3181
p.ad.gt — Cisco Umbrella Rank: 3760
ids.ad.gt — Cisco Umbrella Rank: 2853
pixels.ad.gt — Cisco Umbrella Rank: 3556
19 KB
15 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 569
r.casalemedia.com — Cisco Umbrella Rank: 1416
htlb.casalemedia.com — Cisco Umbrella Rank: 526
10 KB
11 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 429
ib.adnxs.com — Cisco Umbrella Rank: 230
11 KB
11 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 424
fonts.googleapis.com — Cisco Umbrella Rank: 47
imasdk.googleapis.com — Cisco Umbrella Rank: 473
703 KB
9 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 552
4 KB
9 bidbrain.app
g.bidbrain.app — Cisco Umbrella Rank: 30434
234 B
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 416
mug.criteo.com — Cisco Umbrella Rank: 2381
sslwidget.criteo.com — Cisco Umbrella Rank: 1825
dis.criteo.com — Cisco Umbrella Rank: 718
13 KB
8 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 2602
tr.outbrain.com — Cisco Umbrella Rank: 2509
sync.outbrain.com — Cisco Umbrella Rank: 720
8 KB
7 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 646
ce.lijit.com — Cisco Umbrella Rank: 1025
6 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 368
4 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 323
4 KB
7 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 302
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
3 KB
6 google.ca
www.google.ca — Cisco Umbrella Rank: 8209
adservice.google.ca — Cisco Umbrella Rank: 13645
ampcid.google.ca — Cisco Umbrella Rank: 92151
2 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
42 KB
6 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 437
cdn.id5-sync.com — Cisco Umbrella Rank: 1045
37 KB
6 softonic.com
ghosts-of-tabor.en.softonic.com
softonic.com — Cisco Umbrella Rank: 35006
en.softonic.com Failed
217 KB
5 gstatic.com
fonts.gstatic.com
csi.gstatic.com
16 KB
4 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1033
2 KB
4 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 5365
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3467
1 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 198
195 KB
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 805
tags.crwdcntrl.net — Cisco Umbrella Rank: 1289
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1006
13 KB
4 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 676
match.360yield.com — Cisco Umbrella Rank: 2484
1 KB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 387
1 KB
4 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 5218
ssbsync.smartadserver.com — Cisco Umbrella Rank: 751
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 604
1 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 549
3 KB
4 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 739
915 B
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 407
c.bing.com — Cisco Umbrella Rank: 252
13 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 467
1 KB
3 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 759
2 KB
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 594
i6.liadm.com — Cisco Umbrella Rank: 2475
1 KB
3 media.net
cs.media.net — Cisco Umbrella Rank: 1502
contextual.media.net — Cisco Umbrella Rank: 616
2 KB
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 299
33 KB
3 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1027
sync-t1.taboola.com — Cisco Umbrella Rank: 1246
trc.taboola.com — Cisco Umbrella Rank: 682
918 B
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 652
875 B
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 561
2 KB
3 openx.net
us-u.openx.net — Cisco Umbrella Rank: 462
732 B
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
275 B
3 btloader.com
btloader.com — Cisco Umbrella Rank: 940
api.btloader.com — Cisco Umbrella Rank: 1036
8 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
238 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1437
1009 B
2 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2725
19 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 215
2 KB
2 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2368
oryj8-4pmb8.ads.tremorhub.com — Cisco Umbrella Rank: 29313
1 KB
2 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 935
visitor-usa02.omnitagjs.com — Cisco Umbrella Rank: 3720
723 B
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 8074
960 B
2 dyntrk.com
c.eu1.dyntrk.com — Cisco Umbrella Rank: 5196
1 KB
2 8proof.com
8proof.com — Cisco Umbrella Rank: 31726
cdn.8proof.com Failed
3 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 584
1 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1318
683 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 539
701 B
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1039
2 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 507
1 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 578
2 KB
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 544
tags.bluekai.com — Cisco Umbrella Rank: 573
1 KB
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1523
3 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 931
1019 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4505
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1192
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 913
952 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1115
836 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1016
1 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 677
script.hotjar.com — Cisco Umbrella Rank: 927
73 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
136 KB
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1175
35 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2269
397 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1462
425 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1591
504 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 712
511 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 828
149 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1216
17 KB
1 clmbtech.com
ade.clmbtech.com — Cisco Umbrella Rank: 2917
302 B
1 revcontent.com
trends.revcontent.com — Cisco Umbrella Rank: 1978
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1310
967 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 2776
274 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 655
663 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 1982
278 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 533
280 B
1 mediawallahscript.com
partner.mediawallahscript.com — Cisco Umbrella Rank: 2358
225 B
1 notix.io
notix.io — Cisco Umbrella Rank: 13678
266 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 4702
485 B
1 chocolateplatform.com
cs.chocolateplatform.com — Cisco Umbrella Rank: 6050
1 springserve.com
vid.springserve.com — Cisco Umbrella Rank: 7190
437 B
1 icanhazip.com
ipv4.icanhazip.com — Cisco Umbrella Rank: 10988
401 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 400
513 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 2966
745 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 804
659 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1139
660 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1020
222 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 697
884 B
1 aaxads.com
c.aaxads.com — Cisco Umbrella Rank: 5157
212 B
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2100
44 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 670
15 KB
0 emxdgt.com Failed
cs.emxdgt.com Failed
477 102
Domain Requested by
28 images.sftcdn.net ghosts-of-tabor.en.softonic.com
27 pixel.anyclip.com ghosts-of-tabor.en.softonic.com
24 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
rtb.gumgum.com
ads.pubmatic.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
ap.lijit.com
20 cm.g.doubleclick.net 10 redirects rtb.gumgum.com
eus.rubiconproject.com
ghosts-of-tabor.en.softonic.com
9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
20 usersync.gumgum.com 1 redirects rtb.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
19 marketplace.anyclip.com player.anyclip.com
16 cdn5.anyclip.com player.anyclip.com
16 sc.sftcdn.net ghosts-of-tabor.en.softonic.com
sc.sftcdn.net
13 pubads.g.doubleclick.net imasdk.googleapis.com
12 securepubads.g.doubleclick.net ghosts-of-tabor.en.softonic.com
securepubads.g.doubleclick.net
sc.sftcdn.net
www.datadoghq-browser-agent.com
www.googletagservices.com
9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
10 ids.ad.gt 1 redirects
10 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
9 match.prod.bidr.io 9 redirects
9 g.bidbrain.app ghosts-of-tabor.en.softonic.com
9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
9 tpc.googlesyndication.com 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
8 assets.anyclip.com player.anyclip.com
8 pagead2.googlesyndication.com 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
www.datadoghq-browser-agent.com
tpc.googlesyndication.com
www.googletagservices.com
8 simage2.pubmatic.com ads.pubmatic.com
7 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
7 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
7 match.adsrvr.org 7 redirects
7 x.bidswitch.net 6 redirects
6 ib.adnxs.com 4 redirects player.anyclip.com
6 imasdk.googleapis.com player.anyclip.com
imasdk.googleapis.com
6 trafficmanager.anyclip.com player.anyclip.com
6 player.anyclip.com securepubads.g.doubleclick.net
player.anyclip.com
6 token.rubiconproject.com 5 redirects eus.rubiconproject.com
6 www.google.com ghosts-of-tabor.en.softonic.com
9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
tpc.googlesyndication.com
6 www.google-analytics.com www.googletagmanager.com
www.datadoghq-browser-agent.com
ghosts-of-tabor.en.softonic.com
p.ad.gt
www.google-analytics.com
6 c.amazon-adsystem.com softonic.com
www.datadoghq-browser-agent.com
player.anyclip.com
c.amazon-adsystem.com
5 ce.lijit.com ap.lijit.com
5 image2.pubmatic.com 1 redirects ads.pubmatic.com
5 sync.outbrain.com 3 redirects rtb.gumgum.com
5 secure.adnxs.com 4 redirects
5 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
rtb.gumgum.com
ssum-sec.casalemedia.com
4 csi.gstatic.com imasdk.googleapis.com
4 rtb.mfadsrvr.com 4 redirects
4 fonts.googleapis.com 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
4 www.googletagservices.com securepubads.g.doubleclick.net
9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
4 eb2.3lift.com 2 redirects ads.pubmatic.com
4 ups.analytics.yahoo.com 3 redirects
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
rtb.gumgum.com
4 sync.1rx.io 4 redirects
4 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 articles-img.sftcdn.net ghosts-of-tabor.en.softonic.com
4 www.google.ca ghosts-of-tabor.en.softonic.com
4 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev www.datadoghq-browser-agent.com
c.amazon-adsystem.com
4 id5-sync.com softonic.com
www.datadoghq-browser-agent.com
4 gum.criteo.com 3 redirects static.criteo.net
3 pixel.tapad.com 3 redirects
3 s.ad.smaato.net 2 redirects
3 s0.2mdn.net player.anyclip.com
imasdk.googleapis.com
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 ad.360yield.com 2 redirects
3 b1sync.zemanta.com 3 redirects
3 pr-bh.ybp.yahoo.com 2 redirects
3 us-u.openx.net 2 redirects
3 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
ads.pubmatic.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.datadoghq-browser-agent.com
3 aax.amazon-adsystem.com www.datadoghq-browser-agent.com
c.amazon-adsystem.com
3 www.facebook.com ghosts-of-tabor.en.softonic.com
3 bat.bing.com ghosts-of-tabor.en.softonic.com
bat.bing.com
3 softonic.com ghosts-of-tabor.en.softonic.com
softonic.com
3 www.googletagmanager.com ghosts-of-tabor.en.softonic.com
www.googletagmanager.com
3 ghosts-of-tabor.en.softonic.com 1 redirects softonic.com
2 htlb.casalemedia.com player.anyclip.com
2 pubmatic-match.dotomi.com 2 redirects
2 cm.adgrx.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 ap.lijit.com 1 redirects s.amazon-adsystem.com
2 amazon-tam-match.dotomi.com 2 redirects
2 a.ad.gt cdn.hadronid.net
p.ad.gt
2 id.hadron.ad.gt cdn.hadronid.net
2 cdn.hadronid.net ghosts-of-tabor.en.softonic.com
a.ad.gt
2 dpm.demdex.net 1 redirects
2 i.liadm.com 2 redirects
2 rtb-csync.smartadserver.com 1 redirects
2 dis.criteo.com
2 rtb2-useast.e-volution.ai 2 redirects
2 cs.media.net 2 redirects
2 c.eu1.dyntrk.com 2 redirects
2 8proof.com ghosts-of-tabor.en.softonic.com
9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
2 c1.adform.net 2 redirects
2 thrtle.com 1 redirects ads.pubmatic.com
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 image6.pubmatic.com ads.pubmatic.com
2 creativecdn.com 2 redirects
2 tg.socdm.com 1 redirects
2 sync.mathtag.com 2 redirects
2 bh.contextweb.com 2 redirects
2 sync.technoratimedia.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 pixel-us-east.rubiconproject.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 ad.turn.com 2 redirects
2 api.btloader.com www.datadoghq-browser-agent.com
2 lb.eu-1-id5-sync.com www.datadoghq-browser-agent.com
2 analytics.google.com www.googletagmanager.com
2 ad-delivery.net ghosts-of-tabor.en.softonic.com
2 cdn.id5-sync.com ghosts-of-tabor.en.softonic.com
securepubads.g.doubleclick.net
2 tr.outbrain.com amplify.outbrain.com
ghosts-of-tabor.en.softonic.com
2 connect.facebook.net ghosts-of-tabor.en.softonic.com
connect.facebook.net
1 oryj8-4pmb8.ads.tremorhub.com player.anyclip.com
1 rtb.adentifi.com
1 image4.pubmatic.com
1 synchroscript.deliveryengine.adswizz.com
1 sync.bfmio.com
1 crb.kargo.com
1 pixels.ad.gt p.ad.gt
1 cms.quantserve.com 1 redirects
1 trc.taboola.com 1 redirects
1 p.ad.gt a.ad.gt
1 onetag-sys.com s.amazon-adsystem.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 tags.crwdcntrl.net ghosts-of-tabor.en.softonic.com
1 secure.cdn.fastclick.net ghosts-of-tabor.en.softonic.com
1 ade.clmbtech.com
1 criteo-partners.tremorhub.com
1 trends.revcontent.com
1 c.bing.com
1 exchange.mediavine.com
1 i6.liadm.com
1 matching.ivitrack.com
1 ads.stickyadstv.com
1 r.casalemedia.com
1 tags.bluekai.com
1 visitor-usa02.omnitagjs.com
1 visitor.omnitagjs.com 1 redirects
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 match.sharethrough.com
1 contextual.media.net
1 partner.mediawallahscript.com
1 notix.io
1 dsp.adkernel.com 1 redirects
1 cs.chocolateplatform.com 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
1 match.360yield.com 1 redirects
1 vid.springserve.com player.anyclip.com
1 ipv4.icanhazip.com player.anyclip.com
1 fonts.gstatic.com fonts.googleapis.com
1 config.anyclip.com player.anyclip.com
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 sync.taboola.com 1 redirects
1 cm-supply-web.gammaplatform.com 1 redirects
1 um.simpli.fi 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 stags.bluekai.com 1 redirects
1 match.deepintent.com rtb.gumgum.com
1 sync.srv.stackadapt.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 rtb.gumgum.com s.amazon-adsystem.com
1 ampcid.google.ca www.datadoghq-browser-agent.com
1 adservice.google.ca securepubads.g.doubleclick.net
1 sslwidget.criteo.com static.criteo.net
1 ampcid.google.com www.datadoghq-browser-agent.com
1 ad.doubleclick.net ghosts-of-tabor.en.softonic.com
1 storage.googleapis.com ghosts-of-tabor.en.softonic.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 mug.criteo.com ghosts-of-tabor.en.softonic.com
1 btloader.com ghosts-of-tabor.en.softonic.com
1 c.aaxads.com 1 redirects
1 www.datadoghq-browser-agent.com softonic.com
1 static.hotjar.com www.googletagmanager.com
1 amplify.outbrain.com ghosts-of-tabor.en.softonic.com
1 static.criteo.net ghosts-of-tabor.en.softonic.com
0 cs.emxdgt.com Failed 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
0 en.softonic.com Failed 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
0 cdn.8proof.com Failed 8proof.com
477 173

This site contains links to these domains. Also see Links.

Domain
en.softonic.com
free-pdf-tools.en.softonic.com
www.softonic-ar.com
de.softonic.com
www.softonic.com
fr.softonic.com
www.softonic-id.com
it.softonic.com
www.softonic.jp
www.softonic.kr
www.softonic.nl
www.softonic.pl
www.softonic.com.br
www.softonic.ru
www.softonic-th.com
www.softonic.com.tr
www.softonic.vn
www.softonic.cn
docs.google.com
ghosts-of-tabor.fr.softonic.com
ghosts-of-tabor.softonic.jp
ghosts-of-tabor.softonic.com
ghosts-of-tabor.it.softonic.com
store.steampowered.com
resident-evil-4-remake.en.softonic.com
melatonin.en.softonic.com
171.en.softonic.com
resident-evil-4.en.softonic.com
bonelab.en.softonic.com
age-of-doom-mod.en.softonic.com
attack-on-titan-fan-game.en.softonic.com
beware-the-shadowcatcher.en.softonic.com
call-of-duty-ghosts.en.softonic.com
ghoulsn-ghosts.en.softonic.com
ghosts-of-war-battle-royale-ww2-shooting-games.en.softonic.com
enigmatis-the-ghosts-of-maple-creek.en.softonic.com
phasmophobia.en.softonic.com
grand-theft-auto-vice-city.en.softonic.com
desta-the-memories-between.en.softonic.com
warhammer-40-000-space-marine-2.en.softonic.com
rayman-3-hoodlum-havoc.en.softonic.com
battle-of-anime.en.softonic.com
the-initiate.en.softonic.com
unworthy.en.softonic.com
jojos-bizarre-adventure-all-star-battle-r.en.softonic.com
thedawn.en.softonic.com
kkrieger.en.softonic.com
the-vermander-curse.en.softonic.com
sniper-ghost-warrior-contracts.en.softonic.com
among-us-arena.en.softonic.com
hello.softonic.com
get-support.softonic.com
revamp.softonic.com
dev-support.softonic.com
www.facebook.com
twitter.com
www.linkedin.com
fetchrss.com
Subject Issuer Validity Valid
*.softonic.com
Don Dominio / MrDomain RSA DV CA		 2022-12-23 -
2023-12-22		 a year crt.sh
s4-san.cloudinary.com
R3		 2023-01-09 -
2023-04-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-04-10		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.datadoghq-browser-agent.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-14 -
2024-01-16		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-02-16 -
2023-05-17		 3 months crt.sh
s1-sni.cloudinary.com
R3		 2023-02-15 -
2023-05-16		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
gumgum.com
Amazon RSA 2048 M01		 2023-02-17 -
2023-08-05		 6 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-09		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-02-23 -
2023-06-11		 4 months crt.sh
*.anyclip.com
Go Daddy Secure Certificate Authority - G2		 2022-05-13 -
2023-06-14		 a year crt.sh
*.8proof.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-29 -
2024-02-07		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
g.bidbrain.app
GTS CA 1D4		 2023-03-31 -
2023-06-29		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.springserve.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-10-20		 8 months crt.sh
eu.chocolateplatform.com
ZeroSSL RSA Domain Secure Site CA		 2023-03-16 -
2023-06-14		 3 months crt.sh
notix.io
R3		 2023-01-24 -
2023-04-24		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.mediawallahscript.com
Amazon RSA 2048 M01		 2023-02-10 -
2023-06-01		 4 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-08-12		 5 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
teads.tv
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
*.socdm.com
GlobalSign RSA OV SSL CA 2018		 2022-05-24 -
2023-06-25		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-19 -
2023-05-19		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-02-28 -
2023-09-14		 7 months crt.sh
itm.ivitrack.com
R3		 2023-02-03 -
2023-05-04		 3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M01		 2023-02-23 -
2023-06-03		 3 months crt.sh
revcontent.com
Amazon RSA 2048 M02		 2023-02-23 -
2023-07-16		 5 months crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
colombiaonline.com
R3		 2023-01-10 -
2023-04-10		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.hadronid.net
GTS CA 1P5		 2023-02-11 -
2023-05-12		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.ad.gt
Amazon RSA 2048 M02		 2023-02-08 -
2023-06-08		 4 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.app.kargo.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-18		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
adentifi.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-03		 6 months crt.sh

This page contains 50 frames:

Primary Page: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Frame ID: CF27482083D13167438651A5AA2EA0D4
Requests: 121 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=ghosts-of-tabor.en.softonic.com&origin=onetag
Frame ID: C1B00E1CA53226C80E2BCBCAD739643D
Requests: 2 HTTP requests in this frame

Frame: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2A30969F4CB46BE286B33048D0AED9E8
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_n-vmg_rx_smrt_3lift&dcc=t
Frame ID: F836EAD6FCCA835CBD4B0C8BA33A78AC
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 165F0C2042143C33356A86E100A79B06
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_n-vmg_rx_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: BFE6B2AC2A0AFB2BF6A0A6049DF9B051
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 0DCDF26BD06A6E0A6AE53635C5105C49
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 2071B6092A1E4EC4F4AC61CCE677A64B
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 538E64F78D06B84C3E6C8CE4CCAB3198
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: B1D02EA3173302E02D76080D6249E084
Requests: 12 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1hcUNmTE5sRTJ1SmR3YzN5NWZZb3EydDduNlA1MXhTQn5B
Frame ID: 6621A5CD52AF3C77370E77059212A425
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=5797391859246030884&gdpr=0&gdpr_consent=
Frame ID: 42F05F34D8F8D18F89CB9369933ED4B9
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2633585719758297007346
Frame ID: 9EDDEADA433D141D4E87A6150D2CD7DB
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=21bb6429-f182-4f00-8f77-a2ecdf1666f5&gdpr=&gdpr_consent=
Frame ID: 6F78171BADDE3435A3ACD1FB8BB47753
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZCnxggAA0PsrhQBW&gdpr=&gdpr_consent=&_test=ZCnxggAA0PsrhQBW
Frame ID: 3B357800B63838B17C9D9A513CD8AFA5
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV83YTdkY2NkNC1lNzhhLTQ3MWMtOTVkMC1mNmViNzA4YzA1ZWM=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 9837B2878BC0DE73B660AB611555F7D0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: DBACA9ADAE34FF613C806A75FB4CEECB
Requests: 12 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=89f4937e-9350-458d-a1b8-16e98ea47418
Frame ID: DEF74EB39564543099E31214D4686358
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZCnxgsCo8YoAAPfBFnEAAAAA
Frame ID: 42D94D00CE0A5BD6707A8D88C5938EC6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=43883f18-74cc-4179-92fe-1ebd79eb0e7f
Frame ID: 9CBC51B6A237982349C67C9FEA97C6D3
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1
Frame ID: 11FE55CABBA47FFF315F54CEBB1CAD29
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=cdVueV8wywNfvJsIc4ol&pi=gumgum&tc=1
Frame ID: 45F49CFDE8830363540D31DFBCC163B7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 03B221D4AD9DAFED58D02E1E58A95E43
Requests: 3 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 4BCACA0E7323C6C175CAA841DF08FFD8
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID77836631-CA60-4F89-82D5-5254B3A0E098
Frame ID: 5C10A785B03D6B258BFE6B57037FF8F0
Requests: 1 HTTP requests in this frame

Frame: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 67C6D87521F97B4C1D7264AFB1E6F31E
Requests: 10 HTTP requests in this frame

Frame: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CBC473C43F9C99F2DAE31BF56B28D03D
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstChiY7MnIdfUyZcSPbA1Om_vaDOkaW3LP7XrAxg8yAjB4SsPhbOpdWdxe0FXhRnqzUqiVmcPAR7owpKUapAHoRAH2paR9QwbmWX7NOff2FQOGWIHQLvO2F5PGXWXb39xfTHKyp1TTAub25KGwNKAHM6XpP_8WpYhwWEPdb70OavR7smRFws-t7LQMhcz0qP6gUSa4duQguOvdwggcq_pv0ocS1WH1AVKjdlk2yDRl6hdB4xPRCB2E_VHa7sy3m8_jVnR3NQMN3S97yzsO-irIBQ7o8Xe7wQ4x7Auzji9h2m7OG1ecZuBrIRE46lqDEImoY-pBqmz2MRUz765lSZsQcZmtTIWtEjGlDvHy-YBHxnicx0mjk4qJOUtZh9WgBaO6jn_fCt8TARw&sai=AMfl-YTjE34Hbic7H4L7Oqs2_txtRi4uMJn5QRLlZZEUXyvErhzhdcqoe3bmp1ZAc-uGzR3mPvFaGv8NoyW8UyWMaqZyYe3xi5YxKM4t0cUy-neavoi52HpEH2HiqcmRoQ&sig=Cg0ArKJSzE3K9eUiXnKEEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CB79DFE5229AE8426AAD609CA8D23E9F
Requests: 77 HTTP requests in this frame

Frame: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C8E8326907F4C019297E7C76E3570021
Requests: 19 HTTP requests in this frame

Frame: https://8proof.com/app/rtbmarkup/5111?id=396161125546&ctd=51034&crid=984&ap=ZCnxgQAMXKcIaAuVAA_yDqjDJgfz13Xf2wNWxg
Frame ID: 263D82F306F20CA7DF5FAB5D6B347605
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6B24C63957D2FECF514ADFAE3724A93D
Requests: 9 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-899WWCjvyFIBPWl5H4Rj3GvVhDQeRkceRu5bKA&expires=30
Frame ID: 94A7AB4D90DDB0C006D000B7A2C8DAFB
Requests: 30 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7971F372710EAF16F7DCA23E2832C479
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 33BF9C18F538D01F64FE424ED2733B8E
Requests: 2 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 593F1CEC24E5997405B7E2CFB76D6527
Requests: 29 HTTP requests in this frame

Frame: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fmarketplace.anyclip.com%2Fv1%2Fwaterfall%3Fsti%3Di0TMNoABdw63yRGprZvT%26w%3D970%26h%3D249%26v%3D1%26cb%3D413002464%26pid%3Dsoftoniccom%26sid%3DPddYHHs0UvmrJAKanTwMbW07Z9l1nyBb%26cid%3Djf4uu4spjfruewlugyzuezdgnjqxirlf%26wid%3D0011r00002IkuLz_12078%26dom%3Dghosts-of-tabor.en.softonic.com%26abc%3D%26geo%3DCA%26dev%3D1%26bw%3Dchrome%26os%3Dwindows%26ip%3D149.56.153.178%26url%3Dhttps%253A%252F%252Fghosts-of-tabor.en.softonic.com%26gdpr%3D%26consent%3D%26schain%3D1.0%2C1!anyclip.com%2C0011r00002IkuLzAAJ%2C1%2C%2C%2C%26us_privacy%3D%26utm%3D%26pl%3Da%26ima%3D4%26clipPlayCounter%3D1%26tid%3D%24%5Btid%5D%26amznbid%3D%26amzniid%3D%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F111.0.5563.146%2520Safari%252F537.36%26domain%3Dghosts-of-tabor.en.softonic.com%26page%3D%24%5Bpage%5D%26itemid%3D%24%5Bitemid%5D%26zone%3D%24%5Bzone%5D%26permutive%3D%24%5Bpermutive%5D%26key_custom3%3D%255E0%253D%252F5302%252Fdesktop%252Fdesktop-Web-en%252FApps%252FDownload%252FATF_Lea%255E1%253Dderboard_First%26gpt%3D%24%5Bgpt%5D&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&imaw=0&wf=1
Frame ID: FF3425DBE0867FF26592847B730A8410
Requests: 21 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-onetag_n-MediaNet_n-Beeswax_cnv_an-db5_sovrn_n-Outbrain
Frame ID: C7E052A31D53785C6C18F442B5371FA6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-onetag_n-MediaNet_n-Beeswax_cnv_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: E7126DD72CC53C5A2749C3ED71614DE5
Requests: 6 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAACTWuFy428vgN_yDJdAAAAAAA&expiration=1680556804&is_secure=true
Frame ID: 5F094D6D40C9B5FCBA42FA447331F124
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=4906628487835955293&ex=appnexus.com
Frame ID: CB1AFB539119B3B76D2B2B299BE49EDE
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: FF362A071FD5FD00B7B22462B182FC9C
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.566.2_en.html
Frame ID: 19C03727C365B5A66F7A2F532BDA18DF
Requests: 12 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=77836631-CA60-4F89-82D5-5254B3A0E098&redir=true&gdpr=0&gdpr_consent=
Frame ID: 4BC809BE3DA4057968EE07273085FB93
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABdqU7IU-MAACHm6G7N6w&gdpr=0&gdpr_consent=
Frame ID: F499ED2DF86CC956A8C68442BE0FCAB5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:21bb6429-f182-4f00-8f77-a2ecdf1666f5&gdpr=0&gdpr_consent=
Frame ID: 247382C9C776E2273BB4ED681EC7455C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=232a7594-d19c-11ed-8de2-3a5ec51d8b40
Frame ID: BF3A30A8B49CB80C1FEDD7A1CA79F0C3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4906628487835955293&gdpr=0&gdpr_consent=
Frame ID: A683991F43C721373075F40922F1589D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=77836631-CA60-4F89-82D5-5254B3A0E098
Frame ID: FDC79359F9690E390DB7EA21D0A2469C
Requests: 1 HTTP requests in this frame

Frame: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fmarketplace.anyclip.com%2Fv1%2Fwaterfall%3Fsti%3Di0TMNoABdw63yRGprZvT%26w%3D970%26h%3D249%26v%3D1%26cb%3D587012238%26pid%3Dsoftoniccom%26sid%3DPddYHHs0UvmrJAKanTwMbW07Z9l1nyBb%26cid%3Djf4uu4spjfruewlugyzuezdgnjqxirlf%26wid%3D0011r00002IkuLz_12078%26dom%3Dghosts-of-tabor.en.softonic.com%26abc%3D%26geo%3DCA%26dev%3D1%26bw%3Dchrome%26os%3Dwindows%26ip%3D149.56.153.178%26url%3Dhttps%253A%252F%252Fghosts-of-tabor.en.softonic.com%26gdpr%3D%26consent%3D%26schain%3D1.0%2C1!anyclip.com%2C0011r00002IkuLzAAJ%2C1%2C%2C%2C%26us_privacy%3D%26utm%3D%26pl%3Da%26ima%3D4%26clipPlayCounter%3D1%26tid%3D%24%5Btid%5D%26amznbid%3D%26amzniid%3D%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F111.0.5563.146%2520Safari%252F537.36%26domain%3Dghosts-of-tabor.en.softonic.com%26page%3D%24%5Bpage%5D%26itemid%3D%24%5Bitemid%5D%26zone%3D%24%5Bzone%5D%26permutive%3D%24%5Bpermutive%5D%26key_custom3%3D%255E0%253D%252F5302%252Fdesktop%252Fdesktop-Web-en%252FApps%252FDownload%252FATF_Lea%255E1%253Dderboard_First%26gpt%3D%24%5Bgpt%5D&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&imaw=0&wf=1
Frame ID: 7EB84C2CFFB3272AF9C168E37EA0D062
Requests: 17 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.566.2_en.html
Frame ID: FABF623CABDB4238AB08E0A0355EA945
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Download Ghosts of Tabor - latest version

Page URL History Show full URLs

  1. https://ghosts-of-tabor.en.softonic.com/download HTTP 302
    https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • rx(?:\.\w+)?(?:\.compat|\.global)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • zip\.co
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

477
Requests

83 %
HTTPS

32 %
IPv6

102
Domains

173
Subdomains

119
IPs

11
Countries

6664 kB
Transfer

14276 kB
Size

204
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ghosts-of-tabor.en.softonic.com/download HTTP 302
    https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://c.aaxads.com/aax.js?pub=AAXXX4L07&hst=ghosts-of-tabor.en.softonic.com&ver=1.2 HTTP 302
  • https://btloader.com/tag?o=5633429348548608&upapi=true
Request Chain 37
  • https://gum.criteo.com/sid/json?origin=onetag&domain=softonic.com&sn=ChromeSyncframe&so=0&topUrl=ghosts-of-tabor.en.softonic.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=XERaVnxQMUJTOWgzUnRBSlZEZE9vNWlvMVNuYTRIdGhzQk9pMWVJTXRGVTBSb1o5d0hrRksrVWZCcHB5b3NjZUV4U25IaHhwQjBtMHAzTmZLY242a0pHczdHMkwzVi9sM0lCNks3cXRPREIydmlRdHNoOHBkWjFHUGhyOW1RTDBVYksvMXphZ1c5V21IL2IzRXk2YWw4M2NUR01HTDNrQllDRGlJYjhUTzJjQWs4MGpIMkQ2S3RVWDdqZ2g0d3RrR3hJb3pHTVV0YU16NDRzcW80eENlYWd2NFVSRTQrRVpYUzd6cy9wTVorTitYblpqeS9tVjJtdXhxVk0wc1hHM1R1YWFOSVduYXFOdkhNR3VVSGxndVVLdUZXdz09fA&cppv=2
Request Chain 105
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_n-vmg_rx_smrt_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_n-vmg_rx_smrt_3lift&dcc=t
Request Chain 119
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1680470402143 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2622911811 HTTP 302
  • https://sync.1rx.io/usersync/turn/8233565412851397482?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8b8d7037-a50f-4704-8a06-111aa15a5124-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-8b8d7037-a50f-4704-8a06-111aa15a5124-005 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-8b8d7037-a50f-4704-8a06-111aa15a5124-005
Request Chain 121
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 124
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1hcUNmTE5sRTJ1SmR3YzN5NWZZb3EydDduNlA1MXhTQn5B
Request Chain 125
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=5797391859246030884&gdpr=0&gdpr_consent=
Request Chain 126
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2633585719758297007346
Request Chain 128
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=4906628487835955293
Request Chain 129
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_7a7dccd4-e78a-471c-95d0-f6eb708c05ec&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_7a7dccd4-e78a-471c-95d0-f6eb708c05ec&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=80ca4228-81a4-4e25-8249-c1cf0b627468&gdpr=&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=80ca4228-81a4-4e25-8249-c1cf0b627468&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=27a51034-3450-42a2-af51-38368804529a&ssp=gumgum2&expires=30&user_group=5&bsw_param=80ca4228-81a4-4e25-8249-c1cf0b627468 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=80ca4228-81a4-4e25-8249-c1cf0b627468
Request Chain 130
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%289i5KMbS_pWEXEBncCagIaWgvHHWw3NKZd9psPXJytaZTpZxvMXZ_bsNsbYPUDj7G%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%289i5KMbS_pWEXEBncCagIaWgvHHWw3NKZd9psPXJytaZTpZxvMXZ_bsNsbYPUDj7G%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_7a7dccd4-e78a-471c-95d0-f6eb708c05ec&obuid=ENC(9i5KMbS_pWEXEBncCagIaWgvHHWw3NKZd9psPXJytaZTpZxvMXZ_bsNsbYPUDj7G) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LFZWOT3X-20-BEUI&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Request Chain 131
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=f22301d0-3816-45dc-b736-658ee25ce8b7
Request Chain 132
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-72e8f41c-c614-5c44-7a44-34baa58f8010$ip$149.56.153.178
Request Chain 133
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-PkZYSgdE2pfoq7bl0w8oVZA2kZ70rsVzFbdZ~A
Request Chain 134
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=51747092-343d-4325-ae8f-da6bfe08675d
Request Chain 135
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=16F85AA78ED646369CC5112051089037
Request Chain 137
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_7a7dccd4-e78a-471c-95d0-f6eb708c05ec&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=TgmZxETM97TubJNGF99y&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVKGO3K2PBCVITJZG5KHKYSKJZDUMOJZPE HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVKGO3K2PBCVITJZG5KHKYSKJZDUMOJZPE HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=TgmZxETM97TubJNGF99y
Request Chain 138
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=180a06f6-123a-4dc0-8e44-98a84b585ba3
Request Chain 139
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=qMmxevOZMT1Z&ev=1&pid=558355
Request Chain 140
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=5797391859246030884
Request Chain 143
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=21bb6429-f182-4f00-8f77-a2ecdf1666f5&gdpr=&gdpr_consent=
Request Chain 144
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZCnxggAA0PsrhQBW HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZCnxggAA0PsrhQBW&gdpr=&gdpr_consent=&_test=ZCnxggAA0PsrhQBW
Request Chain 147
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=89f4937e-9350-458d-a1b8-16e98ea47418
Request Chain 148
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZCnxgsCo8YoAAPfBFnEAAAAA
Request Chain 149
  • https://cs.admanmedia.com/sync/gumgum?puid=u_7a7dccd4-e78a-471c-95d0-f6eb708c05ec&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=43883f18-74cc-4179-92fe-1ebd79eb0e7f
Request Chain 150
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1
Request Chain 151
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=cdVueV8wywNfvJsIc4ol&pi=gumgum&tc=1
Request Chain 152
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 158
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=d4NmMcpgT4mC1VJUs6DgmA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 159
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=77836631-CA60-4F89-82D5-5254B3A0E098&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=77836631-CA60-4F89-82D5-5254B3A0E098&gdpr=0&gdpr_consent=&ct=y
Request Chain 161
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=77836631-CA60-4F89-82D5-5254B3A0E098&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=77836631-CA60-4F89-82D5-5254B3A0E098&vxii_pid=12&vxii_pid1=10067&vxii_rcid=0de5bc31-1e74-4183-9f33-94f645362640
Request Chain 162
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Nzc4MzY2MzEtQ0E2MC00Rjg5LTgyRDUtNTI1NEIzQTBFMDk4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP47ZIu7WuH546paX3Up1-A&google_cver=1
Request Chain 164
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:70392DB35B2F446BB99E43B3F68BEDCE
Request Chain 165
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8161507818813469546&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 166
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=89f4937e-9350-458d-a1b8-16e98ea47418&gdpr=0&gdpr_consent=
Request Chain 168
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=89f4937e-9350-458d-a1b8-16e98ea47418&expiration=1683062402&gdpr=0&gdpr_consent=
Request Chain 169
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZCnxgobKgrXuOQ3PvkszlgAADkEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE-lfgdrVa87tFxOf5vQHFc&google_cver=1
Request Chain 170
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZCnxgobKgrXuOQ3PvkszlgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHF7O2nUArWrYPh8o5Od8Pc&google_cver=1
Request Chain 171
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=1&t=pixel HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=205&external_user_id=15nh0qta8k52
Request Chain 172
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5415445301091102796&expiration=1681680002
Request Chain 173
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZCnxgobKgrXuOQ3PvkszlgAA%263649&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=11c288fe-4ec6-4f0f-9368-2190ffd815c0-tuctb237702
Request Chain 174
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4906628487835955293
Request Chain 176
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LFZWOT3X-20-BEUI HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LFZWOT3X-20-BEUI
Request Chain 184
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LFZWOT3X-20-BEUI HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LFZWOT3X-20-BEUI&ex=d-rubiconproject.com&status=ok
Request Chain 206
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFZWOT3X-20-BEUI
Request Chain 207
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGJkMDU2NDY3ZGY4ZmEyMjZjODYwYmQ3OWQxNjI4OWMwMGE4Yzk0YQ
Request Chain 208
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/IYsO_ADYlW--rp9n4jN6l8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-EHNrG0ZE2oINflLTMTfUNLhT5pKlify8eqKFGQ--~A
Request Chain 209
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEZaV09UM1gtMjAtQkVVSQ== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDtvhyAoLNLnOOGlD0JiHkI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZaV09UM1gtMjAtQkVVSQ==&google_push=
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGjibjYeG38hKCg4yBvpxKE&google_cver=1
Request Chain 211
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=nGZHrDNYQcmVVb04ofQjyA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nGZHrDNYQcmVVb04ofQjyA
Request Chain 212
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=89f4937e-9350-458d-a1b8-16e98ea47418&gdpr=0&gdpr_consent=&expires=30
Request Chain 240
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBd4x2PsJDw5AYXlSlIZc38&google_cver=1&google_push=Aer7DvKWn_sWGlatW0m5G1swChWoiMuQWNsGDl4ioAWoghTeh1jOdGzxQSwPUMKFeC6J9F4B95vRnhW4yYqzMSoyj0p4HjBPpg HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBd4x2PsJDw5AYXlSlIZc38&google_cver=1&google_push=Aer7DvKWn_sWGlatW0m5G1swChWoiMuQWNsGDl4ioAWoghTeh1jOdGzxQSwPUMKFeC6J9F4B95vRnhW4yYqzMSoyj0p4HjBPpg&prevuid=05010005_6429f1837d094&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aer7DvKWn_sWGlatW0m5G1swChWoiMuQWNsGDl4ioAWoghTeh1jOdGzxQSwPUMKFeC6J9F4B95vRnhW4yYqzMSoyj0p4HjBPpg&google_hm=MDUwMTAwMDVfNjQyOWYxODM3ZDA5NA%3D%3D
Request Chain 241
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEG3ZpX3BQJ7vt1b9eS3kngo&google_cver=1&google_push=Aer7DvK_pPiJMYht3I0Vo1VNyovx3DQ6dotroCwrL_WRQLEcqM3KIuqHM2tUUb2yIefvYZdQqHy1tJlwbrqA3cy1Z6wyk_wsiJQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvK_pPiJMYht3I0Vo1VNyovx3DQ6dotroCwrL_WRQLEcqM3KIuqHM2tUUb2yIefvYZdQqHy1tJlwbrqA3cy1Z6wyk_wsiJQ&google_hm=gMpCKIGkTiWCScHPC2J0aA==
Request Chain 242
  • https://match.360yield.com/match/ebda?google_gid=CAESEITgPTUHvQrxES8j58PQN10&google_cver=1&google_push=Aer7DvJV9DCJKpmXYFfZ3y-RPQt19mCP5wOnD-bwR2va7GNzscjxVVI0Ugo24140bZ9B684Ufhj_uwkzw2kP3xJ_IYkaY2KzFQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GAoG9hI6TcCORJioS1hbow&google_push=Aer7DvJV9DCJKpmXYFfZ3y-RPQt19mCP5wOnD-bwR2va7GNzscjxVVI0Ugo24140bZ9B684Ufhj_uwkzw2kP3xJ_IYkaY2KzFQ
Request Chain 243
  • https://cs.media.net/cksync?type=g&google_gid=CAESEBC0bI1AHowoZXUIMT6lmU0&google_cver=1&google_push=Aer7DvIZsG8sMAx9vJ28bILCXvArtIK29C45r5ky0PUc1KMg2lCfUkWSK0WXfyjQ9orGZ8fZIp3ABcSD3QNLAtwciRtqAttsohI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIzNDcyMDAzMTQ1NDY1MjAwMFYxMA%3d%3d&mn_hm=MzIzNDcyMDAzMTQ1NDY1MjAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvIZsG8sMAx9vJ28bILCXvArtIK29C45r5ky0PUc1KMg2lCfUkWSK0WXfyjQ9orGZ8fZIp3ABcSD3QNLAtwciRtqAttsohI&gdpr=&gdpr_consent=
Request Chain 245
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEFcgij5hYYRcOyqp-0C3nI8&google_cver=1&google_push=Aer7DvJ88NFVOqGppaBjVvbY-Vi5KQUc2NV2zvHhDM6yLdsu-d34ti7eOOQHIZ_0WS1kPo4B3mbVz2diGbyHGjU-7xDz6rfkJpjY HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEFcgij5hYYRcOyqp-0C3nI8%26google_cver%3D1%26google_push%3DAer7DvJ88NFVOqGppaBjVvbY-Vi5KQUc2NV2zvHhDM6yLdsu-d34ti7eOOQHIZ_0WS1kPo4B3mbVz2diGbyHGjU-7xDz6rfkJpjY HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A3811633554147411710&exchange=193&google_gid=CAESEFcgij5hYYRcOyqp-0C3nI8&google_cver=1&google_push=Aer7DvJ88NFVOqGppaBjVvbY-Vi5KQUc2NV2zvHhDM6yLdsu-d34ti7eOOQHIZ_0WS1kPo4B3mbVz2diGbyHGjU-7xDz6rfkJpjY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTM4MTE2MzM1NTQxNDc0MTE3MTA&google_push=Aer7DvJ88NFVOqGppaBjVvbY-Vi5KQUc2NV2zvHhDM6yLdsu-d34ti7eOOQHIZ_0WS1kPo4B3mbVz2diGbyHGjU-7xDz6rfkJpjY
Request Chain 253
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-zLK7CyjvyFIBPWl5H4Rj3GvVhDSxW2ZGB0slBg&google_cm&google_hm=ay16TEs3Q3lqdnlGSUJQV2w1SDRSajNHdlZoRFN4VzJaR0Iwc2xCZw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-zLK7CyjvyFIBPWl5H4Rj3GvVhDSxW2ZGB0slBg&google_gid=CAESENU5nalnnwm4V4VZWTXIxYE&google_cver=1&google_ula=913071,0
Request Chain 254
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4906628487835955293
Request Chain 266
  • https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-oVGzDijvyFIBPWl5H4Rj3GvVhDQIvsb2lMdaaw HTTP 307
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=CRITEO&uid=732efe97317e6352de4c1caf24b5064b&visitor=k-oVGzDijvyFIBPWl5H4Rj3GvVhDQIvsb2lMdaaw
Request Chain 267
  • https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
  • https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=DkDqZCQGTJRey65zxkXkaaDuxEufAT61
Request Chain 272
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-wlBJwyjvyFIBPWl5H4Rj3GvVhDSQTuK05-B7QQ HTTP 303
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-wlBJwyjvyFIBPWl5H4Rj3GvVhDSQTuK05-B7QQ&_li_chk=true&previous_uuid=2088e8a3830e44bb965415b1640a4d98 HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-wlBJwyjvyFIBPWl5H4Rj3GvVhDSQTuK05-B7QQ
Request Chain 278
  • https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-cjoutyjvyFIBPWl5H4Rj3GvVhDShWOcywG-ksg HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-cjoutyjvyFIBPWl5H4Rj3GvVhDShWOcywG-ksg&cookieCheck=1
Request Chain 305
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=3JqhV1ErKP-2lMpN5z0IcXH2bnyAN4H3 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=3JqhV1ErKP-2lMpN5z0IcXH2bnyAN4H3
Request Chain 350
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=3c10f921
Request Chain 352
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3234720031454637000V10
Request Chain 353
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1 HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AABdqU7IU-MAACHm6G7N6w&ex=beeswax.com
Request Chain 354
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=TgmZxETM97TubJNGF99y
Request Chain 357
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=224cb405a1dd1641&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAACTWuFy428vgN_yDJdAAAAAAA&expiration=1680556804&is_secure=true
Request Chain 358
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=4906628487835955293&ex=appnexus.com
Request Chain 359
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 366
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001680470404-0CJ8A44E-MX8X&adnxs_id=$UID&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001680470404-0CJ8A44E-MX8X&adnxs_id=4906628487835955293&gdpr=0
Request Chain 367
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001680470404-0CJ8A44E-MX8X&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=89f4937e-9350-458d-a1b8-16e98ea47418&id=AU1D-0100-001680470404-0CJ8A44E-MX8X
Request Chain 368
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001680470404-0CJ8A44E-MX8X HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=77836631-CA60-4F89-82D5-5254B3A0E098&id=AU1D-0100-001680470404-0CJ8A44E-MX8X
Request Chain 369
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001680470404-0CJ8A44E-MX8X&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001680470404-0CJ8A44E-MX8X&rub=LFZWOT3X-20-BEUI&gdpr=0
Request Chain 370
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001680470404-0CJ8A44E-MX8X&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001680470404-0CJ8A44E-MX8X%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001680470404-0CJ8A44E-MX8X&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001680470404-0CJ8A44E-MX8X%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ab664ae0-ff15-4fcd-88be-b0364d0d2ade%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001680470404-0CJ8A44E-MX8X%252526tapad_id%25253Dab664ae0-ff15-4fcd-88be-b0364d0d2ade%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=89f4937e-9350-458d-a1b8-16e98ea47418&ttd_puid=ab664ae0-ff15-4fcd-88be-b0364d0d2ade%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001680470404-0CJ8A44E-MX8X%2526tapad_id%253Dab664ae0-ff15-4fcd-88be-b0364d0d2ade%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001680470404-0CJ8A44E-MX8X&tapad_id=ab664ae0-ff15-4fcd-88be-b0364d0d2ade
Request Chain 371
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001680470404-0CJ8A44E-MX8X HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001680470404-0CJ8A44E-MX8X&google_gid=CAESEHgDuDlsBZoZtYa8CZMByfY&google_cver=1&google_ula=450542624,0
Request Chain 372
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001680470404-0CJ8A44E-MX8X HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY4MDQ3MDQwNC0wQ0o4QTQ0RS1NWDhY
Request Chain 373
  • https://trc.taboola.com/sg/audigent/1/cm?redirect=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftaboola%3Fpartner_uid%3D%3CTUID%3E%3Fid%3DAU1D-0100-001680470404-0CJ8A44E-MX8X HTTP 302
  • https://ids.ad.gt/api/v1/taboola?partner_uid=11c288fe-4ec6-4f0f-9368-2190ffd815c0-tuctb237702?id=AU1D-0100-001680470404-0CJ8A44E-MX8X
Request Chain 375
  • https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001680470404-0CJ8A44E-MX8X%26unruly_id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8b8d7037-a50f-4704-8a06-111aa15a5124-005?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001680470404-0CJ8A44E-MX8X%26unruly_id%3DRX-8b8d7037-a50f-4704-8a06-111aa15a5124-005 HTTP 302
  • https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001680470404-0CJ8A44E-MX8X&unruly_id=RX-8b8d7037-a50f-4704-8a06-111aa15a5124-005
Request Chain 377
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=4f050b32-8667-49fe-a556-ce0fc6bbe0af
Request Chain 378
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_user_id=80ca4228-81a4-4e25-8249-c1cf0b627468 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_user_id=80ca4228-81a4-4e25-8249-c1cf0b627468 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=4f050b32-8667-49fe-a556-ce0fc6bbe0af&ssp=fmx HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=80ca4228-81a4-4e25-8249-c1cf0b627468&gdpr=&gdpr_consent=
Request Chain 379
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=4906628487835955293&gdpr=0&gdpr_consent=
Request Chain 380
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=CfHEaFn0zmUS8JMzXvHbYl2nkmIS8MNnBvGE30g5
Request Chain 381
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AABdqU7IU-MAACHm6G7N6w&gdpr=0
Request Chain 407
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCZHFVN0lVLU1BQUNIbTZHN042dw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABdqU7IU-MAACHm6G7N6w&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABdqU7IU-MAACHm6G7N6w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5797391859246030884&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABdqU7IU-MAACHm6G7N6w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5797391859246030884%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5797391859246030884&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AABdqU7IU-MAACHm6G7N6w&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABdqU7IU-MAACHm6G7N6w&gdpr=0&gdpr_consent=
Request Chain 408
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:21bb6429-f182-4f00-8f77-a2ecdf1666f5&gdpr=0&gdpr_consent=
Request Chain 409
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=232a7594-d19c-11ed-8de2-3a5ec51d8b40
Request Chain 410
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4906628487835955293&gdpr=0&gdpr_consent=
Request Chain 416
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=77836631-CA60-4F89-82D5-5254B3A0E098&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CsGFsBBE2uXu87R7X8crvkL8kr8sDRQ-~A&gdpr=0
Request Chain 418
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=51747092-343d-4325-ae8f-da6bfe08675d&gdpr=0&gdpr_consent=
Request Chain 419
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=77836631-CA60-4F89-82D5-5254B3A0E098&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6198b7c6fa16067b&is_secure=true&networkId=17100&version=1&nuid=77836631-CA60-4F89-82D5-5254B3A0E098&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAH6AF7uZ8bKANmysZiAAAAAAA&expiration=1680556805&nuid=77836631-CA60-4F89-82D5-5254B3A0E098&is_secure=true&gdpr_consent=&gdpr=0

477 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request download
ghosts-of-tabor.en.softonic.com/
Redirect Chain
  • https://ghosts-of-tabor.en.softonic.com/download
  • https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
269 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
dcfbb6724aa1cd2321ff9542d93aef49c139e87c563202ef8ffb1fedd7293e2a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache
content-encoding
br
content-language
en-US
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Sun, 02 Apr 2023 21:20:00 GMT
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=()
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
user-agent,accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-detected-as
desktop
x-envoy-upstream-service-time
583
x-frame-options
sameorigin
x-is-bot
false
x-page-id
app_download
x-rendered-as
desktop
x-request-id
d205e545-545b-4931-af31-48b033d4b65e
x-served-by
server-7d854d865d-xgtt7
x-version
1.5748.0
x-xss-protection
1

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache
content-language
en-US
content-length
0
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Sun, 02 Apr 2023 21:20:00 GMT
location
?ex=DINS-635.3
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=()
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
user-agent
via
1.1 google
x-content-type-options
nosniff
x-detected-as
desktop
x-envoy-upstream-service-time
9
x-frame-options
sameorigin
x-is-bot
false
x-page-id
app_download
x-rendered-as
desktop
x-request-id
8b61dc75-53db-48bf-93cf-8ed2509a6a40
x-served-by
server-debug-5585bd6d8d-cvjqk
x-version
1.5748.0
x-xss-protection
1
ghosts-of-tabor-Ghosts%20of%20Tabor-icon.jpg
images.sftcdn.net/images/t_app-icon-s/p/bd1a73a1-0962-4a11-9c88-9fa4c1dcade2/799761557/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/bd1a73a1-0962-4a11-9c88-9fa4c1dcade2/799761557/ghosts-of-tabor-Ghosts%20of%20Tabor-icon.jpg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
1dd0164d7a288b7733fa105f3251d65b37466d556301df4b967f89294ac3af7e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:00 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Thu, 23 Mar 2023 13:05:48 GMT
server
Cloudinary
etag
"85180abf6cac2a2b34c8848d702d0752"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="799761557.webp"
server-timing
cld-akam;dur=6;start=2023-04-02T21:20:00.955Z;desc=hit,rtt;dur=18
accept-ranges
bytes
timing-allow-origin
*
content-length
2302
585ea-68c47.woff2
sc.sftcdn.net/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/fonts/585ea-68c47.woff2
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
Origin
https://ghosts-of-tabor.en.softonic.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires
Mon, 03 Apr 2023 23:38:06 GMT
date
Sun, 02 Apr 2023 21:20:00 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
510114
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
16706
x-served-by
cache-ams21079-AMS, cache-yyz4541-YYZ
last-modified
Mon, 27 Mar 2023 12:29:20 GMT
server
istio-envoy
x-timer
S1680470401.879839,VS0,VE0
etag
W/"64218c20-4144"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
420, 89
gtm.js
www.googletagmanager.com/ 		390 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a7fc7e3b5ded6d75a8f1a751aa663ef1bd567cdab27706c742f4474799c359c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111901
x-xss-protection
0
last-modified
Sun, 02 Apr 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 02 Apr 2023 21:20:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9ec2d6f02b69a0484181b9d71ac0831a6c6f8e581e5fa0848fe28bebdb86a0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27204
x-xss-protection
0
server
sffe
etag
"1530 / 605 of 1000 / last-modified: 1680300463"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Apr 2023 21:20:00 GMT
sft-prebid.js
softonic.com/revamp/ 		326 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://softonic.com/revamp/sft-prebid.js
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
66bb481ae57ed9e56f6ee08dbbe5def1e9ffb7d1586dc59d098eaa868916c819

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
Origin
https://ghosts-of-tabor.en.softonic.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-version
1.1019.0
date
Sun, 02 Apr 2023 21:20:00 GMT
content-encoding
br
via
1.1 google, 1.1 varnish, 1.1 varnish, 1.1 google
age
119486
x-cache
MISS, HIT
x-envoy-upstream-service-time
7
x-region
QC
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94486
x-request-id
c8e09bd1-41aa-4cca-a8c5-d50d74b501ed
x-served-by
cache-ams21030-AMS, cache-bfi-krnt7300092-BFI
server
istio-envoy
x-publisher-id
softonic
x-timer
S1680470401.917715,VS0,VE1
etag
W/"2e36bb2ea3c096723e8cd1bf51392288"
vary
Accept-Encoding,x-country-code,x-device-platform
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-country-code, x-region
cache-control
max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform
Desktop
accept-ranges
bytes
x-country-code
CA
x-cache-hits
0, 2
ld.js
static.criteo.net/js/ld/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
d03b2a573e13c69a70a4efb22ca78f769ff96692861433bc7fd967e3907f4bca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Mar 2023 15:05:20 GMT
server
nginx
etag
W/"640752b0-ae53"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 03 Apr 2023 21:20:00 GMT
72c3f-56f97.mjs
sc.sftcdn.net/scripts/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/72c3f-56f97.mjs
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
d82a7364256545760e9eec8aebd6d0c844ce7cfc0a2403d60e06b5ddea17f4c8

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
Origin
https://ghosts-of-tabor.en.softonic.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires
Tue, 04 Apr 2023 13:04:50 GMT
date
Sun, 02 Apr 2023 21:20:00 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
461710
x-cache
HIT, HIT
x-envoy-upstream-service-time
3
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
13651
x-served-by
cache-ams12781-AMS, cache-yyz4541-YYZ
last-modified
Tue, 28 Mar 2023 09:52:16 GMT
server
istio-envoy
x-timer
S1680470401.880363,VS0,VE0
etag
W/"6422b8d0-bf9c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
46, 87
23986-25de4.mjs
sc.sftcdn.net/scripts/ 		87 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/23986-25de4.mjs
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
16e23798c6668c7e3229fbb943cc07a4844edf1f2bede94a7db7341891c2d723

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
Origin
https://ghosts-of-tabor.en.softonic.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires
Thu, 06 Apr 2023 09:07:45 GMT
date
Sun, 02 Apr 2023 21:20:00 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
303136
x-cache
HIT, HIT
x-envoy-upstream-service-time
13
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
19681
x-served-by
cache-ams21073-AMS, cache-yyz4541-YYZ
last-modified
Thu, 30 Mar 2023 08:56:20 GMT
server
istio-envoy
x-timer
S1680470401.880266,VS0,VE0
etag
W/"64254eb4-15b6c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
90, 89
sft-bundle.js
softonic.com/revamp/ 		348 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://softonic.com/revamp/sft-bundle.js?modern=1
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
d4a3e5f08b3a49db39b669fe317f4bb062a367615048875f5fb8225804e1eada

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
Origin
https://ghosts-of-tabor.en.softonic.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-version
1.1019.0
date
Sun, 02 Apr 2023 21:20:00 GMT
content-encoding
br
via
1.1 google, 1.1 varnish, 1.1 varnish, 1.1 google
age
119554
x-cache
HIT, HIT
x-envoy-upstream-service-time
8
x-region
QC
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76112
x-request-id
102ba356-50cd-4ae7-8be1-f821d890309b
x-served-by
cache-ams12763-AMS, cache-bfi-krnt7300109-BFI
server
istio-envoy
x-publisher-id
softonic
x-timer
S1680470401.918723,VS0,VE0
etag
W/"7e56dcabb9aee63de8ae7cc5ac7a73b7"
vary
Accept-Encoding,x-device-platform
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-country-code, x-region
cache-control
max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform
Desktop
accept-ranges
bytes
x-country-code
CA
x-cache-hits
3, 3522
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 02 Apr 2023 21:20:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27909
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
On//ASkXxx6Zjk/X4iZ09MC//5IqM+qxRiz7224lRueBQ8jGA8KQXUzsteW5ciUSESYaVLzD+2jr+tkiHSPd2A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
obtp.js
amplify.outbrain.com/cp/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.137.117 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-137-117.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6248d26097243293144a2c446b330ef62be51f9407430894f8c8ce4218643371

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:00 GMT
Content-Encoding
gzip
Last-Modified
Sat, 25 Mar 2023 14:14:24 GMT
Server
AkamaiNetStorage
ETag
"f5b26a8a79c33830b47954a53cc355f9:1679753794.886245"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-RG
NA
Cache-Control
max-age=1200
X-CC
CA
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6385
Expires
Sun, 02 Apr 2023 21:40:00 GMT
bat.js
bat.bing.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sun, 02 Apr 2023 21:20:00 GMT
last-modified
Thu, 16 Feb 2023 18:31:53 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 999C835A76944D97B01B1768B0052739 Ref B: YMQ01EDGE0610 Ref C: 2023-04-02T21:20:00Z
etag
"8072cff03442d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11894
e1d66-23baf.css
sc.sftcdn.net/styles/ 		114 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/styles/e1d66-23baf.css
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
60a98b029056cc2e2148db3b0e88a0b58fe7a3284382ef896ef847fedfe491fa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires
Wed, 05 Apr 2023 10:23:27 GMT
date
Sun, 02 Apr 2023 21:20:00 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
384993
x-cache
HIT, HIT
x-envoy-upstream-service-time
6
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
16963
x-served-by
cache-ams21043-AMS, cache-yyz4554-YYZ
last-modified
Wed, 29 Mar 2023 09:24:22 GMT
server
istio-envoy
x-timer
S1680470401.880619,VS0,VE0
etag
W/"642403c6-1c676"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
94, 71
b94b1-8f16d.css
sc.sftcdn.net/styles/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/styles/b94b1-8f16d.css
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
56eec970d49d047c19adb98e5bb4b701f208cdef8768caaf76cdacc4083a1b97

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires
Mon, 03 Apr 2023 10:39:41 GMT
date
Sun, 02 Apr 2023 21:20:00 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
556820
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
892
x-served-by
cache-ams21050-AMS, cache-yyz4554-YYZ
last-modified
Mon, 27 Mar 2023 09:00:45 GMT
server
istio-envoy
x-timer
S1680470401.880558,VS0,VE0
etag
W/"64215b3d-d90"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
48, 16
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
fa090-0d026.svg
sc.sftcdn.net/images/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sc.sftcdn.net/images/fa090-0d026.svg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
2088f5aa1ebfab0d8de47886b0418c34f5b36d5b19286b9c87616547dfa3562d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires
Mon, 03 Apr 2023 11:08:15 GMT
date
Sun, 02 Apr 2023 21:20:00 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
555105
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2107
x-served-by
cache-ams21068-AMS, cache-yyz4554-YYZ
last-modified
Mon, 27 Mar 2023 09:00:44 GMT
server
istio-envoy
x-timer
S1680470401.904455,VS0,VE0
etag
W/"64215b3c-12b0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
1131, 72
40150-c8dec.css
sc.sftcdn.net/styles/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/styles/40150-c8dec.css
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires
Mon, 03 Apr 2023 12:34:38 GMT
date
Sun, 02 Apr 2023 21:20:00 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
549922
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1886
x-served-by
cache-ams21047-AMS, cache-yyz4554-YYZ
last-modified
Mon, 27 Mar 2023 12:29:20 GMT
server
istio-envoy
x-timer
S1680470401.904979,VS0,VE0
etag
W/"64218c20-2a19"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
2, 69
fb1fc-1da31.css
sc.sftcdn.net/styles/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/styles/fb1fc-1da31.css
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires
Mon, 03 Apr 2023 10:39:42 GMT
date
Sun, 02 Apr 2023 21:20:00 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
556818
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1156
x-served-by
cache-ams21043-AMS, cache-yyz4554-YYZ
last-modified
Mon, 27 Mar 2023 09:00:45 GMT
server
istio-envoy
x-timer
S1680470401.905002,VS0,VE0
etag
W/"64215b3d-1282"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
69, 19
5bba3-e5711.woff2
sc.sftcdn.net/fonts/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/fonts/5bba3-e5711.woff2
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
Origin
https://ghosts-of-tabor.en.softonic.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires
Tue, 04 Apr 2023 02:06:30 GMT
date
Sun, 02 Apr 2023 21:20:00 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
501210
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
12698
x-served-by
cache-ams12743-AMS, cache-yyz4541-YYZ
last-modified
Mon, 27 Mar 2023 12:29:20 GMT
server
istio-envoy
x-timer
S1680470401.884823,VS0,VE0
etag
W/"64218c20-319c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
16, 81
d1174-0627e.woff2
sc.sftcdn.net/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/fonts/d1174-0627e.woff2
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
Origin
https://ghosts-of-tabor.en.softonic.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires
Thu, 06 Apr 2023 16:47:18 GMT
date
Sun, 02 Apr 2023 21:20:00 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
275562
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17553
x-served-by
cache-ams21073-AMS, cache-yyz4541-YYZ
last-modified
Thu, 30 Mar 2023 08:56:20 GMT
server
istio-envoy
x-timer
S1680470401.885554,VS0,VE0
etag
W/"64254eb4-4490"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
87, 84
71dea-14daa.svg
sc.sftcdn.net/images/ 		945 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sc.sftcdn.net/images/71dea-14daa.svg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
f9dc00a29bb76d8400dcdc45c36a160d3e5bd4b3b376712f0673279f0bf84ddb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires
Mon, 03 Apr 2023 12:34:38 GMT
date
Sun, 02 Apr 2023 21:20:00 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
549922
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
508
x-served-by
cache-ams12729-AMS, cache-yyz4524-YYZ
last-modified
Mon, 27 Mar 2023 12:29:19 GMT
server
istio-envoy
x-timer
S1680470401.943904,VS0,VE2
etag
W/"64218c1f-3b1"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
75, 1
26115935.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/26115935.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Sun, 02 Apr 2023 21:20:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DF0D7CE6823F4568A3291D86DF45DD84 Ref B: YMQ01EDGE0610 Ref C: 2023-04-02T21:20:01Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=26115935&Ver=2&mid=3fabc3b8-e97b-4a35-aa15-7720b4009971&sid=20982330d19c11edad945b2257524d49&vid=20983440d19c11ed80409b9b123e5d61&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Download%20Ghosts%20of%20Tabor%20-%20latest%20version&p=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&r=&lt=916&evt=pageLoad&sv=1&rn=649892
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 02 Apr 2023 21:20:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1686EA251985443B91C627459AEB1B57 Ref B: YMQ01EDGE0610 Ref C: 2023-04-02T21:20:01Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
cachedClickId
tr.outbrain.com/ 		35 B
194 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00a3d36c60122238463de2f625cdad8f07,00080c9f1e16536bc663ec6b4bf74697a1
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:01 GMT
X-TraceId
1601421d196af64d2aa3b37b5608342c
Content-Length
35
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		53 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=05199881893811424&referrer=&marketerId=00a3d36c60122238463de2f625cdad8f07%2C00080c9f1e16536bc663ec6b4bf74697a1&name=PAGE_VIEW&dl=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:01 GMT
Cache-Control
no-cache
X-TraceId
ced9975f7174c7c24a312e00b1293d8a
Content-Length
53
Content-Type
image/gif;
448368701978882
connect.facebook.net/signals/config/ 		378 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/448368701978882?v=2.9.100&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55f6bea005e8b09b9c2ca1ac17efd0205fd164dcbc9bf089fcde8e627b4697ed
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 02 Apr 2023 21:20:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110452
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
DjpZhLbdO4KOR1uYgPf/C+CZHPpkIryUHY0z74i5PmmC/ttWex4u329DWbw7MHbpawIxlt29LxXmTFG16gx34w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
pubads_impl_2023032901.js
securepubads.g.doubleclick.net/gpt/ 		398 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032901.js?cb=31073515
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60bd8b1ac363e0f3251c73fabdd9d3e4822b20eac538ddfb896670ea0c4cb529
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 10:50:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
383389
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137147
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 08:36:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 28 Mar 2024 10:50:12 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		3 KB
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ghosts-of-tabor.en.softonic.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f14c06a76c71462de6512d7daf40777db88c7545b25141b10b3e2cff52b689a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
668
x-xss-protection
0
expires
Sun, 02 Apr 2023 21:20:01 GMT
syncframe
gum.criteo.com/ Frame C1B0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=ghosts-of-tabor.en.softonic.com&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 02 Apr 2023 21:20:00 GMT
server
Kestrel
server-processing-duration-in-ticks
486852
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
hotjar-424839.js
static.hotjar.com/c/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-424839.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-124.jfk50.r.cloudfront.net
Software
/
Resource Hash
f917a7481c873ece921db24f0d9e960211d960007177752a7ba7bf3029abe6a9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sun, 02 Apr 2023 21:19:42 GMT
via
1.1 836a4a85ed2221f76e2beedeab244eba.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
22
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/b7001d2d47585994e1d7970bbedc0b34
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
BiFx2mxLIh1RE3EpNB6mAXrlKnqxxdE0AIlWTFB50vtJERAXrflmog==
js
www.googletagmanager.com/gtag/ 		131 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-631321069&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f5dce08a1aa58293961d58ae6049a3db0571f1813faf721192678cba84943ab3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51720
x-xss-protection
0
last-modified
Sun, 02 Apr 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 02 Apr 2023 21:20:01 GMT
datadog-rum-v4.js
www.datadoghq-browser-agent.com/ 		137 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by
Host: softonic.com
URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.224.171 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-224-171.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce62eee32fe228e364fbdbe2fa399d26a199e5c3838f28e6f27bc6766f7edabc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:19:34 GMT
content-encoding
br
via
1.1 4ffd9afb636b7eb92e42cf2534136d50.cloudfront.net (CloudFront)
last-modified
Tue, 28 Mar 2023 10:28:35 GMT
server
AmazonS3
x-amz-cf-pop
JFK51-C1
age
29
x-amz-server-side-encryption
AES256
etag
W/"4b3a719517420709988e5c144e437b80"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
-AdTf3L2Lig1P7BwrAHNZeJRJWKL1E2DgVA5v1DMX8Zga4tw-L85OQ==
sft-bundle.js
softonic.com/revamp/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://softonic.com/revamp/sft-bundle.js?modern=1
Requested by
Host: softonic.com
URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-version
1.1019.0
date
Sun, 02 Apr 2023 21:20:01 GMT
content-encoding
br
via
1.1 google, 1.1 varnish, 1.1 varnish, 1.1 google
age
119555
x-cache
HIT, HIT
x-envoy-upstream-service-time
9
x-region
QC
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76112
x-request-id
102ba356-50cd-4ae7-8be1-f821d890309b
x-served-by
cache-ams12763-AMS, cache-bfi-krnt7300057-BFI
server
istio-envoy
x-publisher-id
softonic
x-timer
S1680470401.198052,VS0,VE0
etag
W/"7e56dcabb9aee63de8ae7cc5ac7a73b7"
vary
Accept-Encoding,x-device-platform
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-country-code, x-region
cache-control
max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform
Desktop
accept-ranges
bytes
x-country-code
CA
x-cache-hits
3, 4257
apstag.js
c.amazon-adsystem.com/aax2/ 		224 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: softonic.com
URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58020f939aafcc326a509ea78fff8dae140989c84eb68d873da58198cf116b2b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 20:59:58 GMT
content-encoding
gzip
via
1.1 0459f0f7053eeb224fd9fe0f5db5970a.cloudfront.net (CloudFront), 1.1 936397b26a4278a4582b6e1456333afa.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 19:30:00 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, EWR52-C2
age
1204
x-amz-server-side-encryption
AES256
etag
W/"d56f69f591501c51a51bb8f94f3df073"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
L2ecprVZx7DDseyMw-5bsY9uvAIyXkANk8xvUw1t9ucZj7v8nwh0gQ==
tag
btloader.com/
Redirect Chain
  • https://c.aaxads.com/aax.js?pub=AAXXX4L07&hst=ghosts-of-tabor.en.softonic.com&ver=1.2
  • https://btloader.com/tag?o=5633429348548608&upapi=true
17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5633429348548608&upapi=true
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Server
2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e10260aceb13c1fc315664d60a0ba5a5474e09e9bf551dc78b09314be29a80e7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 02 Apr 2023 21:08:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
484
etag
W/"f06b151dd6388cd0b4fa43d1af1f00f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ItZGrHMXX9zKOndvy1O%2FI0YJXZqMVYQutt0rPSmny5C69urklKrMX4wKFpeTwriR4dsJlXCZrEKWMuIiLQAkTzGvk%2BtBI9w1MS7%2Frt%2BqX5PXa0dvYLeYSGD3Wwm8KHjPgRnMHND8zjgcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7b1c1d08dd82a1de-YYZ

Redirect headers

location
https://btloader.com/tag?o=5633429348548608&upapi=true
date
Sun, 02 Apr 2023 21:20:01 GMT
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
cloudflare
cf-ray
7b1c1d07d9255425-YYZ
vary
Accept-Encoding
expires
Thu, 01 Jan 1970 00:00:01 GMT
prebid
id5-sync.com/api/config/ 		135 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: softonic.com
URL: https://softonic.com/revamp/sft-prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
1e8565c2fefd99bae229bf5912b8a400f64eed0f6e6762f7101771328ea1bd48
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
date
Sun, 02 Apr 2023 21:20:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
best-recommended-apps
ghosts-of-tabor.en.softonic.com/ 		4 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ghosts-of-tabor.en.softonic.com/best-recommended-apps?appId=bd1a73a1-0962-4a11-9c88-9fa4c1dcade2&categoryId=action&pageId=app_download&developerSlug=combat-waffle-studios&platformId=windows&locale=en-US&programName=Ghosts+of+Tabor&browserName=chrome&browserVersion=111.0.5563.146&deviceType=desktop&userPlatformId=windows&userPlatformVersion=10&placementId=download-intent&position=10&countryCode=CA
Requested by
Host: softonic.com
URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
276a1691faf443e5795da8e335f58cf983cb4babe42f73a2e36d5e84e0bcc4f4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-version
3.26.0
date
Sun, 02 Apr 2023 21:20:01 GMT
via
1.1 google
x-winner-campaign-logic
rpm
x-user-platform
windows
x-winner-campaign-id
avg-secure-browser
x-resource-id
BestRecommendedApp
x-envoy-upstream-service-time
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4522
x-served-by
server-d8c7d994d-rw2cg
server
istio-envoy
x-operation-id
getBestRecommendedApp
x-publisher-id
sft
vary
origin
content-type
application/json; charset=utf-8
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
x-suitable-campaigns-count
3
accept-ranges
bytes
x-country-code
CA
sid
mug.criteo.com/ Frame C1B0
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=softonic.com&sn=ChromeSyncframe&so=0&topUrl=ghosts-of-tabor.en.softonic.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=XERaVnxQMUJTOWgzUnRBSlZEZE9vNWlvMVNuYTRIdGhzQk9pMWVJTXRGVTBSb1o5d0hrRksrVWZCcHB5b3NjZUV4U25IaHhwQjBtMHAzTmZLY242a0pHczdHMkwzVi9sM0lCNks3cXRPREIydmlRdHNoOHBkWjFHUGhyOW...
438 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=XERaVnxQMUJTOWgzUnRBSlZEZE9vNWlvMVNuYTRIdGhzQk9pMWVJTXRGVTBSb1o5d0hrRksrVWZCcHB5b3NjZUV4U25IaHhwQjBtMHAzTmZLY242a0pHczdHMkwzVi9sM0lCNks3cXRPREIydmlRdHNoOHBkWjFHUGhyOW1RTDBVYksvMXphZ1c5V21IL2IzRXk2YWw4M2NUR01HTDNrQllDRGlJYjhUTzJjQWs4MGpIMkQ2S3RVWDdqZ2g0d3RrR3hJb3pHTVV0YU16NDRzcW80eENlYWd2NFVSRTQrRVpYUzd6cy9wTVorTitYblpqeS9tVjJtdXhxVk0wc1hHM1R1YWFOSVduYXFOdkhNR3VVSGxndVVLdUZXdz09fA&cppv=2
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
55dfd90b384d0b20657286c31971ccd35c111eb7e26471fcfa6a3ced11fba2a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1490992
expires
0

Redirect headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=XERaVnxQMUJTOWgzUnRBSlZEZE9vNWlvMVNuYTRIdGhzQk9pMWVJTXRGVTBSb1o5d0hrRksrVWZCcHB5b3NjZUV4U25IaHhwQjBtMHAzTmZLY242a0pHczdHMkwzVi9sM0lCNks3cXRPREIydmlRdHNoOHBkWjFHUGhyOW1RTDBVYksvMXphZ1c5V21IL2IzRXk2YWw4M2NUR01HTDNrQllDRGlJYjhUTzJjQWs4MGpIMkQ2S3RVWDdqZ2g0d3RrR3hJb3pHTVV0YU16NDRzcW80eENlYWd2NFVSRTQrRVpYUzd6cy9wTVorTitYblpqeS9tVjJtdXhxVk0wc1hHM1R1YWFOSVduYXFOdkhNR3VVSGxndVVLdUZXdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
287008
content-length
0
expires
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=448368701978882&ev=PageView&dl=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&rl=&if=false&ts=1680470401354&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680470401353.1948239048&it=1680470401044&coo=false&rqm=GET
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 02 Apr 2023 21:20:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
modules.76304821fe35d593f0f4.js
script.hotjar.com/ 		264 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.76304821fe35d593f0f4.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-424839.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-46.jfk50.r.cloudfront.net
Software
/
Resource Hash
2b2f8884f06e588675848471606a49693553a2d032a32fce85a5203ae7c796a6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 07:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 f5527f719bbc0d2932043daaeff80252.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
307434
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68985
last-modified
Thu, 30 Mar 2023 07:56:01 GMT
etag
"fa9caf97b169b97f64425fac5776898a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
70F7Bfuxq5gqJhbaXQ2jyUa69yt5ts-EZzVDV0NtBmrNdBxZxwFppA==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/631321069/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/631321069/?random=1680470401365&cv=11&fst=1680470401365&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&hn=www.googleadservices.com&frm=0&tiba=Download%20Ghosts%20of%20Tabor%20-%20latest%20version&auid=1335048650.1680470401&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-631321069&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17cda8493cc31adfd7d933da62afc4ee8cd4a8a78d8b5dd39e32c3528dd565c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1238
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 02 Apr 2023 20:05:12 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4489
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sun, 02 Apr 2023 22:05:12 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R5K71YRXMV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1e9165f562ac45abb2e5161f85b71494adf9939643adef85277b3e6c52a1b5d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79907
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 02 Apr 2023 21:20:01 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		3 KB
682 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=en.softonic.com
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-25de4.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3352e33c0676ccd897c42bd47ff4d9c85b5328ed5f2372db4a9266c3e6790a4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
657
x-xss-protection
0
expires
Sun, 02 Apr 2023 21:20:01 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		470 B
829 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3177&u=https%3A%2F%2Fghosts-of-tabor.en.softonic.com
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
8117ea09b5caab594dd88ba8826f107ef9f3a5f91e36b1f89672b03dc33ae48e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:00 GMT
via
1.1 936397b26a4278a4582b6e1456333afa.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
470
x-amz-cf-id
t_faD7bbdvguA8DBZ3tXA9asbXaZCMNcYdf3-6KzwQuiYuf94gR1iw==
bid
aax.amazon-adsystem.com/e/dtb/ 		136 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3177&u=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&pid=kQlgQUYnZjGTy&cb=0&ws=1600x1200&v=23.320.1710&t=800&slots=%5B%7B%22sd%22%3A%22top-mpu-1__ad%22%2C%22s%22%3A%5B%22200x320%22%2C%22300x337%22%2C%22200x300%22%2C%22300x300%22%2C%22300x450%22%2C%22300x180%22%2C%22300x150%22%2C%22300x600%22%2C%22300x280%22%2C%22336x280%22%2C%22200x200%22%2C%22300x360%22%2C%22336x375%22%2C%22300x250%22%2C%22300x500%22%2C%22250x250%22%5D%2C%22sn%22%3A%22%2F5302%2Fdesktop%2Fdesktop-Web-en%2FApps%2FDownload%2FATF_MPU_First%22%7D%2C%7B%22sd%22%3A%22top-leaderboard-1__ad%22%2C%22s%22%3A%5B%22970x100%22%2C%22500x90%22%2C%22468x60%22%2C%22468x90%22%2C%22950x90%22%2C%22728x250%22%2C%22790x250%22%2C%22728x90%22%2C%22980x90%22%2C%22980x250%22%2C%22750x100%22%2C%22728x170%22%2C%22960x90%22%2C%22750x200%22%2C%22970x170%22%2C%22970x250%22%2C%22500x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F5302%2Fdesktop%2Fdesktop-Web-en%2FApps%2FDownload%2FATF_Leaderboard_First%22%7D%2C%7B%22sd%22%3A%22top-wallpaper__ad%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F5302%2Fdesktop%2Fdesktop-Web-en%2FApps%2FDownload%2FATF_OOP_Wallpaper%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.94.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-94-225.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
e904dd1247092b849cbac2dabab05502d22cc63ddd19681b6639bb35a361ed71
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 58a45bf3f07dfdca95ebcb7935e84994.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
8PSSZS9SX428X8XGXBBC
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
136
x-amz-cf-id
m60YcqgQecOJRGmfB8V2a1yWMGbsnHFBCTMPWvhlxLi6ywK7Oecw0g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:02 GMT
x-amz-version-id
JWp1qp7MFzulJHtnMcdn8BBX506LKUt8
content-encoding
gzip
via
1.1 5dd7b838ea405f86fdd3f313ecc68490.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 28 Mar 2023 02:10:35 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
5dSXc3EncLRxGmMoDl3xuAidEUIURusb9FStNS21M5hFxnoda7EK5w==
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=448368701978882&ev=AddToCart&dl=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&rl=&if=false&ts=1680470401436&cd[currency]=USD&cd[value]=1&cd[content_name]=ghosts-of-tabor&cd[content_type]=games&sw=1600&sh=1200&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680470401353.1948239048&it=1680470401044&coo=false&rqm=GET
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 02 Apr 2023 21:20:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e7427b8419cc7f191acc60e33a1afa153c59423f183182cb731f8a9f0c612d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 13:19:47 GMT
server
cloudflare
x-amz-request-id
2M65WYGZGMAZ48AP
age
2257
etag
W/"8aee2c14f819a80ea38a4ce5f70b364a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7b1c1d09a922a22f-YYZ
x-amz-id-2
V7WVzeQfz7Du5McZDeayTwyV60+ctnty7T5hAxvbwSTJsMd4k/nLINxW0gCDbTN045DICYBkCJIZmFR6QKaFzQ==
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.131.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-131-28.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 02 Apr 2023 21:20:01 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.131.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-131-28.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ghosts-of-tabor.en.softonic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 02 Apr 2023 21:20:01 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
chunk6-c75a11.mjs
sc.sftcdn.net/scripts/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk6-c75a11.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-25de4.mjs
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
a1584abe7ea49c72af53bf1719d4f0cd3c03af2e7847da0fa5b1d47b3df2d33e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires
Thu, 06 Apr 2023 09:07:45 GMT
date
Sun, 02 Apr 2023 21:20:01 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
303135
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3458
x-served-by
cache-ams21050-AMS, cache-yyz4524-YYZ
last-modified
Thu, 30 Mar 2023 08:56:20 GMT
server
istio-envoy
x-timer
S1680470401.498102,VS0,VE0
etag
W/"64254eb4-2cc2"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
1, 15
corporate-logo-nb.svg
storage.googleapis.com/storage-proxy-assets/revamp-di-sft/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/storage-proxy-assets/revamp-di-sft/corporate-logo-nb.svg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2010 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d8dac4dfb15299ed2b7c3b13a3ee6ad080342ee87638f44190dea188ea674120

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 20:48:26 GMT
age
1895
x-guploader-uploadid
ADPycdvIbC2U_Xloau_IhftOsufJGPOvx_qdZgPec1o91FwdFFT244o06W9s6qLMjzeDTmwkhdH71SDOiFXGRYiPA291xA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6593
last-modified
Wed, 01 Mar 2023 13:19:57 GMT
server
UploadServer
etag
"8a5ec86f9e44863fd94329cebaecb4d1"
x-goog-generation
1677676797280447
x-goog-hash
crc32c=wuPwOw==, md5=il7Ib55Ehj/ZQynOuuy00Q==
content-type
image/svg+xml
cache-control
public, max-age=3600
x-goog-stored-content-length
6593
accept-ranges
bytes
expires
Sun, 02 Apr 2023 21:48:26 GMT
background
images.sftcdn.net/images/dpr_auto,f_auto,fl_sanitize,q_auto/di/avg-secure-browser/ENG_Softonic_Download_Screen_-_AVG/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/dpr_auto,f_auto,fl_sanitize,q_auto/di/avg-secure-browser/ENG_Softonic_Download_Screen_-_AVG/background
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
56eadc0e7b4fcfd8942f5f6af95e82fdde4f5e89e69e01ec68ce749e7ae46ddf
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="ENG_Softonic_Download_Screen_-_AVG.webp"
server-timing
cld-akam;dur=5;start=2023-04-02T21:20:01.521Z;desc=hit,rtt;dur=18
content-length
10414
last-modified
Tue, 26 Jul 2022 07:39:28 GMT
server
Cloudinary
etag
"aecf0da9253547948a8ed85f29fb7d42"
vary
Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
px.gif
ad-delivery.net/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
939850
x-guploader-uploadid
ADPycduA9EQnr0Dy7GXowZyA3hatNhQmKzRywcMf_uMrCQgRyPAHI4rugdJQDeuiWjdW9k_IUOZqHh3qQo5LDE7QJLDb
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMiLNNoKiEVAyXhdZdVzirW%2FU%2BJI%2F7C49e0Fdz%2FZRdvt0WsHUPLKSgrVdson4rKSi7gufFrH0MDmZrIphDDJhTzP8iiyAmGq9LPTiOfch2sJ0eThAAqH2WJh3k8zZrPSR8T5LQOKgVRJRLsRNw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7b1c1d09ddafa1ea-YYZ
expires
Thu, 23 Mar 2023 01:04:41 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 12:52:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Apr 2023 12:52:21 GMT
px.gif
ad-delivery.net/ 		43 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.7736632465998705
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
939850
x-guploader-uploadid
ADPycduA9EQnr0Dy7GXowZyA3hatNhQmKzRywcMf_uMrCQgRyPAHI4rugdJQDeuiWjdW9k_IUOZqHh3qQo5LDE7QJLDb
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWoyS9BSZqxNuXd87VFSh1M1kSjs7SbW3FgioW65O5hC9SfMwP7HLh%2FBhR8qW9dSJ%2FA9VLFQoffQOlpUuaRVcBkJc1PhKWoJR6ULQeYv%2Fzw%2BznH02SUK6Pqn89nms6aMG0n0yQBi3%2FKMqVZ%2BfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7b1c1d09ddb2a1ea-YYZ
expires
Thu, 23 Mar 2023 01:04:41 GMT
collect
analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-R5K71YRXMV&gtm=45je33t0&_p=1562007908&_gaz=1&cid=715226332.1680470402&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680470401&sct=1&seg=0&dl=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&dt=Download%20Ghosts%20of%20Tabor%20-%20latest%20version&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_type=download%20page&ep.page_section=downloads&ep.product_name=Ghosts%20of%20Tabor&ep.download_type=redirectionDownload&ep.platform=windows&ep.program_id=bd1a73a1-0962-4a11-9c88-9fa4c1dcade2&ep.review_license=buy&ep.sources=c11&ep.product_category_one=games&ep.product_category_two=action&ep.reviewVecna=true&ep.site_language=en
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R5K71YRXMV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R5K71YRXMV&cid=715226332.1680470402&gtm=45je33t0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R5K71YRXMV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R5K71YRXMV&cid=715226332.1680470402&gtm=45je33t0&aip=1&z=2101494293
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
event
sslwidget.criteo.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sslwidget.criteo.com/event?a=50915&v=5.14.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvb%26p%3D%255Bi%25253Dbd1a73a1-0962-4a11-9c88-9fa4c1dcade2%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&adce=1&bundle=GB-8Ml9OWnRFS0owTEdvUng0RTVieDY4amZudGV6TEpJcVV3SSUyQmFReWpVYkRoc1I0eEF6aWUlMkJKTEF6M2Z0bDlpTlhMM0V1VzR6TGElMkYlMkJxSFRNRCUyRndhODY3MXNjSFolMkJBQklncmxqd25XMFVINW0lMkJLTFJQVGo1eDhnRlZjdVhWRXI5a1hsSVlWUWVyVmJRcCUyRm12aEVuTFIxSm5BJTNEJTNE&tld=softonic.com&fu=https%253A%252F%252Fghosts-of-tabor.en.softonic.com%252Fdownload%253Fex%253DDINS-635.3&dtycbr=89480
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
915dae9d8aca6eb04da1b93bf83138295d043857b949466d2dd48aa3526c2b0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
15359140
timing-allow-origin
*
expires
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
c3389763a5dd72fbaabd38aa99691fe3ff9ed60451cca66464294be416a15e70
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
country
api.btloader.com/ 		16 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=6ZPuwhYnC&w=5299385968099328&o=5633429348548608&cv=2.1.10-3-g4120aac&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&sid=nkew9lSwRM&upapi=true
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 02 Apr 2023 21:20:01 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
motogp-argentina-1.jpg
articles-img.sftcdn.net/f_auto,t_article_cover_xl/auto-mapping-folder/sites/3/2023/04/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://articles-img.sftcdn.net/f_auto,t_article_cover_xl/auto-mapping-folder/sites/3/2023/04/motogp-argentina-1.jpg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d::1721:ee09 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
ce1953f3e5a0b4256e789bddd865ecb6fa8fd31bb72c04303e18ceae616ca7d6
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="motogp-argentina-1.webp"
server-timing
cld-akam;dur=21;start=2023-04-02T21:20:01.829Z;desc=hit,rtt;dur=22
content-length
71930
last-modified
Sun, 02 Apr 2023 13:54:46 GMT
server
Cloudinary
etag
"28c5c5985120e8420ba7438ffd51c375"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
lilo-stitch-actriz-remake-1.jpg
articles-img.sftcdn.net/f_auto,t_article_cover_xl/auto-mapping-folder/sites/3/2023/04/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://articles-img.sftcdn.net/f_auto,t_article_cover_xl/auto-mapping-folder/sites/3/2023/04/lilo-stitch-actriz-remake-1.jpg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d::1721:ee09 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
8020da01addd0ddd98598b91b8ebaa8f39100c3304cdfba4b305591a453055a4
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="lilo-stitch-actriz-remake-1.webp"
server-timing
cld-akam;dur=16;start=2023-04-02T21:20:01.827Z;desc=hit,rtt;dur=22
content-length
92914
last-modified
Sun, 02 Apr 2023 12:09:46 GMT
server
Cloudinary
etag
"67c013206dff670aa9f8679f399c7fdf"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
ebay-steiner-acoso-1.jpg
articles-img.sftcdn.net/f_auto,t_article_cover_xl/auto-mapping-folder/sites/3/2023/04/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://articles-img.sftcdn.net/f_auto,t_article_cover_xl/auto-mapping-folder/sites/3/2023/04/ebay-steiner-acoso-1.jpg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d::1721:ee09 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
4b79bf4245a412cec86a713712b018d81778a61f5021a7e4842eabf05819ba7e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="ebay-steiner-acoso-1.webp"
server-timing
cld-akam;dur=20;start=2023-04-02T21:20:01.830Z;desc=hit,rtt;dur=22
content-length
52174
last-modified
Sun, 02 Apr 2023 10:57:58 GMT
server
Cloudinary
etag
"b5d7a155025115d281b4a7dda5a52da5"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
30-monedas-todo-1.jpg
articles-img.sftcdn.net/f_auto,t_article_cover_xl/auto-mapping-folder/sites/3/2023/04/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://articles-img.sftcdn.net/f_auto,t_article_cover_xl/auto-mapping-folder/sites/3/2023/04/30-monedas-todo-1.jpg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d::1721:ee09 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
19317c3d6f36f8680cffd5df413c082cac3c37b6eb794bdc7b0972ab8523ac33
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="30-monedas-todo-1.webp"
server-timing
cld-akam;dur=21;start=2023-04-02T21:20:01.825Z;desc=hit,rtt;dur=22
content-length
38216
last-modified
Sun, 02 Apr 2023 09:51:40 GMT
server
Cloudinary
etag
"63702a3838ae3e5fc4f6c947627a3ccf"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
resident-evil-4-remake-Resident%20Evil%204%20Remake-icon.jpg
images.sftcdn.net/images/t_app-icon-s/p/2f28dae5-f2fc-49f3-9b2b-0874934b7810/3879252092/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/2f28dae5-f2fc-49f3-9b2b-0874934b7810/3879252092/resident-evil-4-remake-Resident%20Evil%204%20Remake-icon.jpg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
11888b806f1b524c1cc686b947db8624604cae44a8e04d9830a1cb1a6123c7c2
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:18:08 GMT
server
Cloudinary
etag
"c54ff0f5558e9ec66c99f71a99ae699b"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="3879252092.webp"
server-timing
cld-akam;dur=5;start=2023-04-02T21:20:01.689Z;desc=hit,rtt;dur=18
accept-ranges
bytes
timing-allow-origin
*
content-length
1440
melatonin-Melatonin-icon.jpg
images.sftcdn.net/images/t_app-icon-s/p/ae4f0a49-d3e0-436f-969c-2b5cf52c479d/952192049/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/ae4f0a49-d3e0-436f-969c-2b5cf52c479d/952192049/melatonin-Melatonin-icon.jpg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
c23f9d5aa272416023902cbf21d80d8b33a9395d2aed8ccacfd802026c5bd379
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:55:16 GMT
server
Cloudinary
etag
"534470c5cdb370ff8fe02af48f8baa12"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="952192049.webp"
server-timing
cld-akam;dur=5;start=2023-04-02T21:20:01.696Z;desc=hit,rtt;dur=18
accept-ranges
bytes
timing-allow-origin
*
content-length
2834
171-171-icon.jpg
images.sftcdn.net/images/t_app-icon-s/p/168b924f-bb41-46e0-8577-e5f11dc174db/771598783/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/168b924f-bb41-46e0-8577-e5f11dc174db/771598783/171-171-icon.jpg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
34f8aa180f224cdcac8b01831dbd0bb6bc5fb0f9b7c965f2df3f66483ccdafe8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:49:24 GMT
server
Cloudinary
etag
"fe6167fba61e5f3f4eeed0bdffd898a8"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="771598783.webp"
server-timing
cld-akam;dur=4;start=2023-04-02T21:20:01.696Z;desc=hit,rtt;dur=18
accept-ranges
bytes
timing-allow-origin
*
content-length
5180
resident-evil-4-Resident%20Evil%204-icon.jpg
images.sftcdn.net/images/t_app-icon-s/p/5fcd7ee4-92c4-49a6-9770-79edfaceaefc/3415915861/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/5fcd7ee4-92c4-49a6-9770-79edfaceaefc/3415915861/resident-evil-4-Resident%20Evil%204-icon.jpg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
5d6bfbb2215ad4fb941eb5933e3e7fe942c288abd75b09a6d64ddc4ae4d96e3e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:53:38 GMT
server
Cloudinary
etag
"ba97b2818527e3ef55f51c32de872bf3"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="3415915861.webp"
server-timing
cld-akam;dur=4;start=2023-04-02T21:20:01.696Z;desc=hit,rtt;dur=18
accept-ranges
bytes
timing-allow-origin
*
content-length
2406
bonelab-BONELAB-icon.jpg
images.sftcdn.net/images/t_app-icon-s/p/d7ebead3-26c0-4cec-ae6f-5b4e4661b706/4099036679/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/d7ebead3-26c0-4cec-ae6f-5b4e4661b706/4099036679/bonelab-BONELAB-icon.jpg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
73b1ad8ca90df7f68a9b5c9f2ffe3f08ae9abc8128d2d361e843713f7e58228e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:53:25 GMT
server
Cloudinary
etag
"c41a3721e5cc8fb7522cb67713001a1c"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="4099036679.webp"
server-timing
cld-akam;dur=4;start=2023-04-02T21:20:01.696Z;desc=hit,rtt;dur=18
accept-ranges
bytes
timing-allow-origin
*
content-length
2228
age-of-doom-mod-Age%20of%20DOOM%20Mod-icon.jpg
images.sftcdn.net/images/t_app-icon-s/p/4289cb7c-54c9-416c-8043-2735657b616c/965286146/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/4289cb7c-54c9-416c-8043-2735657b616c/965286146/age-of-doom-mod-Age%20of%20DOOM%20Mod-icon.jpg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
9a76aa8c31c3d1f59c5b3a6d86b39bdb03bd8a9af6cfdeb7cb432d16db964196
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 13 Feb 2023 08:28:27 GMT
server
Cloudinary
etag
"d58ce94845cc56ce8bc2e0b170cd5330"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="965286146.webp"
server-timing
cld-akam;dur=4;start=2023-04-02T21:20:01.696Z;desc=hit,rtt;dur=18
accept-ranges
bytes
timing-allow-origin
*
content-length
3470
attack-on-titan-fan-game-Attack%20on%20Titan-icon.png
images.sftcdn.net/images/t_app-icon-s/p/7f76c6d7-3e9f-4d97-aa72-b2f47a268601/3537723533/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/7f76c6d7-3e9f-4d97-aa72-b2f47a268601/3537723533/attack-on-titan-fan-game-Attack%20on%20Titan-icon.png
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
2ea20390225c677e4eff95be80257e5913849133d9fd55879d8ce08890c9bb2b
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:01:10 GMT
server
Cloudinary
etag
"467a12c5b94b5f73a5b35a31d7d823c4"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="3537723533.webp"
server-timing
cld-akam;dur=5;start=2023-04-02T21:20:01.696Z;desc=hit,rtt;dur=18
accept-ranges
bytes
timing-allow-origin
*
content-length
3196
beware-the-shadowcatcher-Beware%20the%20Shadowcatcher-icon.png
images.sftcdn.net/images/t_app-icon-s/p/15735ea7-000c-40c3-93f1-d4f8312ebd4e/484959485/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/15735ea7-000c-40c3-93f1-d4f8312ebd4e/484959485/beware-the-shadowcatcher-Beware%20the%20Shadowcatcher-icon.png
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
ea721098e6f1003b7879f4fe35715d01383c54a1bbf1ce648d8713fdc829b14c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:51:23 GMT
server
Cloudinary
etag
"8122b3e388709c82687ce4d4d5a60084"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="484959485.webp"
server-timing
cld-akam;dur=4;start=2023-04-02T21:20:01.696Z;desc=hit,rtt;dur=18
accept-ranges
bytes
timing-allow-origin
*
content-length
1882
call-of-duty-ghosts-logo.png
images.sftcdn.net/images/t_app-icon-m/p/00558bd6-96d3-11e6-b279-00163ed833e7/4257483657/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-m/p/00558bd6-96d3-11e6-b279-00163ed833e7/4257483657/call-of-duty-ghosts-logo.png
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
baaed91f573700e80e626f7c89cec39795909c216dd87082241204aecf21a46d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 10:16:46 GMT
server
Cloudinary
etag
"c3e58fd300009c971860f3b9d664fe27"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="4257483657.webp"
server-timing
cld-akam;dur=34;start=2023-04-02T21:20:01.696Z;desc=hit-near,rtt;dur=18
accept-ranges
bytes
timing-allow-origin
*
content-length
6506
ghoulsn-ghosts-logo.jpg
images.sftcdn.net/images/t_app-icon-m/p/d4a4b974-96d9-11e6-887c-00163ec9f5fa/4206296581/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-m/p/d4a4b974-96d9-11e6-887c-00163ec9f5fa/4206296581/ghoulsn-ghosts-logo.jpg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
c00f53abc4895a0dfaaf9faf2a0188c8ad2f9aff011d6143934cd27e17dad670
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 12:20:53 GMT
server
Cloudinary
etag
"1527c113e7339dca724b7dabc5c83e43"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="4206296581.webp"
server-timing
cld-akam;dur=32;start=2023-04-02T21:20:01.696Z;desc=miss,rtt;dur=18,cloudinary;dur=60;start=2023-03-31T14:19:07.756Z
accept-ranges
bytes
timing-allow-origin
*
content-length
9844
ghosts-of-war-battle-royale-ww2-shooting-games-apps.35782.13959436880485419.51149307-dd27-44f8-81ff-606d56ce5da8.jpg
images.sftcdn.net/images/t_app-icon-m/p/8ea040cd-00a1-474d-9a1d-bed803ab0f99/1352480672/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-m/p/8ea040cd-00a1-474d-9a1d-bed803ab0f99/1352480672/ghosts-of-war-battle-royale-ww2-shooting-games-apps.35782.13959436880485419.51149307-dd27-44f8-81ff-606d56ce5da8.jpg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
afc1541049b5c3fdc51bac7e5cf9e81d0124e8ffa1ca9c46805833c15e0eca65
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:29:56 GMT
server
Cloudinary
etag
"edd76ad4fd9b5ab49f16491d7084f239"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1352480672.webp"
server-timing
cld-akam;dur=34;start=2023-04-02T21:20:01.708Z;desc=hit-near,rtt;dur=18
accept-ranges
bytes
timing-allow-origin
*
content-length
9854
enigmatis-the-ghosts-of-maple-creek-logo.jpg
images.sftcdn.net/images/t_app-icon-m/p/238d2c6a-f35b-4286-8520-cb5da8be8c92/1153907599/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-m/p/238d2c6a-f35b-4286-8520-cb5da8be8c92/1153907599/enigmatis-the-ghosts-of-maple-creek-logo.jpg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
d4648418fbcf2bffd5fadac83662d7048a5e786d3fae44f8717d7a5bf5cb7eba
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:12:57 GMT
server
Cloudinary
etag
"c6c503b3b3e12cea75dde2e4107eb39a"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1153907599.webp"
server-timing
cld-akam;dur=35;start=2023-04-02T21:20:01.708Z;desc=miss,rtt;dur=18,cloudinary;dur=62;start=2023-04-01T06:51:42.660Z
accept-ranges
bytes
timing-allow-origin
*
content-length
5848
phasmophobia-W7zmGZ.jpg
images.sftcdn.net/images/t_app-icon-m/p/babdcaa4-1caf-42f5-9f1b-f19605d6b1b4/3665266814/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-m/p/babdcaa4-1caf-42f5-9f1b-f19605d6b1b4/3665266814/phasmophobia-W7zmGZ.jpg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
1bccd9eba01b5b9421d483f06a5437f8482a44b30618b5152bcc11de09402251
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:59:47 GMT
server
Cloudinary
etag
"570abe73a7d3d5f03fdc77ec7ae9a60c"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="3665266814.webp"
server-timing
cld-akam;dur=6;start=2023-04-02T21:20:01.708Z;desc=hit,rtt;dur=18
accept-ranges
bytes
timing-allow-origin
*
content-length
4250
grand-theft-auto-vice-city-logo.png
images.sftcdn.net/images/t_app-icon-m/p/c0cab602-96bf-11e6-8561-00163ec9f5fa/4239595020/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-m/p/c0cab602-96bf-11e6-8561-00163ec9f5fa/4239595020/grand-theft-auto-vice-city-logo.png
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
fee573c3813a436aaf595a213e8157561eef708fa942f793fe07891e7e4114bb
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 13 Feb 2023 09:06:45 GMT
server
Cloudinary
etag
"92c1ce20873ebe48d3fbe8564623ec2c"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="4239595020.webp"
server-timing
cld-akam;dur=6;start=2023-04-02T21:20:01.708Z;desc=hit,rtt;dur=18
accept-ranges
bytes
timing-allow-origin
*
content-length
6746
desta-the-memories-between-Desta%20The%20Memories%20between-icon.jpg
images.sftcdn.net/images/t_app-icon-s/p/2e5a744c-249d-480a-aae6-fbcd50ed2459/1728201233/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/2e5a744c-249d-480a-aae6-fbcd50ed2459/1728201233/desta-the-memories-between-Desta%20The%20Memories%20between-icon.jpg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
f09652e7287e5a03c2547d723b866846672fdc4bb560b2cdaafe192c0310e502
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Fri, 10 Feb 2023 10:17:09 GMT
server
Cloudinary
etag
"05665d96c3c0197a57b704aedd7d0574"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1728201233.webp"
server-timing
cld-akam;dur=6;start=2023-04-02T21:20:01.708Z;desc=hit,rtt;dur=18
accept-ranges
bytes
timing-allow-origin
*
content-length
3042
warhammer-40-000-space-marine-2-warhammer-40-000-space-marine-2-1.png
images.sftcdn.net/images/t_app-icon-s/p/3f28aef3-4f60-4d6b-85ac-662f11253d06/1732253077/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/3f28aef3-4f60-4d6b-85ac-662f11253d06/1732253077/warhammer-40-000-space-marine-2-warhammer-40-000-space-marine-2-1.png
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
b85e92549b7167d4604ede3057e363b081e0c13962264bf3ed1bdb633fedaa5e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 10:00:44 GMT
server
Cloudinary
etag
"573461486c82e1615e4a80e17510732d"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1732253077.webp"
server-timing
cld-akam;dur=39;start=2023-04-02T21:20:01.714Z;desc=miss,rtt;dur=18,cloudinary;dur=61;start=2023-03-29T23:39:35.199Z
accept-ranges
bytes
timing-allow-origin
*
content-length
4664
rayman-3-hoodlum-havoc-logo.jpg
images.sftcdn.net/images/t_app-icon-s/p/4033c716-b31d-11e6-9c56-00163ed833e7/3177830834/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/4033c716-b31d-11e6-9c56-00163ed833e7/3177830834/rayman-3-hoodlum-havoc-logo.jpg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
bbf6ca02c6fe83030721871210725c265830e31dda90dda3fad90ce18232377c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:37:17 GMT
server
Cloudinary
etag
"813d7cec8a1ed5cca450d5417ebeadf2"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="3177830834.webp"
server-timing
cld-akam;dur=49;start=2023-04-02T21:20:01.708Z;desc=miss,rtt;dur=18,cloudinary;dur=59;start=2023-03-29T23:56:23.889Z
accept-ranges
bytes
timing-allow-origin
*
content-length
4644
battle-of-anime-logo.png
images.sftcdn.net/images/t_app-icon-s/p/3097ce12-9b24-11e6-a4a0-00163ec9f5fa/1379344357/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/3097ce12-9b24-11e6-a4a0-00163ec9f5fa/1379344357/battle-of-anime-logo.png
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
40171a7226bd317add9bffa993668816a24c1894b52a450c5b756513ae093fb3
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:06:52 GMT
server
Cloudinary
etag
"f3ff218b7b6a648f654e19da7c2f490e"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1379344357.webp"
server-timing
cld-akam;dur=63;start=2023-04-02T21:20:01.708Z;desc=miss,rtt;dur=18,cloudinary;dur=60;start=2023-03-29T20:24:29.901Z
accept-ranges
bytes
timing-allow-origin
*
content-length
17740
the-initiate-header.jpg
images.sftcdn.net/images/t_app-icon-s/p/58780c4c-779a-47ee-9d6f-7756e0af906a/1856736221/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/58780c4c-779a-47ee-9d6f-7756e0af906a/1856736221/the-initiate-header.jpg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
1647d4854b9b3e043293d751d7c4423d89ecb6e248e6fdfc7b7d8c7b158cf908
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 10:47:50 GMT
server
Cloudinary
etag
"0b689bd405fd0703655388d97ed2b91c"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1856736221.webp"
server-timing
cld-akam;dur=31;start=2023-04-02T21:20:01.708Z;desc=miss,rtt;dur=18,cloudinary;dur=49;start=2023-03-29T23:14:24.909Z
accept-ranges
bytes
timing-allow-origin
*
content-length
1922
unworthy-Unworthy-icon.jpg
images.sftcdn.net/images/t_app-icon-s/p/24f50cb2-d4ca-49bb-bc76-fda8f676097f/975413743/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/24f50cb2-d4ca-49bb-bc76-fda8f676097f/975413743/unworthy-Unworthy-icon.jpg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
e7468707393898a49321296bbd71c211fb78ee386094076814d36da33f724641
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 13:23:28 GMT
server
Cloudinary
etag
"5eb8a1c128f455062debb3208e8cd1c5"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="975413743.webp"
server-timing
cld-akam;dur=32;start=2023-04-02T21:20:01.708Z;desc=miss,rtt;dur=18,cloudinary;dur=74;start=2023-03-29T13:57:38.205Z
accept-ranges
bytes
timing-allow-origin
*
content-length
2236
jojos-bizarre-adventure-all-star-battle-r-jojos-bizarre-adventure-all-star-battle-r-icon.jpg
images.sftcdn.net/images/t_app-icon-s/p/ec24dea7-0a1e-498c-8973-d9eb953ffe73/2389358952/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/ec24dea7-0a1e-498c-8973-d9eb953ffe73/2389358952/jojos-bizarre-adventure-all-star-battle-r-jojos-bizarre-adventure-all-star-battle-r-icon.jpg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
df3f0c0389c2ea301984acdc503000b2daff2c37f7a68c31abf2958d71c9e208
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:53:51 GMT
server
Cloudinary
etag
"f517276c5a6f818197369a04772a6b50"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="2389358952.webp"
server-timing
cld-akam;dur=6;start=2023-04-02T21:20:01.708Z;desc=hit,rtt;dur=18
accept-ranges
bytes
timing-allow-origin
*
content-length
4832
thedawn-TheDawn-icon.jpg
images.sftcdn.net/images/t_app-icon-s/p/5524d1e1-07c0-4859-a699-c7ee1c85773c/2510912364/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/5524d1e1-07c0-4859-a699-c7ee1c85773c/2510912364/thedawn-TheDawn-icon.jpg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
c1ff4e5c14f02980b8030437c0e853d8e6a82ec3e73aab9052a985f01aed5721
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:20:17 GMT
server
Cloudinary
etag
"b2d6fa4932e65afb77d9f7d2d516ac83"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="2510912364.webp"
server-timing
cld-akam;dur=38;start=2023-04-02T21:20:01.708Z;desc=miss,rtt;dur=18,cloudinary;dur=123;start=2023-03-31T17:28:10.257Z
accept-ranges
bytes
timing-allow-origin
*
content-length
2670
kkrieger-logo.jpg
images.sftcdn.net/images/t_app-icon-s/p/bd255162-99ec-11e6-9483-00163ed833e7/3560692165/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/bd255162-99ec-11e6-9483-00163ed833e7/3560692165/kkrieger-logo.jpg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
a214ed2951f0b00b7fdf78d5377ea93408b0435922d36df75c7f1e8e12092d86
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:52:00 GMT
server
Cloudinary
etag
"6d32f7f54070b3c4eae1bfb7ef770413"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="3560692165.webp"
server-timing
cld-akam;dur=76;start=2023-04-02T21:20:01.708Z;desc=miss,rtt;dur=18,cloudinary;dur=87;start=2023-03-29T14:51:20.008Z
accept-ranges
bytes
timing-allow-origin
*
content-length
2804
the-vermander-curse-The%20Vermander%20Curse-icon.png
images.sftcdn.net/images/t_app-icon-s/p/5fdd3301-eaa6-4e89-bde5-d2b5639e052e/3089199260/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/5fdd3301-eaa6-4e89-bde5-d2b5639e052e/3089199260/the-vermander-curse-The%20Vermander%20Curse-icon.png
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
a722786d1373623af5f882d8767a011a63e75ba728fcce1c2431e65250c9c1f7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:42:21 GMT
server
Cloudinary
etag
"1ba39c42301e0a8322c4c1786118b7eb"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="3089199260.webp"
server-timing
cld-akam;dur=31;start=2023-04-02T21:20:01.708Z;desc=hit-near,rtt;dur=18
accept-ranges
bytes
timing-allow-origin
*
content-length
2644
sniper-ghost-warrior-contracts-icon.jpg
images.sftcdn.net/images/t_app-icon-s/p/4f9d8a8b-942c-4db4-9398-826c098ca134/3018193936/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/4f9d8a8b-942c-4db4-9398-826c098ca134/3018193936/sniper-ghost-warrior-contracts-icon.jpg
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
cefa5646355420f679508c065e359e002014016b174948ff69b1c53bd197e0fb
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:26:10 GMT
server
Cloudinary
etag
"1e18aba7b6f5152badc5d328a51fc2a4"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="3018193936.webp"
server-timing
cld-akam;dur=33;start=2023-04-02T21:20:01.708Z;desc=miss,rtt;dur=18,cloudinary;dur=62;start=2023-03-29T23:02:00.114Z
accept-ranges
bytes
timing-allow-origin
*
content-length
2088
among-us-arena-Among%20Us%20Arena-icn.png
images.sftcdn.net/images/t_app-icon-s/p/0562bebd-c0de-470c-b35b-fe642ed0081b/2041377306/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/0562bebd-c0de-470c-b35b-fe642ed0081b/2041377306/among-us-arena-Among%20Us%20Arena-icn.png
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
35695b774f47352d08af65123ca47ee75237a7ce4375d55c1889da84588b6a27
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:20:35 GMT
server
Cloudinary
etag
"18ac1b8986881722015e90a3556ee6ea"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="2041377306.webp"
server-timing
cld-akam;dur=46;start=2023-04-02T21:20:01.708Z;desc=miss,rtt;dur=18,cloudinary;dur=48;start=2023-03-31T10:14:52.080Z
accept-ranges
bytes
timing-allow-origin
*
content-length
2914
/
www.google.com/pagead/1p-user-list/631321069/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/631321069/?random=1680470401365&cv=11&fst=1680469200000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&frm=0&tiba=Download%20Ghosts%20of%20Tabor%20-%20latest%20version&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=149860246&rmt_tld=0&ipr=y
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/631321069/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/631321069/?random=1680470401365&cv=11&fst=1680469200000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&frm=0&tiba=Download%20Ghosts%20of%20Tabor%20-%20latest%20version&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=149860246&rmt_tld=1&ipr=y
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chunk0-e2d39e.mjs
sc.sftcdn.net/scripts/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk0-e2d39e.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-25de4.mjs
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
8810587be117a41395b3e4453cecc81889b4fccc9fb6c52ddaff3583b958c96b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires
Tue, 04 Apr 2023 13:04:54 GMT
date
Sun, 02 Apr 2023 21:20:01 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
461706
x-cache
HIT, HIT
x-envoy-upstream-service-time
2
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7820
x-served-by
cache-ams21069-AMS, cache-yyz4524-YYZ
last-modified
Tue, 28 Mar 2023 09:52:16 GMT
server
istio-envoy
x-timer
S1680470402.692191,VS0,VE0
etag
W/"6422b8d0-6589"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
51, 13
chunk1-d076a6.mjs
sc.sftcdn.net/scripts/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk1-d076a6.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-25de4.mjs
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
55cb95b168a4388dea5fd4bee40b202d81552da080413b6a8cbad86f9a4b3d61

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires
Thu, 06 Apr 2023 09:07:45 GMT
date
Sun, 02 Apr 2023 21:20:01 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
303135
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4688
x-served-by
cache-ams21075-AMS, cache-yyz4524-YYZ
last-modified
Thu, 30 Mar 2023 08:56:20 GMT
server
istio-envoy
x-timer
S1680470402.692513,VS0,VE0
etag
W/"64254eb4-474f"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
83, 13
chunk9-c0db84.mjs
sc.sftcdn.net/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk9-c0db84.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-25de4.mjs
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e527034c8643f0da7c4a27881a51c0bedaf1a865d0b8315a6f68b1af5bb23a53

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires
Thu, 06 Apr 2023 09:07:45 GMT
date
Sun, 02 Apr 2023 21:20:01 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
303136
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1324
x-served-by
cache-ams12745-AMS, cache-yyz4524-YYZ
last-modified
Thu, 30 Mar 2023 08:56:20 GMT
server
istio-envoy
x-timer
S1680470402.692496,VS0,VE0
etag
W/"64254eb4-1159"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
1, 1966
integrator.js
adservice.google.ca/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=ghosts-of-tabor.en.softonic.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032901.js?cb=31073515
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ghosts-of-tabor.en.softonic.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032901.js?cb=31073515
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		153 KB
32 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=65553759746854&correlator=2901595613208654&eid=31072878%2C31073319%2C31073515&output=ldjh&gdfp_req=1&vrg=2023032901&ptt=17&impl=fifs&iu_parts=5302%2Cdesktop%2Cdesktop-Web-en%2CApps%2CDownload%2CATF_MPU_First%2CATF_Notificationbar%2CATF_Leaderboard_First%2CATF_OOP_Wallpaper&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F6%2C%2F0%2F1%2F2%2F3%2F4%2F7%2C%2F0%2F1%2F2%2F3%2F4%2F8&prev_iu_szs=200x320%7C300x337%7C200x300%7C300x300%7C300x450%7C300x180%7C300x150%7C300x600%7C300x280%7C336x280%7C200x200%7C300x360%7C336x375%7C300x250%7C300x500%7C250x250%2C320x50%2C970x100%7C500x90%7C468x60%7C468x90%7C950x90%7C728x250%7C790x250%7C728x90%7C980x90%7C980x250%7C750x100%7C728x170%7C960x90%7C750x200%7C970x170%7C970x250%7C500x250%7C970x90%2C1x1&fluid=0%2Cheight%2C0%2C0&ifi=1&adks=2223804910%2C2328513852%2C64932583%2C3677634453&didk=3758857423~2641185686~1866715383~3275740276&sfv=1-0-40&prev_scp=pos%3Dtop%26countryCluster%3DA2%26td-slot%3Dtop-mpu-1%26type%3Dtop_display_mpu%26hvi%3Dfalse%26afcSlotId%3Dundefined%26amznbid%3D2%26amznp%3D2%7Cpos%3Dtop%26countryCluster%3DA2%26td-slot%3Dnative-notificationbar%26type%3Dnative_notificationbar%26hvi%3Dfalse%7Cpos%3Dtop%26countryCluster%3DA2%26td-slot%3Dtop-leaderboard-1%26type%3Dtop_display_leaderboard%26hvi%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3Dtop%26countryCluster%3DA2%26td-slot%3Dtop-wallpaper%26type%3Doop_display_wallpaper%26hvi%3Dfalse%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=personalized%3D1%26ab_upr%3D6%26segments%3D%26medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none%26recat%3Dgames%252Caction%26platformId%3Dwindows%26author%3DCombat%2520Waffle%2520Studios%26locale%3Den-US%26devel%3D0%26file%3Dbd1a73a1-0962-4a11-9c88-9fa4c1dcade2%26compliant%3D1%26country%3DCA%26hosted%3Dfalse%26ab%3DDINS-635-3%26region%3DA&sc=1&cookie_enabled=1&abxe=1&dt=1680470401720&lmt=1680470401&dlt=1680470400785&idt=482&adxs=1166%2C0%2C315%2C-12245933&adys=424%2C0%2C258%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&frm=20&vis=1&psz=300x0%7C1600x0%7C970x0%7C0x0&msz=300x0%7C1600x0%7C970x0%7C0x0&fws=512%2C4%2C4%2C128&ohw=0%2C1600%2C970%2C0&ga_vid=715226332.1680470402&ga_sid=1680470402&ga_hid=1562007908&ga_fc=true
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9817f2233ba498de6032a5ff48c57b6c6c1e7dd846415df2e01317f632212385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33198
x-xss-protection
0
google-lineitem-id
5833216688,5830557814,5791441659,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
483738838047,138370536551,138364736008,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2A30 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032901.js?cb=31073515
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 02 Apr 2023 21:20:01 GMT
expires
Mon, 01 Apr 2024 21:20:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
0c6e2e8d8cd53d596fe911a8ca19eb732e1fafa5c772e8f054e3be7761211048
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
iu3
s.amazon-adsystem.com/ Frame F836
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_n-vmg_rx_smrt_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_n-vmg_rx_smrt_3lift&dcc=t
306 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_n-vmg_rx_smrt_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
ca29644fbe4e5610aa57791a1bc30b9a1d20ce8dc786049a0ee4f28987c0050e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
306
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 02 Apr 2023 21:20:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
N42ZEDEE8CV9VYZ20H1F

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 02 Apr 2023 21:20:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_n-vmg_rx_smrt_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
1P652VT39Y1J696NZD79
publisher:getClientId
ampcid.google.ca/v1/ 		3 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.ca/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
chunk19-8205e8.mjs
sc.sftcdn.net/scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk19-8205e8.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-25de4.mjs
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
aedb16e34b863ced62d14881fabc52e4a763e2af4fb1ccf2221eeac6310a739f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires
Tue, 04 Apr 2023 13:04:54 GMT
date
Sun, 02 Apr 2023 21:20:01 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
461707
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1084
x-served-by
cache-ams21028-AMS, cache-yyz4524-YYZ
last-modified
Tue, 28 Mar 2023 09:52:16 GMT
server
istio-envoy
x-timer
S1680470402.800893,VS0,VE0
etag
W/"6422b8d0-86f"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
43, 794
/
www.facebook.com/tr/ Frame 165F 		0
59 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://ghosts-of-tabor.en.softonic.com
Referer
https://ghosts-of-tabor.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sun, 02 Apr 2023 21:20:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-152357-1&cid=715226332.1680470402&jid=769951261&gjid=1149474921&_gid=1469002498.1680470402&_u=aCDAgEABAAQCAEAAI~&z=1868513292
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 02 Apr 2023 21:20:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1562007908&t=event&ni=1&_s=1&dl=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&ul=en-us&de=UTF-8&dt=Download%20Ghosts%20of%20Tabor%20-%20latest%20version&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=RecommendedAppPopup&ea=Request&el=3&_u=aCHAAEABAAQCAGAAI~&jid=311260470&gjid=1029210002&cid=715226332.1680470402&tid=UA-152357-1&_gid=1469002498.1680470402&_r=1&_slc=1&gtm=45He33t0n715LWWHP&cd1=%2Fdownload_page&cd2=1&cd3=windows&cd4=games&cd5=action&cd12=CA&cd16=G8BzdghzTXGLv4LQjBmbkbQ3&cd21=bd1a73a1-0962-4a11-9c88-9fa4c1dcade2&cd45=redirect&cd72=DINS-635.3&cd79=Ghosts%20of%20Tabor&cd94=1486c66a-db58-4877-a637-2c14e8adb21a&cd97=&cd89=715226332.1680470402&z=833808091
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1562007908&t=pageview&_s=1&dl=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&ul=en-us&de=UTF-8&dt=Download%20Ghosts%20of%20Tabor%20-%20latest%20version&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEABAAQCAAAAI~&jid=769951261&gjid=1149474921&cid=715226332.1680470402&tid=UA-152357-1&_gid=1469002498.1680470402&gtm=45He33t0n715LWWHP&cd1=%2Fdownload_page&cd2=1&cd3=windows&cd4=games&cd5=action&cd12=CA&cd14=buy&cd16=G8BzdghzTXGLv4LQjBmbkbQ3&cd17=1&cd21=bd1a73a1-0962-4a11-9c88-9fa4c1dcade2&cd45=redirect&cd52=%2Fdownload_page&cd72=DINS-635.3&cd79=Ghosts%20of%20Tabor&cd82=redirectionDownload&cd94=1486c66a-db58-4877-a637-2c14e8adb21a&cd97=&cd110=c11&cd111=standard&cd112=kdci-new-review&z=584850099
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 18:05:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11689
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-152357-1&cid=715226332.1680470402&jid=769951261&_u=aCDAgEABAAQCAEAAI~&z=1727137690
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-152357-1&cid=715226332.1680470402&jid=769951261&_u=aCDAgEABAAQCAEAAI~&z=1727137690
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-152357-1&cid=715226332.1680470402&jid=311260470&gjid=1029210002&_gid=1469002498.1680470402&_u=aCHAAEABAAQCAGAAI~&z=2044674987
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 02 Apr 2023 21:20:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame BFE6 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_n-vmg_rx_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_n-vmg_rx_smrt_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
52ff4dafe5cc869764fc7b007efbfa9375cb7b8d0ebbeb5144506093ae60b922
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_n-vmg_rx_smrt_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1996
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 02 Apr 2023 21:20:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
WP6EM484MWM18Q243V4W
691.json
id5-sync.com/g/v2/ 		565 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/691.json
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
1aeb76fe4a743fd07233e24e6f6e6758ea829e8bece2e9754562c565176ece92
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-152357-1&cid=715226332.1680470402&jid=311260470&_u=aCHAAEABAAQCAGAAI~&z=1335510806
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-152357-1&cid=715226332.1680470402&jid=311260470&_u=aCHAAEABAAQCAGAAI~&z=1335510806
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame BFE6
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1680470402143
  • https://ad.turn.com/r/cs?pid=45&rndcb=2622911811
  • https://sync.1rx.io/usersync/turn/8233565412851397482?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-8b8d7037-a50f-4704-8a06-111aa15a5124-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-8b8d7037-a50f-4704-8a06-111a...
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-8b8d7037-a50f-4704-8a06-111aa15a5124-005
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-8b8d7037-a50f-4704-8a06-111aa15a5124-005
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_n-vmg_rx_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XVGKEPGHMNH50PHE65MG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Sun, 02 Apr 2023 21:20:02 GMT
Server
Tengine
ETag
RX8b8d7037a50f47048a06111aa15a5124005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-8b8d7037-a50f-4704-8a06-111aa15a5124-005
Content-Type
text/html
Connection
keep-alive
amzns2s
rtb.gumgum.com/usync/ Frame 0DCD 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_n-vmg_rx_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.77.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-77-179.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1cddad0be685304684aac39c6dbf7c0857879de0e0045be8a5351c1031720b5d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 02 Apr 2023 21:20:02 GMT
etag
W/"0ee2a80ec8c7d7f9c71e6d7b7679a8a20"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 2071
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_n-vmg_rx_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
82627e711fb54b8db834de8bc5afcd1a75f19fad3663dbd75990eb3d9cf6e69d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1767
Content-Type
text/html
Date
Sun, 02 Apr 2023 21:20:02 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Sun, 02 Apr 2023 21:20:02 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 538E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_n-vmg_rx_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.136.221 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-221.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=115506
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 02 Apr 2023 21:20:02 GMT
expires
Tue, 04 Apr 2023 05:25:08 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B1D0 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_n-vmg_rx_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 02 Apr 2023 21:20:02 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 6621
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1hcUNmTE5sRTJ1SmR3YzN5NWZZb3EydDduNlA1MXhTQn5B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1hcUNmTE5sRTJ1SmR3YzN5NWZZb3EydDduNlA1MXhTQn5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_n-vmg_rx_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 02 Apr 2023 21:20:02 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
5GDRZBFH9CJGR00WN02J

Redirect headers

age
0
content-length
0
date
Sun, 02 Apr 2023 21:20:02 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1hcUNmTE5sRTJ1SmR3YzN5NWZZb3EydDduNlA1MXhTQn5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
ecm3
s.amazon-adsystem.com/ Frame 42F0
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=5797391859246030884&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=5797391859246030884&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_n-vmg_rx_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 02 Apr 2023 21:20:02 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
TTFT5BADWRAKHQ4702CN

Redirect headers

content-length
0
date
Sun, 02 Apr 2023 21:20:01 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=5797391859246030884&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 9EDD
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2633585719758297007346
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2633585719758297007346
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_n-vmg_rx_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 02 Apr 2023 21:20:02 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
JK0P2ZPZAZ80GC2T2SYK

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 02 Apr 2023 21:20:02 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2633585719758297007346
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
691.json
id5-sync.com/g/v2/ 		533 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/691.json
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
87322c000f2a6fe99cea44cb18cc96e186082f9e5b433d4311825d8871dfabc8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 02 Apr 2023 21:20:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
usersync
usersync.gumgum.com/ Frame 0DCD
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://usersync.gumgum.com/usersync?b=apn&i=4906628487835955293
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=4906628487835955293
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Sun, 02 Apr 2023 21:20:02 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
07e9c640-4f62-415f-a879-a31bd7a01b0a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=4906628487835955293
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 0DCD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_7a7dccd4-e78a-471c-95d0-f6eb708c05ec&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_7a7dccd4-e78a-471c-95d0-f6eb708c05ec&gdpr=&gdpr_consent=&us_privacy=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=80ca4228-81a4-4e25-8249-c1cf0b627468&gdpr=&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=80ca4228-81a4-4e25-8249-c1cf0b627468&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=27a51034-3450-42a2-af51-38368804529a&ssp=gumgum2&expires=30&user_group=5&bsw_param=80ca4228-81a4-4e25-8249-c1cf0b627468
  • https://usersync.gumgum.com/usersync?b=bsw&i=80ca4228-81a4-4e25-8249-c1cf0b627468
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=80ca4228-81a4-4e25-8249-c1cf0b627468
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=80ca4228-81a4-4e25-8249-c1cf0b627468
Date
Sun, 02 Apr 2023 21:20:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 0DCD
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%289i5KMbS_pWEXEBncCagIaWgvHHWw3NKZd9psPXJytaZTpZxvMXZ_bsNsbYPUDj7G%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_7a7dccd4-e78a-471c-95d0-f6eb708c05ec&obuid=ENC(9i5KMbS_pWEXEBncCagIaWgvHHWw3NKZd9psPXJytaZTpZxvMXZ_bsNsbYPUDj7G)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LFZWOT3X-20-BEUI&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LFZWOT3X-20-BEUI&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:03 GMT
Cache-Control
no-cache
X-TraceId
67544c23437b1ce0c3592655214623e0
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LFZWOT3X-20-BEUI&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
usersync
usersync.gumgum.com/ Frame 0DCD
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=f22301d0-3816-45dc-b736-658ee25ce8b7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=f22301d0-3816-45dc-b736-658ee25ce8b7
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 02 Apr 2023 21:20:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=f22301d0-3816-45dc-b736-658ee25ce8b7
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 0DCD
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-72e8f41c-c614-5c44-7a44-34baa58f8010$ip$149.56.153.178
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-72e8f41c-c614-5c44-7a44-34baa58f8010$ip$149.56.153.178
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-72e8f41c-c614-5c44-7a44-34baa58f8010$ip$149.56.153.178
Date
Sun, 02 Apr 2023 21:20:02 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 0DCD
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-PkZYSgdE2pfoq7bl0w8oVZA2kZ70rsVzFbdZ~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-PkZYSgdE2pfoq7bl0w8oVZA2kZ70rsVzFbdZ~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 02 Apr 2023 21:20:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-PkZYSgdE2pfoq7bl0w8oVZA2kZ70rsVzFbdZ~A
content-length
0
usersync
usersync.gumgum.com/ Frame 0DCD
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=51747092-343d-4325-ae8f-da6bfe08675d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=51747092-343d-4325-ae8f-da6bfe08675d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=51747092-343d-4325-ae8f-da6bfe08675d
Date
Sun, 02 Apr 2023 21:20:02 GMT
Connection
keep-alive
X-CI-RTID
ac9ef40a-1aa2-4a5c-8559-56e5d495540a
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 0DCD
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=16F85AA78ED646369CC5112051089037
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=16F85AA78ED646369CC5112051089037
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 02 Apr 2023 21:20:02 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
62796124
location
https://usersync.gumgum.com/usersync?b=snc&i=16F85AA78ED646369CC5112051089037
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame 0DCD 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 02 Apr 2023 21:20:02 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 0DCD
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_7a7dccd4-e78a-471c-95d0-f6eb708c05ec&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=TgmZxETM97TubJNGF99y&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVKGO3K2PBCVITJZG5KHKYSKJZDUMOJZPE
  • https://usersync.gumgum.com/usersync?b=zem&i=TgmZxETM97TubJNGF99y
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=TgmZxETM97TubJNGF99y
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=TgmZxETM97TubJNGF99y
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 0DCD
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=180a06f6-123a-4dc0-8e44-98a84b585ba3
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=180a06f6-123a-4dc0-8e44-98a84b585ba3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=180a06f6-123a-4dc0-8e44-98a84b585ba3
access-control-allow-origin
*
date
Sun, 02 Apr 2023 21:20:02 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 0DCD
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=qMmxevOZMT1Z&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=qMmxevOZMT1Z&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(9.4.50.v20221201)
content-language
en-CA
location
https://usersync.gumgum.com/usersync?b=pln&i=qMmxevOZMT1Z&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7dfdb4b8db-xnzp7
expires
-1
usersync
usersync.gumgum.com/ Frame 0DCD
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=5797391859246030884
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=5797391859246030884
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=5797391859246030884
date
Sun, 02 Apr 2023 21:20:02 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 0DCD 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_7a7dccd4-e78a-471c-95d0-f6eb708c05ec
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SPDS8P4Z1316GEYNS54P
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame B1D0 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2ba7c4534e883c295fa1f8d94b49e267d498c5178000c3cf28e74b2cca82468

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 02 Apr 2023 12:48:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55685
Connection
keep-alive
Content-Length
10016
Expires
Mon, 03 Apr 2023 12:48:07 GMT
usersync
usersync.gumgum.com/ Frame 6F78
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=21bb6429-f182-4f00-8f77-a2ecdf1666f5&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=21bb6429-f182-4f00-8f77-a2ecdf1666f5&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 02 Apr 2023 21:20:02 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 02 Apr 2023 21:20:02 GMT
Expires
Sun, 02 Apr 2023 21:20:01 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 711 dd187f8 master ord-pixel-x20 config_version:"unknown"
location
https://usersync.gumgum.com/usersync?b=mmh&i=21bb6429-f182-4f00-8f77-a2ecdf1666f5&gdpr=&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 3B35
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZCnxggAA0PsrhQBW
  • https://usersync.gumgum.com/usersync?b=atm&i=ZCnxggAA0PsrhQBW&gdpr=&gdpr_consent=&_test=ZCnxggAA0PsrhQBW
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZCnxggAA0PsrhQBW&gdpr=&gdpr_consent=&_test=ZCnxggAA0PsrhQBW
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 02 Apr 2023 21:20:02 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 02 Apr 2023 21:20:02 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZCnxggAA0PsrhQBW&gdpr=&gdpr_consent=&_test=ZCnxggAA0PsrhQBW
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yul12823-YUL
x-timer
S1680470402.312723,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 9837 		170 B
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV83YTdkY2NkNC1lNzhhLTQ3MWMtOTVkMC1mNmViNzA4YzA1ZWM=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sun, 02 Apr 2023 21:20:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DBAC 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.136.221 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-221.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=115506
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 02 Apr 2023 21:20:02 GMT
expires
Tue, 04 Apr 2023 05:25:08 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame DEF7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=89f4937e-9350-458d-a1b8-16e98ea47418
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=89f4937e-9350-458d-a1b8-16e98ea47418
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 02 Apr 2023 21:20:02 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Sun, 02 Apr 2023 21:20:02 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=89f4937e-9350-458d-a1b8-16e98ea47418
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 42D9
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZCnxgsCo8YoAAPfBFnEAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZCnxgsCo8YoAAPfBFnEAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 02 Apr 2023 21:20:02 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sun, 02 Apr 2023 21:20:02 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZCnxgsCo8YoAAPfBFnEAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40350.dc2p.scaleout.jp
X-SO-IP
149.56.153.178
X-SO-Key
ZCnxgsCo8YoAAPfBFnEAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"149.56.153.178","key":"ZCnxgsCo8YoAAPfBFnEAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40350"}
X-SO-LB-Hostname
m-tgng38.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40350
usersync
usersync.gumgum.com/ Frame 9CBC
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=u_7a7dccd4-e78a-471c-95d0-f6eb708c05ec&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
  • https://usersync.gumgum.com/usersync?b=aad&i=43883f18-74cc-4179-92fe-1ebd79eb0e7f
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=43883f18-74cc-4179-92fe-1ebd79eb0e7f
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 02 Apr 2023 21:20:02 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Sun, 02 Apr 2023 21:20:02 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=43883f18-74cc-4179-92fe-1ebd79eb0e7f
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
usermatchredir
ssum-sec.casalemedia.com/ Frame 11FE
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1
43 B
632 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 02 Apr 2023 21:20:02 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Sun, 02 Apr 2023 21:20:02 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame 45F4
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=cdVueV8wywNfvJsIc4ol&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=cdVueV8wywNfvJsIc4ol&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 02 Apr 2023 21:20:02 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 02 Apr 2023 21:20:02 GMT Sun, 02 Apr 2023 21:20:02 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=cdVueV8wywNfvJsIc4ol&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 03B2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 02 Apr 2023 21:20:02 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 02 Apr 2023 21:20:02 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
khaos.jpg
token.rubiconproject.com/ Frame B1D0 		284 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
c52bde874ac36e8646ae455e9e84952e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame 538E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4956692&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0bb3b3b1d8ed07e33a6c281929004f89ac36d3a7a1b1c2ff8bc3cddef4f6d74c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 02 Apr 2023 21:20:02 GMT
content-length
1569
content-type
text/html; charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame 03B2 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2ba7c4534e883c295fa1f8d94b49e267d498c5178000c3cf28e74b2cca82468

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 02 Apr 2023 12:48:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55685
Connection
keep-alive
Content-Length
10016
Expires
Mon, 03 Apr 2023 12:48:07 GMT
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 4BCA 		85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sun, 02 Apr 2023 21:20:02 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12823-YUL
x-timer
S1680470402.381302,VS0,VE14
ecm3
s.amazon-adsystem.com/ Frame 5C10 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID77836631-CA60-4F89-82D5-5254B3A0E098
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 02 Apr 2023 21:20:02 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
C8WBP70G48VRA821DZ80
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 538E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=d4NmMcpgT4mC1VJUs6DgmA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
184.28.136.221 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-221.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:02 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=115506
accept-ranges
bytes
content-length
5554
expires
Tue, 04 Apr 2023 05:25:08 GMT

Redirect headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 538E
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=77836631-CA60-4F89-82D5-5254B3A0E098&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=77836631-CA60-4F89-82D5-5254B3A0E098&gdpr=0&gdpr_consent=&ct=y
49 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=77836631-CA60-4F89-82D5-5254B3A0E098&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
3.221.116.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-116-31.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:02 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.36.197
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:02 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=77836631-CA60-4F89-82D5-5254B3A0E098&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.40.39.20
content-length
0
expires
0
xuid
eb2.3lift.com/ Frame 538E 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=77836631-CA60-4F89-82D5-5254B3A0E098&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 02 Apr 2023 21:20:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
insync
thrtle.com/ Frame 538E
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=77836631-CA60-4F89-82D5-5254B3A0E098&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=77836631-CA60-4F89-82D5-5254B3A0E098&vxii_pid=12&vxii_pid1=10067&vxii_rcid=0de5bc31-1e74-4183-9f33-94f645362640
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=77836631-CA60-4F89-82D5-5254B3A0E098&vxii_pid=12&vxii_pid1=10067&vxii_rcid=0de5bc31-1e74-4183-9f33-94f645362640
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
52.3.62.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-62-68.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Sun, 02 Apr 2023 21:20:02 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=77836631-CA60-4F89-82D5-5254B3A0E098&vxii_pid=12&vxii_pid1=10067&vxii_rcid=0de5bc31-1e74-4183-9f33-94f645362640
date
Sun, 02 Apr 2023 21:20:02 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 538E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Nzc4MzY2MzEtQ0E2MC00Rjg5LTgyRDUtNTI1NEIzQTBFMDk4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 02 Apr 2023 21:20:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 538E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP47ZIu7WuH546paX3Up1-A&google_cver=1
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP47ZIu7WuH546paX3Up1-A&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 02 Apr 2023 21:20:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP47ZIu7WuH546paX3Up1-A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 538E
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:70392DB35B2F446BB99E43B3F68BEDCE
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:70392DB35B2F446BB99E43B3F68BEDCE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 02 Apr 2023 21:20:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sun, 02 Apr 2023 21:20:02 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:70392DB35B2F446BB99E43B3F68BEDCE
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 01 Apr 2023 21:20:02 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 538E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8161507818813469546&gdpr=0&gdpr_consent=&us_privacy=
1 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8161507818813469546&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 02 Apr 2023 21:20:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8161507818813469546&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 02 Apr 2023 21:20:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 538E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=89f4937e-9350-458d-a1b8-16e98ea47418&gdpr=0&gdpr_consent=
42 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=89f4937e-9350-458d-a1b8-16e98ea47418&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 02 Apr 2023 21:20:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=89f4937e-9350-458d-a1b8-16e98ea47418&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
dcm
s.amazon-adsystem.com/ Frame 2071 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZCnxgobKgrXuOQ3PvkszlgAADkEAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G6RT6FG7S6EZ8PPAR3AC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2071
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=89f4937e-9350-458d-a1b8-16e98ea47418&expiration=1683062402&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=89f4937e-9350-458d-a1b8-16e98ea47418&expiration=1683062402&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=89f4937e-9350-458d-a1b8-16e98ea47418&expiration=1683062402&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 2071
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZCnxgobKgrXuOQ3PvkszlgAADkEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE-lfgdrVa87tFxOf5vQHFc&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE-lfgdrVa87tFxOf5vQHFc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE-lfgdrVa87tFxOf5vQHFc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2071
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZCnxgobKgrXuOQ3PvkszlgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHF7O2nUArWrYPh8o5Od8Pc&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHF7O2nUArWrYPh8o5Od8Pc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHF7O2nUArWrYPh8o5Od8Pc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2071
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=1&t=pixel
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=205&external_user_id=15nh0qta8k52
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=205&external_user_id=15nh0qta8k52
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

lws
38
date
Sun, 02 Apr 2023 21:20:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
accept-encoding
utf-8
time-ms
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=205&external_user_id=15nh0qta8k52
cache-control
no-cache, no-store
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 2071
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5415445301091102796&expiration=1681680002
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5415445301091102796&expiration=1681680002
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5415445301091102796&expiration=1681680002
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame 2071
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZCnxgobKgrXuOQ3PvkszlgAA%263649&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=11c288fe-4ec6-4f0f-9368-2190ffd815c0-tuctb237702
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=11c288fe-4ec6-4f0f-9368-2190ffd815c0-tuctb237702
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=11c288fe-4ec6-4f0f-9368-2190ffd815c0-tuctb237702
date
Sun, 02 Apr 2023 21:20:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22168
crum
dsum-sec.casalemedia.com/ Frame 2071
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4906628487835955293
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4906628487835955293
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 02 Apr 2023 21:20:02 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
482db0f5-eeaf-42c6-8486-8a7ba001dd36
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4906628487835955293
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 2071 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZCnxgobKgrXuOQ3PvkszlgAADkEAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PZB5FZ1TFDWDVX8P483D
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 03B2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LFZWOT3X-20-BEUI
  • https://usersync.gumgum.com/usersync?b=mag&i=LFZWOT3X-20-BEUI
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LFZWOT3X-20-BEUI
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LFZWOT3X-20-BEUI
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
Expires
0
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032901.js?cb=31073515
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
099c242b7f21357ba887e27ac080dd6799d369d07511e1a788c633f40a6790b0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 13:19:47 GMT
server
cloudflare
x-amz-request-id
NKB4SF8VKFF5JERV
age
67
etag
W/"c248fe2e1769ec0b3fd66c9a48efe1d4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7b1c1d0f6b2ba22f-YYZ
x-amz-id-2
oPTYkLsmHpbrSGcapN7StmGFqqN33G/aGJE0vFYfH2ST/MiKxJ/0bB+A8X+rOvBuObXkWGIu/yY=
container.html
9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 67C6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032901.js?cb=31073515
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 02 Apr 2023 21:20:01 GMT
expires
Mon, 01 Apr 2024 21:20:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CBC4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032901.js?cb=31073515
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 02 Apr 2023 21:20:01 GMT
expires
Mon, 01 Apr 2024 21:20:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame CB79 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstChiY7MnIdfUyZcSPbA1Om_vaDOkaW3LP7XrAxg8yAjB4SsPhbOpdWdxe0FXhRnqzUqiVmcPAR7owpKUapAHoRAH2paR9QwbmWX7NOff2FQOGWIHQLvO2F5PGXWXb39xfTHKyp1TTAub25KGwNKAHM6XpP_8WpYhwWEPdb70OavR7smRFws-t7LQMhcz0qP6gUSa4duQguOvdwggcq_pv0ocS1WH1AVKjdlk2yDRl6hdB4xPRCB2E_VHa7sy3m8_jVnR3NQMN3S97yzsO-irIBQ7o8Xe7wQ4x7Auzji9h2m7OG1ecZuBrIRE46lqDEImoY-pBqmz2MRUz765lSZsQcZmtTIWtEjGlDvHy-YBHxnicx0mjk4qJOUtZh9WgBaO6jn_fCt8TARw&sai=AMfl-YTjE34Hbic7H4L7Oqs2_txtRi4uMJn5QRLlZZEUXyvErhzhdcqoe3bmp1ZAc-uGzR3mPvFaGv8NoyW8UyWMaqZyYe3xi5YxKM4t0cUy-neavoi52HpEH2HiqcmRoQ&sig=Cg0ArKJSzE3K9eUiXnKEEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
lre.js
player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/ Frame CB79 		1 MB
338 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032901.js?cb=31073515
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
96ca6631cc96baf92b0ab5e218e3a25a6f30e7e0f994e8b0167ab2e79115bbaf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
vIqRvgJukNDY3C438ySwP_VeSR5f7NoL
Content-Encoding
gzip
Date
Sun, 02 Apr 2023 21:20:02 GMT
x-amz-request-id
K0V2HN2ZA16RQPDN
Age
31685
x-amz-server-side-encryption
AES256
Content-Length
345239
x-amz-id-2
7H2OIiuBdYYG5BZf4lqAiogz9/o0jfjvS6BOSLlQikipCCPxgNmvrpVmYgn7rLbAKA81FOn5X98=
Last-Modified
Tue, 21 Mar 2023 12:38:30 GMT
Server
AmazonS3
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=60
Accept-Ranges
bytes
X-LLID
e805eda10f40bd158414e6fb5628831c
Expires
Sun, 02 Apr 2023 12:32:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CB79 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032901.js?cb=31073515
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49585
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1680090252828925"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Apr 2023 21:20:02 GMT
container.html
9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C8E8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032901.js?cb=31073515
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 02 Apr 2023 21:20:01 GMT
expires
Mon, 01 Apr 2024 21:20:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame B1D0
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LFZWOT3X-20-BEUI
  • https://s.amazon-adsystem.com/ecm3?id=LFZWOT3X-20-BEUI&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LFZWOT3X-20-BEUI&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DNZHS5FXD9MFJVEGPC19
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LFZWOT3X-20-BEUI&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 67C6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTmqjoM86gwuj9S_WKQIQEMHErvNHjDSNWu3g6zawukTQzlsJbssgrSoiPf8t6LZBpmWo7FCiZBsT62Z2v9SSY6YWGdkjlYxVzT7GHJhtDgqt1F_BEqHEEI9MnOOR6hjmis_jx9L3tmVYu2UCWI0xuY6B6zAbdmpTduCFA30nNO7ixJ2sZsX8NHorEsDTv8dScfXFB64zXEMF_OBekdoMHspHZoaJBj41qJLLlVYKiujAUZKqnE8zJ3pxdevaHl_EFtnHq8o7QGAS11t_zlVfAgnRST26eW7DPShVL0uFdjgsTcUwF0trQrWzDnYtT_p62q_jayohcl7ygNpu4fG_rPWe4trXPLMZQh6aVMqlZkhzB4J9EehNrjbPXK9mTXdBZY4p6xD-H5OOgrIUSAONab7BgM6hoCMIRZ9wv3N7fnrQjMFICLvTHtG5L6_9B538vaDF9cSSHH00VyDeYYTIMAdMasyIy5_Z9oKjr1YBIQDtckwqWKq7avOHQWeiUyJKNnGA5VCPv-wtNVgtbdOGI0LWLTL6eHIjentZKWJU-YS6Ch3T8UVwE-kTRyocSsgBvlufUa85hF22ADX2rqnBxP07UeVFM1wKCiEnfnIeUmDn_p1yzVGuUs6gyR4bRRjk4OLfii-BuG0e0LSgwpX-lHHKPiNpJf1lXSmPdR8aSlFGOK-fgqXIfmfPMhZqr2YuFrQyclUUMBzKbcb0l6BGPU8pleho57ncf1v5bnPLGwI4ex_EbQUwz8g9AmRfWkkUIbTCOEhKPJeTve0wrsH6gM4gpHUqyube_B53o4JJWU0w2fFC5ascw_98ism9nREAIaWNimD5_pCVuG1iSA_Ot_O68f_Yf6WTbFuDccEgmwzbUWCElgirnd3PjAYUbqAWeT4j6I5MRuGap_0qPtbBCs2Sp9iCEqUhcpKJ9LaKgpV0z1dJYz7N3GAoSUdLY7GttOrTpay31gT1SrvMrmjOfMQ0iVkt4N05dmGtyBsGeT7N5Mr0w5KbPjWmvZJv0UkPVak9kLFdygNOGUxHoufrCmcckVt4pOEPg4AQrPSj1toBZAKfErsPZCKK1DXxjJjR0lS6E2qO9J_VzKvnAxSFhkqNbMUzC3lDkQ2-Mo-EBSkvMfBhcmpE5Ek9kjk_CkKwSI_dZIn9ZHpmDr7NNmjT1WxCjiJfLOEfbLE18wkJexH0aqOWsHked1QwBeOePh6qPKFQcP4HI3TZsyn2dhc_9XFGudWAdtM7mg8VR7bi4l6PUa1GNDz0hVqtndtuJn41rlfg2W57tGkaru5uP8tWLqQ-MiZ3iZLhMn0mQs8OdkxEG68-8R1lxpmOIMK9xEzazBEMw-uApQETC75SqNde4zL_mBnkRtygxuLGS_KDCNpKjZBUe-5lNcEcCbYDVwVk2oYYJNw&sai=AMfl-YTMsgHlc5lgd1DRujfMMT-qWKcF5uuGcRe0NT9c_LHyZRjxsj3v2MRZsD_wv3X-JOI1FDuExoxQYMX-yAlJpA8bL2sATCUJBmQG7w_tMLkhbE89SLZBx1eEtWlibuvVjea4ELNIAaOEVqglWomsvhWmoHe6hWHEztxDVjqq5FcY-kpLm-XCR4mwZFUrHAn7tD_H2O2xiWP6C1uHltHt-zptpG9g05Z6ivifNv7n5RA5hyc4MVAlegzheINeR_Xj2mEKg_eDVS0n4LQydw&sig=Cg0ArKJSzEvwUyEaRDFyEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 02 Apr 2023 21:20:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
win
8proof.com/app/ Frame 67C6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://8proof.com/app/win?id=396161125546&ap=ZCnxgQAMXKcIaAuVAA_yDqjDJgfz13Xf2wNWxg&t=b
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
96.35.7434.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:02 GMT
content-length
0
server
nginx
5111
8proof.com/app/rtbmarkup/ Frame 263D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8proof.com/app/rtbmarkup/5111?id=396161125546&ctd=51034&crid=984&ap=ZCnxgQAMXKcIaAuVAA_yDqjDJgfz13Xf2wNWxg
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
96.35.7434.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
c6cbc21c55c1cde6715c32ffb1523cb0a7af7b5480578f54514b15f22ee43ea9

Request headers

Referer
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Sun, 02 Apr 2023 21:20:02 GMT
server
nginx
vary
Accept-Encoding
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 67C6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 06:20:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
53987
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8268
x-xss-protection
0
server
cafe
etag
8048349561987089234
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Apr 2023 06:20:15 GMT
l
www.google.com/ads/measurement/ Frame 67C6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQaUrZlaZNZfzLANXySST2tx891vhBTqSQgGnpZVXrLT82yMIIkDDle5EDtE5c-C8F5Y9TGGV0gTSBjpy46ShTnr90hSg
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 67C6 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 19:45:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
92090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 31 Mar 2024 19:45:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 67C6 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49585
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1680090252828925"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Apr 2023 21:20:02 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CBC4 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 19:45:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
92090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 31 Mar 2024 19:45:12 GMT
css
fonts.googleapis.com/ Frame CBC4 		2 KB
944 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&lang=en
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7cb2b177ef2c7560273c716faa3e8619d6493c29e6ebd2b4fae4459e28d66bde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 02 Apr 2023 21:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 02 Apr 2023 20:42:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Apr 2023 21:20:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CBC4 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49585
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1680090252828925"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Apr 2023 21:20:02 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C8E8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVEP2gfEpZKq5MZWXoPMPjuS_wAHSkbaNbbnQrsqWD8CNtwEQASAAYP3oooHwA4IBF2NhLXB1Yi04MTMyODQ0OTQ5NDIxOTM2yAEJ4AIAqAMBqgTBAk_QOMSZHAkHejNSYqfFfgdaUSTavc2CRoqBLRay45yJD0-gmiXDmyD2ah2Op8Md7e_9YJ1FgmZaLrLxHiALGB-caas4HHOhOXTOsnsDgZMLDR9UA4XrR4M5Ovl_sQZWM2TZuhKcTgjxoHhaJlCoLpzJxMyGO_b3lF5Jrc41m-JdJFYp9w66UuNHVVvBQa8vpmJYrVVfGIYMUn_qOEbnwQp7OUfgUU-mDFKT7q3UMXSYXHnADolmPVUglGiWbc5t9W6m1ZHwLwxZ6T8-o4fImRznNg17Zu4b6vx7woa46ZLlAm-h6VO8AmsFcmVjYyVsn1MkQvmFCfMmgx_-bddZoqySbDB6U2eKVbuv7dNw7igoOAvXOAh6KegqyxI-x5HLRO190nqrI4rbo0945ixdrVe0sB2dLCUvuhRWMcqwaV3E2uAEAYAGt9WZxa-717cxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODEzMjg0NDk0OTQyMTkzNhiT2A4&sigh=dUSS86digMc&uach_m=[UACH]&cid=CAQSOwDUE5ym2y4xw8oxart22erwXdV22eSQlL_I-F5RMzojrAHfbSW_F0Cr0X9SlK9cLNqHpbdkfB55Xr0vGAE
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers
rtimp
g.bidbrain.app/ Frame C8E8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp?sid=212ea882-d19c-11ed-aa31-16a81374bf49&d=ghosts-of-tabor.en.softonic.com&cr=ext_gen2_v10_start_sec5&gid=CAESEElzpDjK8ZqqKjDHDCuCbaU&a=imp&p=ZCnxgQAMXKoIaAuVAA_yDpPRhM1zu0b53TdRSA&im=EGJgv9L8cLwsbLEJL83sjayRLYIyyb_ub00KL_aQHt1Fp1u42RvGnVrFwll5t5XuSYf9JhtHqLE_o7JOMACb-Mp0OiFMtjFMRrRYXcL_JmYz7oLyvPETxqCSGqSfiIfQGCuaEt0s6mT7NCf5qdp4SmjpISqootMLa_KtDP910gSkCnhXJT8BfQB-RjkUNWOxMX2aHjRF1CWVMgYJTDf9L0PP6pplu5vglhbArfGfrkjyFHRx1VWtLhfPAujERiF5oTjGhRA-9tg4tAAjxSjcrTd2JxEOtJ8Mv1K8KOx-YXls1lBfDJaWNW7DIq8lQjnllCHDpF9hA8Iko3j_t2hIJqKhmMrnS5qvS0h0zfXTmVA
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:02 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
css
fonts.googleapis.com/ Frame C8E8 		4 KB
705 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 02 Apr 2023 21:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 02 Apr 2023 20:03:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Apr 2023 21:20:02 GMT
css
fonts.googleapis.com/ Frame C8E8 		1 KB
496 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Secular+One&display=swap
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd67f389aff22d6e5f56894ee306ac4fb9b55ccf52879ba0360d6b38dc19f60e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 02 Apr 2023 21:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 02 Apr 2023 20:40:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Apr 2023 21:20:02 GMT
css2
fonts.googleapis.com/ Frame C8E8 		2 KB
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b3c83e050c374cfdd13f77640509c6bf68fd787b8f35bfeef2aae4a3372355d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 02 Apr 2023 21:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 02 Apr 2023 20:37:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Apr 2023 21:20:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame C8E8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 06:20:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
53987
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Apr 2023 06:20:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame C8E8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 06:20:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
53987
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8268
x-xss-protection
0
server
cafe
etag
8048349561987089234
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Apr 2023 06:20:15 GMT
l
www.google.com/ads/measurement/ Frame C8E8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRGcBYqST-pLnD4EOm6qQuEVEMxwHBnkqW0M9cMmW3stMjA5Uu6ZmDTxkXS6tVIsKoIXGl2-M1fntZ3nvWcebWijNPv0A
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C8E8 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 19:45:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
92090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 31 Mar 2024 19:45:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C8E8 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49585
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1680090252828925"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Apr 2023 21:20:02 GMT
increment
id5-sync.com/api/esp/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
date
Sun, 02 Apr 2023 21:20:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
setuid
px.ads.linkedin.com/ Frame B1D0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFZWOT3X-20-BEUI
0
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFZWOT3X-20-BEUI
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:02 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: F02BE3377F6D4622AB5988B3753E6C74 Ref B: YMQ01EDGE0519 Ref C: 2023-04-02T21:20:02Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX4YQFshUQc1qMOCiK2bg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFZWOT3X-20-BEUI
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame B1D0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGJkMDU2NDY3ZGY4ZmEyMjZjODYwYmQ3OWQxNjI4OWMwMGE4Yzk0YQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGJkMDU2NDY3ZGY4ZmEyMjZjODYwYmQ3OWQxNjI4OWMwMGE4Yzk0YQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGJkMDU2NDY3ZGY4ZmEyMjZjODYwYmQ3OWQxNjI4OWMwMGE4Yzk0YQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B1D0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/IYsO_ADYlW--rp9n4jN6l8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-EHNrG0ZE2oINflLTMTfUNLhT5pKlify8eqKFGQ--~A
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-EHNrG0ZE2oINflLTMTfUNLhT5pKlify8eqKFGQ--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c57992b917a1c5de787b922c662fdf18
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 02 Apr 2023 21:20:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-EHNrG0ZE2oINflLTMTfUNLhT5pKlify8eqKFGQ--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame B1D0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEZaV09UM1gtMjAtQkVVSQ==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDtvhyAoLNLnOOGlD0JiHkI&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZaV09UM1gtMjAtQkVVSQ==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZaV09UM1gtMjAtQkVVSQ==&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZaV09UM1gtMjAtQkVVSQ==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
Expires
0
tap.php
pixel.rubiconproject.com/ Frame B1D0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGjibjYeG38hKCg4yBvpxKE&google_cver=1
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGjibjYeG38hKCg4yBvpxKE&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c57992b917a1c5de787b922c662fdf18
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGjibjYeG38hKCg4yBvpxKE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame B1D0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=nGZHrDNYQcmVVb04ofQjyA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nGZHrDNYQcmVVb04ofQjyA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nGZHrDNYQcmVVb04ofQjyA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZMKJDV9NR4JXP8TJR1KY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nGZHrDNYQcmVVb04ofQjyA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B1D0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=89f4937e-9350-458d-a1b8-16e98ea47418&gdpr=0&gdpr_consent=&expires=30
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=89f4937e-9350-458d-a1b8-16e98ea47418&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c57992b917a1c5de787b922c662fdf18
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=89f4937e-9350-458d-a1b8-16e98ea47418&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
dcm
aax-eu.amazon-adsystem.com/s/ Frame B1D0 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T4N716GZTXJ20A6YV8D0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
conf.js
config.anyclip.com/anyclip-widget/config/softoniccom/0011r00002IkuLz_12078/ Frame CB79 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://config.anyclip.com/anyclip-widget/config/softoniccom/0011r00002IkuLz_12078/conf.js?cb=95556
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
68bbd844ba04e9bfaa217f7ed795d8151c697ee4084e42f008238b8a86f84df5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
n5ElUP0C1g1JbcQBu2r_SJwZnwJqQR.L
Content-Encoding
gzip
Date
Sun, 02 Apr 2023 21:20:02 GMT
x-amz-request-id
S5M9GW796A5EAGSK
Age
802
x-amz-server-side-encryption
AES256
x-amz-meta-updatedby
ben+admin@anyclip.com
Content-Length
3156
x-amz-id-2
1idcikM7NdV6Hp3G//WiU00HGd0ynjg59TDoRg0xZvWirokTKoM1NvyopsxCWNeFXxhoO5Zsmzs=
Last-Modified
Thu, 16 Mar 2023 16:11:58 GMT
Server
AmazonS3
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=1800
Accept-Ranges
bytes
X-LLID
d01e864676fea5725bc111c565f5e411
Expires
Sun, 02 Apr 2023 21:36:40 GMT
rules.js
player.anyclip.com/anyclip-widget/lre-widget/sps-flow/ Frame CB79 		474 B
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.anyclip.com/anyclip-widget/lre-widget/sps-flow/rules.js
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
bf8a3d71354828a837da5f234fdeab608b2e535b11b4851e89d75b1686686635

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Expires
Sun, 02 Apr 2023 20:17:38 GMT
x-amz-version-id
Dnob.rNfaHkFPCA9eGou8IS.DrpBU9EH
Content-Encoding
gzip
Date
Sun, 02 Apr 2023 21:20:02 GMT
x-amz-request-id
PSD5DWPCZQBY0RDA
Age
3804
x-amz-meta-sha256
bf8a3d71354828a837da5f234fdeab608b2e535b11b4851e89d75b1686686635
Content-Length
218
x-amz-id-2
eYNqQWZmoEplstlUZzBsrOvXhu008JCJCSW1a+MuBQKbl/sQGVHLfO6FBdlE+ghfrvaFHKvgrQE=
Last-Modified
Thu, 30 Apr 2020 15:11:24 GMT
Server
AmazonS3
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=60
Accept-Ranges
bytes
X-LLID
1e260d69dd2e5973c1f19ba079cfa4ad
x-amz-meta-s3b-last-modified
20200430T151051Z
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=97&val=vjs&wnx=0&abc=&ty=wlo&v=0&ext=0&ta=1&lnx=0&us=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:02 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?dom=ghosts-of-tabor.en.softonic.com&cke=true&lan=en-US&plat=Win32&net=-&ver=js4.1.6.1395&dev=desktop&os=Windows&bw=Chrome%2C111&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F111.0.5563.146+Safari%2F537.36&url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&ty=data&rt=99&us=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:02 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
truncated
/ Frame CB79 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa1f9c66e99fe9ca2bbe73ea1c4aef8ea9dfd9ef5f594dfec07f377cc30a7861

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
815400d3-81ac-473d-9b57-65a87a6d4601
https://ghosts-of-tabor.en.softonic.com/ Frame CB79 		417 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ghosts-of-tabor.en.softonic.com/815400d3-81ac-473d-9b57-65a87a6d4601
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aadceda6ac29f88fdd80f43e6630da80c6f863be565d2205f0c45b1a3066ee2b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length
417
Content-Type
montserrat-v25-latin-800.woff2
cdn.8proof.com/ads/assets/fonts/ Frame 263D 		0
0
montserrat-v25-latin-600.woff2
cdn.8proof.com/ads/assets/fonts/ Frame 263D 		0
0
truncated
/ Frame 67C6 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ad01840b7008ea1128bf71869ce0a1e040464ed18e8686f0852080f067f159b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 67C6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7qqNp_r5vRWt_56XgWTe0u7rcQ_KfTspWAkWf5kqvPMxP8jBpeTvDLfuaVYB-eBj5ZXMEbQJRhEky3GqHNRDnLlb5KtXFRvvg-vzwJkp3aSOb5EdZqh1PmZzTVE_x4kCu17ZtyZJp5JcoUZwWxPUeUjdD7dM5d6xBaSRyF_nXWgOmkFeRcwRsOjPU-FIQCs7rMqvS_LfjaBpeJX8lPyE8A40bQ-s0Nkvu3QLCWgD7TOiKc2w08yfF-5rkzPYJFRc9YEWs7JnBQ8iEMtf6Cn_b_tigNqprAFTtuXKP9K7zytf-tywAsdCLERUcGDz6W0_tKZgvCh-qpM3iMJYo8cFznXeACjFReZkwPPjpuw2oh1vuUNToJ8G43vRlV-u6zXWVJFpC6WiDcmTmkg&sai=AMfl-YSGPO8UyoYUSTEh9ej40zmuPSofTxHZ_FYIB4eJ5o7A2UxUpMg9f8B4tJGTlqyew1FeH1YvVeejiB34nl-agGWG8uCsXbOzrxIf4B1BYaL1ffBiNJKqksqWQSI8lw&sig=Cg0ArKJSzBnJpmJw65m-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 02 Apr 2023 21:20:03 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CBC4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXDIfKif-5d8DhxPXmA8mY8_N-hUFC9EYq7w3mLJstQ8Kew5j9cSKFIcU4c5kydrB_AX-n45RckKp8ibTSS0MfcNpZM6v00v2klR4GxB7-VJ1JIMYRLjptMClK-Vu-A7HA2Y9RGy-ap9CJGjK6hG8P8-RLZO8Fd0eGpcZcxJfFt86NWZ--Jukewz-fbRJEeUIAXBMGjcPRgFs-OCCn4zz-NEEK1sdjt72YIktmQav_9Vx4KDGy7CrEzTHBxWOvBG4_y4dE5n8gL0k0nYVe-GdaNA8OHB3FHR6wNjA946wJRfRoQC7uTfhSOdaGOgYe6Sc7d4fUhyDIJjLftG_iPdjePzElaOOVR13--5Uzu4NPreDu-OaaYb1Qvd69zrhqh70xlfn5WRnMr7EiF7tRx2tSgfrFkiEe4T4fcJE&sai=AMfl-YS44FfIiCQZROCiEx33KmQRhOWZX8rI1ExS2SXoFJFjlEgnnfqqQKbr50vsCJR7kuUvm17vz-3MfN23sWLbnYVL3D-5F4EaHaeEFvDw43tT21uzQlYX5WLdYOzsVw&sig=Cg0ArKJSzOMco6odQtzyEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ads-download-url
en.softonic.com/ Frame CBC4 		0
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CBC4 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 10:31:05 GMT
x-content-type-options
nosniff
age
470938
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 10:31:05 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6B24 		1 KB
887 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
53590
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 02 Apr 2023 06:26:53 GMT
etag
48472445140208031
expires
Mon, 03 Apr 2023 06:26:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
authorize
trafficmanager.anyclip.com/trafficmanager/api/authorization/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trafficmanager.anyclip.com/trafficmanager/api/authorization/authorize
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.16.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-16-102.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ghosts-of-tabor.en.softonic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET,POST
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Sun, 02 Apr 2023 21:20:03 GMT
authorize
trafficmanager.anyclip.com/trafficmanager/api/authorization/ Frame CB79 		428 B
634 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trafficmanager.anyclip.com/trafficmanager/api/authorization/authorize
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.16.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-16-102.compute-1.amazonaws.com
Software
/
Resource Hash
09ab648e63f8e3d319fa49d01ffccb0ebde87fc743822dfa6689dfe4f9a7ad47

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
date
Sun, 02 Apr 2023 21:20:03 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
428
access-control-allow-methods
GET,POST
content-type
text/plain
/
ipv4.icanhazip.com/ Frame CB79 		15 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv4.icanhazip.com/
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.115.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80884445f9ffc3a58c770b201a2bb10215af2630819aa8f8434e728d82e74a5f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
cf-ray
7b1c1d141851a24d-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15
advertising.js
assets.anyclip.com/anyclip-widget/lre-widget/assets/js/ Frame CB79 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.anyclip.com/anyclip-widget/lre-widget/assets/js/advertising.js
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-meta-s3b-last-modified
20181210T110233Z
x-amz-version-id
yQR7I__mdWlTGiugUbenyyFFuDDzo_a4
Date
Sun, 02 Apr 2023 21:20:03 GMT
Last-Modified
Mon, 10 Dec 2018 11:26:45 GMT
Server
AmazonS3
x-amz-request-id
WSN4CRCDMJCM5074
Age
8652
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=14400
Accept-Ranges
bytes
Content-Length
32
x-amz-id-2
XkRbLtDLNOp1Am5oavA1H5z2+63O69uM4Az9pJHXleC1v8hj9Jidi/kPqRVKU5ez/dzEpnZ8jFo=
X-LLID
d5c3af549bde899f8dc7be4e478d3de3
Expires
Sun, 02 Apr 2023 22:55:51 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame CB79 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Sun, 02 Apr 2023 21:20:03 GMT
362290
vid.springserve.com/vast/ Frame CB79 		22 B
437 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/362290
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.243.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-243-70.compute-1.amazonaws.com
Software
nginx /
Resource Hash
263b5c14ea0c8dba145eaa30a0e60b7f9e0d3cb3c8f2356f59832ff329fa6d38

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 02 Apr 2023 21:20:03 GMT
access-control-allow-credentials
true
server
nginx
content-length
22
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/xml
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame CB79 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:12:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
483
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18923
x-xss-protection
0
last-modified
Tue, 28 Mar 2023 15:28:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Sun, 02 Apr 2023 21:27:00 GMT
client.js
s0.2mdn.net/instream/video/ Frame CB79 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 02 Apr 2023 21:20:03 GMT
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=456&val=0&wnx=0&abc=&ty=blo&v=0&ext=0&ta=1&lnx=0&us=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
truncated
/ Frame CBC4 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3488ddcfa7089f9185630191bad8dab763f32a966a61a37bc8fd18dd9f6b9e19

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame CBC4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDvcTcMm1wdG4ieH4MdsgohfR_LUOLaUyqAue28W7AKPIoxp1MWoGqgIQyNmkN9CnkMyVxGlC3waXeksy0nr4ne9V5Gh0UhJdzkg_jUXpL95aqNXjJPj5WWhC_i-_vgmgakbEOKW8sGgo7dab4rtVDeOjHgYpcIldHK4sx9QRsKGtli_hHtJbSdNtEQKj0103Pp1q8EwIubc41FpB4_x93eHxHkkHtb0LsF7IpA14sTFHA13ouJC9AgPhtAk1SO4-LM5b6HC4oc6CxFedoHR4tud2BmE3LA835BtxrMzorvSq_m2Df1fMedTuRDlerI8m6IzPdDII3eLFgFOjtsuK4OkNlxdGmgLkszxJUGPY4buf-h_JtV9ICE-i-j7t3tTkwafHkDcNB5TnchSHmGIQ&sai=AMfl-YQBesbLARKyxid_NhQRGhrGUa2H4noTHQpCtOuID1ebbS076-ty5JweU18TPO3AJ4groY1cwZUmmy7TqlFXq7rNEPFyzU8SeTKedEI-WTnXClpsvhnGQqd_nlX2Ow&sig=Cg0ArKJSzObEewWE0RnnEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 02 Apr 2023 21:20:03 GMT
ev
g.bidbrain.app/rt/ Frame C8E8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rt/ev?ka=0.3167752404561077
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:03 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
pixel
cm.g.doubleclick.net/ Frame 6B24
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBd4x2PsJDw5AYXlSlIZc38&google_cver=1&google_push=Aer7DvKWn_sWGlatW0m5G1swChWoiMuQWNsGDl4ioAWoghTeh1jOdGzxQSwPUMKFeC6J9F4B95vRnhW4yY...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBd4x2PsJDw5AYXlSlIZc38&google_cver=1&google_push=Aer7DvKWn_sWGlatW0m5G1swChWoiMuQWNsGDl4ioAWoghTeh1jOdGzxQSwPUMKFeC6J9F4B95vRnhW4yY...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aer7DvKWn_sWGlatW0m5G1swChWoiMuQWNsGDl4ioAWoghTeh1jOdGzxQSwPUMKFeC6J9F4B95vRnhW4yYqzMSoyj0p4HjBPpg&google_hm=MDUwMTAwMDVfNjQyOWYxO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aer7DvKWn_sWGlatW0m5G1swChWoiMuQWNsGDl4ioAWoghTeh1jOdGzxQSwPUMKFeC6J9F4B95vRnhW4yYqzMSoyj0p4HjBPpg&google_hm=MDUwMTAwMDVfNjQyOWYxODM3ZDA5NA%3D%3D
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 02 Apr 2023 21:20:03 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aer7DvKWn_sWGlatW0m5G1swChWoiMuQWNsGDl4ioAWoghTeh1jOdGzxQSwPUMKFeC6J9F4B95vRnhW4yYqzMSoyj0p4HjBPpg&google_hm=MDUwMTAwMDVfNjQyOWYxODM3ZDA5NA%3D%3D
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
pixel
cm.g.doubleclick.net/ Frame 6B24
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEG3ZpX3BQJ7vt1b9eS3kngo&google_cver=1&google_push=Aer7DvK_pPiJMYht3I0Vo1VNyovx3DQ6dotroCwrL_WRQLEcqM3KIuqHM2tUUb2yIefvYZdQqHy1tJlwbrqA3cy1Z6wy...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvK_pPiJMYht3I0Vo1VNyovx3DQ6dotroCwrL_WRQLEcqM3KIuqHM2tUUb2yIefvYZdQqHy1tJlwbrqA3cy1Z6wyk_wsiJQ&google_hm=gMpCKIGkTiWCScHPC2J0aA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvK_pPiJMYht3I0Vo1VNyovx3DQ6dotroCwrL_WRQLEcqM3KIuqHM2tUUb2yIefvYZdQqHy1tJlwbrqA3cy1Z6wyk_wsiJQ&google_hm=gMpCKIGkTiWCScHPC2J0aA==
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvK_pPiJMYht3I0Vo1VNyovx3DQ6dotroCwrL_WRQLEcqM3KIuqHM2tUUb2yIefvYZdQqHy1tJlwbrqA3cy1Z6wyk_wsiJQ&google_hm=gMpCKIGkTiWCScHPC2J0aA==
Date
Sun, 02 Apr 2023 21:20:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 6B24
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEITgPTUHvQrxES8j58PQN10&google_cver=1&google_push=Aer7DvJV9DCJKpmXYFfZ3y-RPQt19mCP5wOnD-bwR2va7GNzscjxVVI0Ugo24140bZ9B684Ufhj_uwkzw2kP3xJ_IYkaY2...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GAoG9hI6TcCORJioS1hbow&google_push=Aer7DvJV9DCJKpmXYFfZ3y-RPQt19mCP5wOnD-bwR2va7GNzscjxVVI0Ugo24140bZ9B684Ufhj_uwkzw2kP3xJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GAoG9hI6TcCORJioS1hbow&google_push=Aer7DvJV9DCJKpmXYFfZ3y-RPQt19mCP5wOnD-bwR2va7GNzscjxVVI0Ugo24140bZ9B684Ufhj_uwkzw2kP3xJ_IYkaY2KzFQ
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GAoG9hI6TcCORJioS1hbow&google_push=Aer7DvJV9DCJKpmXYFfZ3y-RPQt19mCP5wOnD-bwR2va7GNzscjxVVI0Ugo24140bZ9B684Ufhj_uwkzw2kP3xJ_IYkaY2KzFQ
access-control-allow-origin
*
date
Sun, 02 Apr 2023 21:20:03 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 6B24
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEBC0bI1AHowoZXUIMT6lmU0&google_cver=1&google_push=Aer7DvIZsG8sMAx9vJ28bILCXvArtIK29C45r5ky0PUc1KMg2lCfUkWSK0WXfyjQ9orGZ8fZIp3ABcSD3QNLAtwciRtqAttsohI
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIzNDcyMDAzMTQ1NDY1MjAwMFYxMA%3d%3d&mn_hm=MzIzNDcyMDAzMTQ1NDY1MjAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvIZsG8sMAx9vJ28bILCXvArtIK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIzNDcyMDAzMTQ1NDY1MjAwMFYxMA%3d%3d&mn_hm=MzIzNDcyMDAzMTQ1NDY1MjAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvIZsG8sMAx9vJ28bILCXvArtIK29C45r5ky0PUc1KMg2lCfUkWSK0WXfyjQ9orGZ8fZIp3ABcSD3QNLAtwciRtqAttsohI&gdpr=&gdpr_consent=
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:03 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIzNDcyMDAzMTQ1NDY1MjAwMFYxMA%3d%3d&mn_hm=MzIzNDcyMDAzMTQ1NDY1MjAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvIZsG8sMAx9vJ28bILCXvArtIK29C45r5ky0PUc1KMg2lCfUkWSK0WXfyjQ9orGZ8fZIp3ABcSD3QNLAtwciRtqAttsohI&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Sun, 02 Apr 2023 21:20:03 GMT
pub
cs.chocolateplatform.com/ Frame 6B24 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEAUwTFU2ypsu59l-yKe845s&google_cver=1&google_push=Aer7DvLaVYwPo3iDLnXwqOPPFw99E2l9uycXdYgnwBqrZzJIyp9WnwgCfaVGQdJFPXtME05Hc8JX6evac8GSPXM_PQ9lUOkNTIA
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 6B24
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEFcgij5hYYRcOyqp-0C3nI8&google_cver=1&google_push=Aer7DvJ88NFVOqGppaBjVvbY-Vi5KQUc2NV2zvHhDM6yLdsu-d34ti7eOOQHIZ_0WS1kPo4B3mbVz2di...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEFcgij5hYYRcOyqp-0C3nI8%26google_cver%3D1%26google_push%3DAer7DvJ88NFVOqGppaBjVv...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A3811633554147411710&exchange=193&google_gid=CAESEFcgij5hYYRcOyqp-0C3nI8&google_cver=1&google_push=Aer7DvJ88NFVOqGppaBjVvbY-Vi5KQUc2NV2zvHhDM6yLdsu-d34...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTM4MTE2MzM1NTQxNDc0MTE3MTA&google_push=Aer7DvJ88NFVOqGppaBjVvbY-Vi5KQUc2NV2zvHhDM6yLdsu-d34ti7eOOQHIZ_0WS1kPo4B3mbVz2d...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTM4MTE2MzM1NTQxNDc0MTE3MTA&google_push=Aer7DvJ88NFVOqGppaBjVvbY-Vi5KQUc2NV2zvHhDM6yLdsu-d34ti7eOOQHIZ_0WS1kPo4B3mbVz2diGbyHGjU-7xDz6rfkJpjY
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTM4MTE2MzM1NTQxNDc0MTE3MTA&google_push=Aer7DvJ88NFVOqGppaBjVvbY-Vi5KQUc2NV2zvHhDM6yLdsu-d34ti7eOOQHIZ_0WS1kPo4B3mbVz2diGbyHGjU-7xDz6rfkJpjY
Date
Sun, 02 Apr 2023 21:20:03 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
um
cs.emxdgt.com/ Frame 6B24 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 6B24 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J8EWeHnHkfBxs5cdB0UO_wBNPxPkkmcedStV_-BIcOeGqP8Owh8Yy8ZAopPklCJHqQMYzGR94
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
rtimp
g.bidbrain.app/ Frame C8E8 		0
180 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp?sid=212ea882-d19c-11ed-aa31-16a81374bf49&d=ghosts-of-tabor.en.softonic.com&cr=ext_gen2_v10_start_sec5&gid=CAESEElzpDjK8ZqqKjDHDCuCbaU&a=load&p=ZCnxgQAMXKoIaAuVAA_yDpPRhM1zu0b53TdRSA&r=1688661423&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:03 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame CB79 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNoBaqE40LSZbPB-Ov2KnQTCS8skdooSHEqAffwMgVhDUYPlJvmj3CRPZ8rSxqfWr_GN7_jNGk7JG2h0fuGTAgNhFfxnTRrHXYX821mogqgc5FHksQrj5QCw2dkZJGEcjvOJBgdu-7PNk2QBfV17z0w2aA7sNCc-iGtZs0E5QRRJodnwzPQ1tFM9e5NW54eTnlUNTg02kQN8va2NVW8_olyBcOD0gjHMfC5uv8NFRDPoC9s8LEv-BqxoU-aD4wJlnn2dBpg2xhyJAf7P8dNH8xj_HYRfvPXZPZmT5CVlEwOQ0KT0Tw5E1hUrxyuDjMFsGVuPvOQS9HzvvTeI1v-Vn8_s9h5sPEKZrnEHjo0FvcBfrw0uhiLzsRX_IJiG89F5_13BPt1-gpkNId&sai=AMfl-YQwd8K-yLtfzMOL6VphnV9yiwo1MAmEw3FjyiWMFduQL3lO_fzsUiE1UlCVA-pnPkUxEmignD1EAoRETHJcBN5YEIiGZAFRMhCEsOTdinM6IuAaU1-vahwmcWJVwQ&sig=Cg0ArKJSzCWToSQpKnVyEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 02 Apr 2023 21:20:03 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023032901&st=env
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf696d77a52e8c8d1db0a229de4f684bb9a85cdb1f2c3289d4d7067cf82c330c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11315
x-xss-protection
0
rtg.gif
notix.io/ 		43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notix.io/rtg.gif?px=6e905836-a063-4bc0-86eb-0fbf019cde2e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:19:58 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
43
sync
x.bidswitch.net/ Frame 94A7 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-899WWCjvyFIBPWl5H4Rj3GvVhDQeRkceRu5bKA&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 94A7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-zLK7CyjvyFIBPWl5H4Rj3GvVhDSxW2ZGB0slBg&google_cm&google_hm=ay16TEs3Q3lqdnlGSUJQV2w1SDRSajNHdlZoRFN4VzJaR...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-zLK7CyjvyFIBPWl5H4Rj3GvVhDSxW2ZGB0slBg&google_gid=CAESENU5nalnnwm4V4VZWTXIxYE&google_cver=1&google_ula=913071,0
43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-zLK7CyjvyFIBPWl5H4Rj3GvVhDSxW2ZGB0slBg&google_gid=CAESENU5nalnnwm4V4VZWTXIxYE&google_cver=1&google_ula=913071,0
Protocol
H2
Server
74.119.118.138 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:03 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1266640
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-zLK7CyjvyFIBPWl5H4Rj3GvVhDSxW2ZGB0slBg&google_gid=CAESENU5nalnnwm4V4VZWTXIxYE&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 94A7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4906628487835955293
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4906628487835955293
Protocol
H2
Server
74.119.118.138 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1455964
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 02 Apr 2023 21:20:03 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
134f9041-a59b-4839-815b-f6a6cf64777a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4906628487835955293
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
secure.adnxs.com/ Frame 94A7 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=52&code=k-XDyGvCjvyFIBPWl5H4Rj3GvVhDQWzN95GzooOg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:03 GMT
AN-X-Request-Uuid
b99628ae-6d51-4041-8abb-ade9f72f7307
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
partner.mediawallahscript.com/ Frame 94A7 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-zLK7CyjvyFIBPWl5H4Rj3GvVhDSxW2ZGB0slBg&custom=&tag_format=img&tag_action=sync&custom=&cb=d138ca15-e9e2-4c29-8297-a3d4b642b629
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.137.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-137-128.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
cksync.php
contextual.media.net/ Frame 94A7 		61 B
802 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-SDxoYCjvyFIBPWl5H4Rj3GvVhDTL-nrbzMmC-g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.156.23 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-156-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 02 Apr 2023 21:20:03 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sun, 02 Apr 2023 21:20:03 GMT
tap.php
pixel.rubiconproject.com/ Frame 94A7 		42 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-y5nmNijvyFIBPWl5H4Rj3GvVhDT0ejvpVJxDRQ&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c57992b917a1c5de787b922c662fdf18
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame 94A7 		68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-Itcs4CjvyFIBPWl5H4Rj3GvVhDRa0Ac6oyC5xg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.160.90 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-160-90.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
cache-control
no-cache
content-length
68
content-type
image/png
/
rtb-csync.smartadserver.com/redir/ Frame 94A7 		43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-MPlXEyjvyFIBPWl5H4Rj3GvVhDQOm66D_eMk7w
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.197 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 02 Apr 2023 21:20:03 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 94A7 		0
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-mpfysSjvyFIBPWl5H4Rj3GvVhDSSG56oO68kxA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22146
um
criteo-sync.teads.tv/ Frame 94A7 		23 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-JhW5XyjvyFIBPWl5H4Rj3GvVhDTEh8hj65Dehg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.137.83 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-137-83.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires
Sun, 02 Apr 2023 21:20:03 GMT
pragma
no-cache
date
Sun, 02 Apr 2023 21:20:03 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 94A7 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-FlhC8yjvyFIBPWl5H4Rj3GvVhDS2oV5jyz8cjQ&dongle=013b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 02 Apr 2023 21:20:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ups.analytics.yahoo.com/ups/58301/ Frame 94A7 		0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-dGFMLCjvyFIBPWl5H4Rj3GvVhDSuJWNInsfjTQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
idsync
tg.socdm.com/aux/ Frame 94A7 		43 B
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-Pif_SijvyFIBPWl5H4Rj3GvVhDRosfkm0PRZxg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.215.52 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:03 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-Pif_SijvyFIBPWl5H4Rj3GvVhDRosfkm0PRZxg","cluster_id":0,"gdpr":false,"ipv4":"149.56.153.178","key":"ZCnxgsCo8YoAAPfBFnEAAAAA","privacy_sensitive":false,"uid":"ZCnxgsCo8YoAAPfBFnEAAAAA","upstream_id":"a-ad40350"}
X-SO-Key
ZCnxgsCo8YoAAPfBFnEAAAAA
X-SO-Upstream-ID
a-ad40350
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40350.dc2p.scaleout.jp
X-SO-UID
ZCnxgsCo8YoAAPfBFnEAAAAA
Connection
keep-alive
Content-Length
43
X-SO-IP
149.56.153.178
X-SO-Cluster-ID
0
Server
nginx
Content-Type
image/gif
Cache-Control
private
X-SO-Ads-Time
81
X-SO-LB-Hostname
m-tgng38.dc4p.scaleout.jp
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 94A7
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-oVGzDijvyFIBPWl5H4Rj3GvVhDQIvsb2lMdaaw
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=CRITEO&uid=732efe97317e6352de4c1caf24b5064b&visitor=k-oVGzDijvyFIBPWl5H4Rj3GvVhDQIvsb2lMdaaw
49 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=CRITEO&uid=732efe97317e6352de4c1caf24b5064b&visitor=k-oVGzDijvyFIBPWl5H4Rj3GvVhDQIvsb2lMdaaw
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:03 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:03 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=CRITEO&uid=732efe97317e6352de4c1caf24b5064b&visitor=k-oVGzDijvyFIBPWl5H4Rj3GvVhDQIvsb2lMdaaw
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
7
content-length
0
expires
0
sync
tags.bluekai.com/site/29001/ Frame 94A7
Redirect Chain
  • https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
  • https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=DkDqZCQGTJRey65zxkXkaaDuxEufAT61
62 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=DkDqZCQGTJRey65zxkXkaaDuxEufAT61
Protocol
H2
Server
104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:03 GMT
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control
max-age=0, no-cache, no-store
content-length
62
bk-server
50f
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

location
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=DkDqZCQGTJRey65zxkXkaaDuxEufAT61
date
Sun, 02 Apr 2023 21:20:03 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1015619
content-length
0
rum
r.casalemedia.com/ Frame 94A7 		43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-4nRXeSjvyFIBPWl5H4Rj3GvVhDSAMuFDsIep4w
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
user-registering
ads.stickyadstv.com/ Frame 94A7 		43 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-bLLPDCjvyFIBPWl5H4Rj3GvVhDSHen4lw-HSdQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:03 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1680470403452074-259
match
ad.360yield.com/ Frame 94A7 		43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-uZWmACjvyFIBPWl5H4Rj3GvVhDTkN12f-u5SVQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.221.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-221-23.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 02 Apr 2023 21:20:03 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame 94A7 		42 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-mzTGGCjvyFIBPWl5H4Rj3GvVhDTw0EWiqzg9lQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
28292
i6.liadm.com/s/ Frame 94A7
Redirect Chain
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-wlBJwyjvyFIBPWl5H4Rj3GvVhDSQTuK05-B7QQ
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-wlBJwyjvyFIBPWl5H4Rj3GvVhDSQTuK05-B7QQ&_li_chk=true&previous_uuid=2088e8a3830e44bb965415b1640a4d98
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-wlBJwyjvyFIBPWl5H4Rj3GvVhDSQTuK05-B7QQ
43 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-wlBJwyjvyFIBPWl5H4Rj3GvVhDSQTuK05-B7QQ
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:f829:6715:25ad:4b5d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:03 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-wlBJwyjvyFIBPWl5H4Rj3GvVhDSQTuK05-B7QQ
Date
Sun, 02 Apr 2023 21:20:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
push
exchange.mediavine.com/usersync/ Frame 94A7 		0
967 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-fWiaGyjvyFIBPWl5H4Rj3GvVhDRD1ACFiMbY7g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.205.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-205-252.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
c.gif
c.bing.com/ Frame 94A7 		42 B
503 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-O8lhESjvyFIBPWl5H4Rj3GvVhDQidWY9wA_9Mg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:03 GMT
last-modified
Thu, 16 Mar 2023 17:15:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EB9B6B8CD3A9440282D415787E923A74 Ref B: YMQ01EDGE0610 Ref C: 2023-04-02T21:20:03Z
etag
"daa25ce62a58d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
cookie-sync
sync.outbrain.com/ Frame 94A7 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-wT3oFCjvyFIBPWl5H4Rj3GvVhDRZg4-oTXBMBg&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:03 GMT
Cache-Control
no-cache
X-TraceId
b384b7cfe9c7e3762c3d6f07610192dc
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 94A7 		42 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-TtX2qijvyFIBPWl5H4Rj3GvVhDRV_DCyFUMw8A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 02 Apr 2023 21:20:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel_sync
trends.revcontent.com/cm/ Frame 94A7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-An4wNCjvyFIBPWl5H4Rj3GvVhDQxwoDx5upiAw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.182.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-182-6.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers
/
s.ad.smaato.net/c/ Frame 94A7
Redirect Chain
  • https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-cjoutyjvyFIBPWl5H4Rj3GvVhDShWOcywG-ksg
  • https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-cjoutyjvyFIBPWl5H4Rj3GvVhDShWOcywG-ksg&cookieCheck=1
0
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-cjoutyjvyFIBPWl5H4Rj3GvVhDShWOcywG-ksg&cookieCheck=1
Protocol
H2
Server
2600:9000:2209:3600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
via
1.1 6a2d00c5c73022efc4bc2786f44b3cdc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control
max-age=300
x-amz-cf-id
JYSMlhV7XtKKwHXGJQfgION7RXLJ7ANQzjTb5xV_rJEYFtaHYVn1lQ==

Redirect headers

date
Sun, 02 Apr 2023 21:20:03 GMT
via
1.1 6a2d00c5c73022efc4bc2786f44b3cdc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-cjoutyjvyFIBPWl5H4Rj3GvVhDShWOcywG-ksg&cookieCheck=1
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
iJOfUIl-9YLbXyi8jKLRMfgao4kkAhtYXrS9BXbPBkahwZpk1UdH_A==
sync
criteo-partners.tremorhub.com/ Frame 94A7 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-ONN1GSjvyFIBPWl5H4Rj3GvVhDTfdl7wW1ASOQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:2359:9f97:ea6d:7162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sun, 02 Apr 2023 21:20:03 GMT
server
Apache-Coyote/1.1
content-type
image/gif
sync.htm
ade.clmbtech.com/uid/ Frame 94A7 		68 B
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-Zgs48ijvyFIBPWl5H4Rj3GvVhDR-3sCoVlzEtw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8379 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Sun, 02 Apr 2023 21:20:03 GMT
x-content-type-options
nosniff
server
Bhoot
x-frame-options
sameorigin
content-type
image/jpeg
x-upstream
172.29.83.55:80
x-request-time
0.001
content-disposition
inline;filename=f.txt
content-length
68
x-xss-protection
1; mode=block
ev
g.bidbrain.app/rt/ Frame C8E8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rt/ev?ka=0.37339696480433116
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:03 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=616&val=ac&wnx=0&abc=&ty=ami&v=0&ext=0&ta=1&lnx=0&us=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
play-big.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ Frame CB79 		650 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/play-big.svg?hash=85e4da4098
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
3cc9389c9cfdbc0fb7c282c3026c3cd9c11894913f4cf60cf9d1140a1415ad0a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Expires
Sun, 02 Apr 2023 22:34:51 GMT
x-amz-version-id
P54LBC7dA7.CKZKZL0usNEXn5r08cUmk
Content-Encoding
gzip
Date
Sun, 02 Apr 2023 21:20:03 GMT
x-amz-request-id
RVFYSA77AC7Q6CHS
Age
9912
Content-Length
405
x-amz-id-2
tDjLtyYZPF4zeeqDZJ6hgruXhG+QxonaKtuPEUFtH9W6wLjENEcwhTZTl6fHi+aCEXbTecoFiPvsJdcjmTWMRg==
Last-Modified
Tue, 06 Aug 2019 13:18:15 GMT
Server
AmazonS3
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=14400
Accept-Ranges
bytes
X-LLID
277c4525a072b9d67c0feabf3d13e2a3
x-amz-meta-s3b-last-modified
20190806T131201Z
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=653&val=%5E0%3D%2F5302%2Fdesktop%2Fdesktop-Web-en%2FApps%2FDownload%2FATF_Lea%5E1%3Dderboard_First&wnx=0&abc=&ty=cma&v=0&ext=0&ta=1&lnx=0&us=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
playlist
trafficmanager.anyclip.com/trafficmanager/api/v2/player/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trafficmanager.anyclip.com/trafficmanager/api/v2/player/playlist?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.16.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-16-102.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ghosts-of-tabor.en.softonic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET,POST
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Sun, 02 Apr 2023 21:20:03 GMT
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=676&val=0&wnx=0&abc=&ty=wre&v=0&ext=0&ta=1&lnx=0&us=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
Softonic_logo_2018.png
assets.anyclip.com/pub-assets/softoniccom/ Frame CB79 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.anyclip.com/pub-assets/softoniccom/Softonic_logo_2018.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
81bf7859a2ccab77c41c58b57ab31a1afc56d7bcca020a02a1c420aacb259b6e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
JuaioyS4tzZeIrBJeNHJ7k57A3LUYxV0
Date
Sun, 02 Apr 2023 21:20:03 GMT
Last-Modified
Mon, 27 Sep 2021 17:44:39 GMT
Server
AmazonS3
x-amz-request-id
C056MAA7F1AR59J4
Age
3775
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=60
Accept-Ranges
bytes
Content-Length
60341
x-amz-id-2
x0Yb0UX96PTRB8eldwbsvBdTGMMdoLh+MormJ5cT1wd6XaVNUlGX7K4QQQVQYsrOwwdRAZgqSzA=
X-LLID
6cc306a0f2b85c17e120d6ad67a302e5
Expires
Sun, 02 Apr 2023 20:18:08 GMT
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=686&val=970&wnx=0&abc=&ty=psw&v=0&ext=0&ta=1&lnx=0&us=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=687&val=249&wnx=0&abc=&ty=psh&v=0&ext=0&ta=1&lnx=0&us=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
playlist
trafficmanager.anyclip.com/trafficmanager/api/v2/player/ Frame CB79 		38 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trafficmanager.anyclip.com/trafficmanager/api/v2/player/playlist?
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.16.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-16-102.compute-1.amazonaws.com
Software
/
Resource Hash
4bdf12b03becbdd600d8ffc06d03ca84e73c1097e0d61bc2b1a99315b4164e50

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
content-encoding
gzip
vary
accept-encoding
access-control-allow-methods
GET,POST
content-type
application/json
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=690&val=0&wnx=0&abc=&ty=prq&v=0&ext=0&ta=1&lnx=0&us=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032901.js?cb=31073515
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 02 Apr 2023 21:20:03 GMT
ev
g.bidbrain.app/rt/ Frame C8E8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rt/ev?ka=0.899334658264846
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:03 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=701&val=&wnx=0&abc=&ty=cuc&v=0&ext=0&ta=1&lnx=0&us=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7971 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
50849
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 02 Apr 2023 07:12:34 GMT
expires
Mon, 01 Apr 2024 07:12:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 33BF 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f820bf998b2552b2b25f79e19654f124471486a8a98eaa4285d0d41683284305
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xD02mokI4Oq_u8Bc3n2QxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-xD02mokI4Oq_u8Bc3n2QxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 02 Apr 2023 21:20:03 GMT
expires
Sun, 02 Apr 2023 21:20:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ev
g.bidbrain.app/rt/ Frame C8E8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rt/ev?ka=0.4127093330229674
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:03 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=806&val=%7B%22userAgent%22%3A%7B%22allow%22%3Atrue%2C%22software%22%3A%7B%22nameCode%22%3A%22chrome%22%2C%22ver%22%3A%22111%22%7D%2C%22os%22%3A%7B%22nameCode%22%3A%22windows%22%2C%22ver%22%3A%2210%22%7D%2C%22hw%22%3A%7B%22type%22%3A%22computer%22%2C%22subType%22%3Anull%7D%7D%7D&wnx=0&abc=&ty=prs&v=1&ext=0&ta=1&lnx=0&us=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=807&val=0&wnx=0&abc=&ty=pll&v=1&ext=0&ta=1&lnx=0&us=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
1680278829161_414x270_thumbnail.jpg
cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/ Frame CB79 		0
0
rtimp
g.bidbrain.app/ Frame C8E8 		0
18 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp?sid=212ea882-d19c-11ed-aa31-16a81374bf49&d=ghosts-of-tabor.en.softonic.com&cr=ext_gen2_v10_start_sec5&gid=CAESEElzpDjK8ZqqKjDHDCuCbaU&a=ev_prf&p=ZCnxgQAMXKoIaAuVAA_yDpPRhM1zu0b53TdRSA&r=1688661423&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1&ps=%5B%22100.50%22%2C%2284.30%22%2C%2251.70%22%2C%2284.20%22%5D
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:03 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
1680278829161_414x270_thumbnail.jpg
cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/ Frame CB79 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/1680278829161_414x270_thumbnail.jpg?wid=0011r00002IkuLz_12078
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
c7fa093da06c5a1c94cb5473e5f48f46aba48f140527c047d634e0d3368fa0a7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:03 GMT
Last-Modified
Fri, 31 Mar 2023 16:07:10 GMT
Server
AmazonS3
x-amz-request-id
1PEJJJGRM5HC7D4V
Age
33524
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
Content-Length
34585
x-amz-id-2
XhIvYLPaAAbA79HyOpOTRxxKG+RLlWuEtZRqndv+1y9H/k5wK5Ij99YRQTHpGJ4VN8zOb8rdHJ2QGDTw/8dekg==
X-LLID
a042a73f588ed5811d3ee4d5c101d138
Expires
Mon, 03 Apr 2023 12:01:19 GMT
1680278829161_414x270_thumbnail.jpg
cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/ Frame CB79 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/1680278829161_414x270_thumbnail.jpg?wid=0011r00002IkuLz_12078
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
c7fa093da06c5a1c94cb5473e5f48f46aba48f140527c047d634e0d3368fa0a7

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
Origin
https://ghosts-of-tabor.en.softonic.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:03 GMT
Last-Modified
Fri, 31 Mar 2023 16:07:10 GMT
Server
AmazonS3
x-amz-request-id
1PEJJJGRM5HC7D4V
Age
33524
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
Content-Length
34585
x-amz-id-2
XhIvYLPaAAbA79HyOpOTRxxKG+RLlWuEtZRqndv+1y9H/k5wK5Ij99YRQTHpGJ4VN8zOb8rdHJ2QGDTw/8dekg==
X-LLID
11446249e8ef86dbd4c3d8900c686a1a
Expires
Mon, 03 Apr 2023 12:01:19 GMT
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&inx=0&rt=847&val=&wnx=1&abc=&ty=pli&v=1&ext=0&ta=1&lnx=0&us=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
demconf.jpg
dpm.demdex.net/ Frame 94A7
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=3JqhV1ErKP-2lMpN5z0IcXH2bnyAN4H3
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=3JqhV1ErKP-2lMpN5z0IcXH2bnyAN4H3
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=3JqhV1ErKP-2lMpN5z0IcXH2bnyAN4H3
Protocol
HTTP/1.1
Server
34.196.131.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-131-192.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v045-073105ea5.edge-va6.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
04y+zuqeToo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-1-v045-0a6360890.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
rjCqJ45nSxs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=3JqhV1ErKP-2lMpN5z0IcXH2bnyAN4H3
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
6ce995ba-de40-4457-993b-31a6236f6788
https://ghosts-of-tabor.en.softonic.com/ Frame CB79 		6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ghosts-of-tabor.en.softonic.com/6ce995ba-de40-4457-993b-31a6236f6788
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a9c21f73e5781b07e9ae478497472051a87ee326e95761bb2d82387b07cbbcf6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length
5905
Content-Type
application/javascript
5c2a5263-2b5f-40e2-ba97-0506c682ef85
https://ghosts-of-tabor.en.softonic.com/ Frame CB79 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ghosts-of-tabor.en.softonic.com/5c2a5263-2b5f-40e2-ba97-0506c682ef85
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3679a2ad89d2768799b2ee540197e2d8af593e0b79f9c55cb2d4495c1934c8e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length
80204
Content-Type
application/javascript
4fd79f7d-d144-4778-bec3-cfac83855e5f
https://ghosts-of-tabor.en.softonic.com/ Frame CB79 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ghosts-of-tabor.en.softonic.com/4fd79f7d-d144-4778-bec3-cfac83855e5f
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3679a2ad89d2768799b2ee540197e2d8af593e0b79f9c55cb2d4495c1934c8e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length
80204
Content-Type
application/javascript
1680278829161_414x270_thumbnail.jpg
cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/ Frame CB79 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/1680278829161_414x270_thumbnail.jpg?wid=0011r00002IkuLz_12078
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
c7fa093da06c5a1c94cb5473e5f48f46aba48f140527c047d634e0d3368fa0a7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:03 GMT
Last-Modified
Fri, 31 Mar 2023 16:07:10 GMT
Server
AmazonS3
x-amz-request-id
1PEJJJGRM5HC7D4V
Age
33524
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
Content-Length
34585
x-amz-id-2
XhIvYLPaAAbA79HyOpOTRxxKG+RLlWuEtZRqndv+1y9H/k5wK5Ij99YRQTHpGJ4VN8zOb8rdHJ2QGDTw/8dekg==
X-LLID
3a2e7948c869c6ac9f785074a6617ea5
Expires
Mon, 03 Apr 2023 12:01:19 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 33BF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023032901&jk=65553759746854&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers
master.m3u8
cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/ Frame CB79 		561 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/master.m3u8?wid=0011r00002IkuLz_12078
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
b762270cf0cd9758dde71e6b91ed6e506b10df15695c65e551e44afc193626c0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:03 GMT
Last-Modified
Fri, 31 Mar 2023 16:09:13 GMT
Server
AmazonS3
x-amz-request-id
7314ZWQ1DP1PZW25
Age
13906
x-amz-server-side-encryption
AES256
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
Content-Length
561
x-amz-id-2
0t5Lsb8NE8ygAvPAGrTJe2S6O2ukH3Z1EBzU4gUZIhd7JawcqliDiAvwHVHWV9p74hatg3e+AgU=
X-LLID
db4ed22aa6d2ada6210e1e88b352ed9d
Expires
Mon, 03 Apr 2023 17:28:17 GMT
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&inx=0&rt=878&val=1&wnx=1&abc=&ty=cla&v=1&ext=0&ta=1&lnx=0&us=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
volume-off.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ Frame CB79 		901 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/volume-off.svg?hash=85e4da4098
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
2bf4b5202559dbe01d8188a3adb26d68755a69064f233ef63f284b08efaed6ad

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Expires
Mon, 03 Apr 2023 00:16:50 GMT
x-amz-version-id
LD1v9d__0LhgJzdvbwPuMTNvxNdup1gK
Content-Encoding
gzip
Date
Sun, 02 Apr 2023 21:20:03 GMT
x-amz-request-id
D5Q6DXCR4V6Z8JDH
Age
3793
Content-Length
527
x-amz-id-2
Ec/innwK/d2tnpQs2qq7GkCMfjs9/6csOjtkV/CfpwttiKTtJU1OhVRhoRWeaF6pbhIOYeZOVkg=
Last-Modified
Sun, 12 Aug 2018 11:52:27 GMT
Server
AmazonS3
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=14400
Accept-Ranges
bytes
X-LLID
b61c5c5a15e376a70590410e225cad2f
x-amz-meta-s3b-last-modified
20180812T115113Z
icon-gear.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ Frame CB79 		992 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/icon-gear.svg?hash=85e4da4098
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
e2ffbe9668df9a29783b6f8e7cad3e763e788c37228c9b7e9498bbd2d36d0fb3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Expires
Mon, 03 Apr 2023 00:20:39 GMT
x-amz-version-id
s6Lf45IkRPfJc7QY9oz9DGiod1e2bICp
Content-Encoding
gzip
Date
Sun, 02 Apr 2023 21:20:03 GMT
x-amz-request-id
38S8AWM2CSJ2GWJQ
Age
3564
x-amz-meta-sha256
e2ffbe9668df9a29783b6f8e7cad3e763e788c37228c9b7e9498bbd2d36d0fb3
Content-Length
450
x-amz-id-2
wOuVBoHb3JSAyWp0rwd5jWby+3qbOZ6IS9DF2y6EPzC/Wdq4LZs12+rssHa8MeK4l3reNK9o554=
Last-Modified
Wed, 04 Aug 2021 07:28:27 GMT
Server
AmazonS3
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=14400
Accept-Ranges
bytes
X-LLID
06fa7da2f4d75ac5d8312f39e2d47d6f
x-amz-meta-s3b-last-modified
20210802T135007Z
fullscreen.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ Frame CB79 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/fullscreen.svg?hash=85e4da4098
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
0b7b74a139779fba8e1d17d597aa7cbffa27bd33d2b5c43d8039264c2a627412

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Expires
Sun, 02 Apr 2023 23:22:15 GMT
x-amz-version-id
U03j5muVk7AbvhQemSaiRqevJSRY_Dma
Content-Encoding
gzip
Date
Sun, 02 Apr 2023 21:20:04 GMT
x-amz-request-id
PH384EWPHJC7QJ5F
Age
7069
Content-Length
531
x-amz-id-2
Fqat5/Q0CTkSPx10Xk+4W3Q4G49s5PXeWhhuJBTm4xkPUtyfChkBy7rk7SEepRqu/TGcLxP2Krc=
Last-Modified
Thu, 09 Aug 2018 13:37:33 GMT
Server
AmazonS3
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=14400
Accept-Ranges
bytes
X-LLID
3bc8ddb862811df8482b0d26d23f85e3
x-amz-meta-s3b-last-modified
20180704T113429Z
pause.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ Frame CB79 		758 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/pause.svg?hash=85e4da4098
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
d544eae637d61ee786c0a45bb0a7f250f9280bcd2ea1576655a761f1d397b8df

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Expires
Sun, 02 Apr 2023 21:55:33 GMT
x-amz-version-id
COllNS2vUDfTYhxXvQJ57jWZVnnMficH
Content-Encoding
gzip
Date
Sun, 02 Apr 2023 21:20:03 GMT
x-amz-request-id
1PFBDJPNS7XYWHQR
Age
12270
Content-Length
430
x-amz-id-2
dLD7TdfgiEM+rc3ZsSgZKPo3PxGa9rn5rRdu1lkQ6We3xqaYYdZf/jcEoLu5k+HfdJsQrU4STlY=
Last-Modified
Thu, 09 Aug 2018 13:37:34 GMT
Server
AmazonS3
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=14400
Accept-Ranges
bytes
X-LLID
bb15be6ed4e2d7e4d3fa143b967b35e0
x-amz-meta-s3b-last-modified
20180704T113405Z
next.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ Frame CB79 		729 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/next.svg?hash=85e4da4098
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
55775baf70d2f1d40bac3a60de82e8e42b7e34687802f73671f25f2f60fdc6d4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Expires
Sun, 02 Apr 2023 22:24:28 GMT
x-amz-version-id
9oEyfyolAdum9dgyt9Cw6qZIm50OH1cD
Content-Encoding
gzip
Date
Sun, 02 Apr 2023 21:20:03 GMT
x-amz-request-id
ZBJTPVYWM6Z1S86Z
Age
10535
Content-Length
469
x-amz-id-2
k5ocyYBswvRW4h9f7bupEt17TaR0e7+Ju8EK3nKn8NIx/oALAsKmW0y1VZRqbCHnDQsB2vCjpCI=
Last-Modified
Thu, 09 Aug 2018 13:37:34 GMT
Server
AmazonS3
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=14400
Accept-Ranges
bytes
X-LLID
a1b5352deb85768c21cf3e41db152d93
x-amz-meta-s3b-last-modified
20180704T113415Z
truncated
/ Frame CB79 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://ghosts-of-tabor.en.softonic.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js
pagead2.googlesyndication.com/bg/ Frame 7971 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
sffe /
Resource Hash
63366603b6b4f2ff5fd3cedfc2a503668acbfbb4c11e63ce80f5b57144bc7df4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 06:47:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
138748
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14293
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 13:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Mar 2024 06:47:35 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 593F 		224 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58020f939aafcc326a509ea78fff8dae140989c84eb68d873da58198cf116b2b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 20:59:58 GMT
content-encoding
gzip
via
1.1 0459f0f7053eeb224fd9fe0f5db5970a.cloudfront.net (CloudFront), 1.1 936397b26a4278a4582b6e1456333afa.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 19:30:00 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, EWR52-C2
age
1206
x-amz-server-side-encryption
AES256
etag
W/"d56f69f591501c51a51bb8f94f3df073"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
s6ALG0WChTJawVTiyKGujz68nocddQxRwpSdd_0PP_s1UuC5YGpbDA==
index.m3u8
cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/ Frame CB79 		725 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/index.m3u8?wid=0011r00002IkuLz_12078
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
5e3c0fc205b9835c14369c3968aeb8800a20e1ddb601e69ceea830e01b10c0d4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:03 GMT
Last-Modified
Fri, 31 Mar 2023 16:09:12 GMT
Server
AmazonS3
x-amz-request-id
7WDKR61BFM73N73B
Age
28150
x-amz-server-side-encryption
AES256
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
Content-Length
725
x-amz-id-2
vsHodQWomXm9gfYF0TCV14p/TTZk4K6LE2lMmg4hS1uS8CX/eveeK56u+nCK2qf/y2vCvEtmdsU=
X-LLID
dd8a985f6368a934dcf317ec2c7689da
Expires
Mon, 03 Apr 2023 13:30:53 GMT
0000_segment.ts
cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/ Frame CB79 		169 KB
169 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/0000_segment.ts?wid=0011r00002IkuLz_12078
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
23b8f59d68dcc728b3fa0608d1755d0910fff6469f37c4e9712f684a06d1920a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:03 GMT
Last-Modified
Fri, 31 Mar 2023 16:09:12 GMT
Server
AmazonS3
x-amz-request-id
2F4QY2PZQJ319ST5
Age
30903
x-amz-server-side-encryption
AES256
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
Content-Length
172584
x-amz-id-2
y13WREvymy0Zs0JiNMXj0gTaSGkBZhz70YMGy2gpDpC86Q6o4oB29HZZJJytNbipPIXO9q0gzsZ5R+ZvRZnjRA==
X-LLID
68d8516f19668f3e84d0a4e3b2d9a0b3
Expires
Mon, 03 Apr 2023 12:45:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 593F 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
x-amz-version-id
JWp1qp7MFzulJHtnMcdn8BBX506LKUt8
content-encoding
gzip
via
1.1 5dd7b838ea405f86fdd3f313ecc68490.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 28 Mar 2023 02:10:35 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
JahA0jCWk3Yy3Y1woI-uSLzZ_F-OiAx0ifshvw6HqvQRQLDYssn1lQ==
config
c.amazon-adsystem.com/cdn/prod/ Frame 593F 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&pubid=171208af-037d-48f1-af92-1c24c2ee644a
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
cd55d653c930d2f2660d557e496ca034dc71329b806a7713cc9658b3dc1284ba

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
via
1.1 936397b26a4278a4582b6e1456333afa.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1741
x-amz-cf-id
uuw6bx1TqgQ6Yv83igpyfw2Kmhf0nW8FIL7SziFl4k5dOC9Rb8-MSg==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 593F 		161 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&pid=XpD7aYgm8zRHt&cb=0&ws=0x8&v=23.320.1710&t=2000&slots=%5B%7B%22id%22%3A%22AC_Sites%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22970x249%22%5D%7D%5D&pubid=171208af-037d-48f1-af92-1c24c2ee644a&gdprl=%7B%22status%22%3A%22tcfv2-error%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*dQizkrBwMnd20W48Y1B74N-IuuCjUS4GmA7SgF0gLqdBzyOHEl_G5k44PcysBTQlQdBMJsamV9qQzZ5F5bXaqw%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.94.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-94-225.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
d08f896529caca0370f68506748ff69c8f731718e6fdf90e0d1d72fe1dcd8c56
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 58a45bf3f07dfdca95ebcb7935e84994.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
VCQBVFFBPKKE8N1RM35H
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
161
x-amz-cf-id
Lnexxr62HJeBmTOY309YIhZzwbeLOXdwsen4mGF-y0Z2nxSeXuCPkQ==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 593F 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.40.172.207 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-172-207.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Sun, 02 Apr 2023 21:35:03 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame 593F 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
26840d8e6a3847df23553537b405e9badca0dff237b0854f15d04656dd57e40e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 08:55:10 GMT
content-encoding
gzip
via
1.1 177517a7a813d3db43efccb1bf2be96a.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 22:36:34 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
44694
etag
W/"4c91450a102f312a8d75826eeee52ef9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
orID3N6bWYs727-hJCQ_jIXP_4wtmG7IYuFzlPg2VmDEex7s8VMucQ==
hadron.js
cdn.hadronid.net/ Frame 593F 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=about%3Ablank&ref=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&_it=amazon&partner_id=170
Requested by
Host: ghosts-of-tabor.en.softonic.com
URL: https://ghosts-of-tabor.en.softonic.com/download?ex=DINS-635.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 10:57:44 GMT
server
cloudflare
x-amz-request-id
R73R1YPRACF14W1S
age
5553
etag
W/"2280e2148e4ee3c06f679f8fac039778"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7b1c1d182e95a204-YYZ
x-amz-id-2
WpOFdHRh0gZH7PTUEqY5v8mEYbtnrkKVHNEuK91XPVGIyKANEnrrd1RZ9sjCZq9Ca2D9jqeWhgI=
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 593F 		0
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.131.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-131-28.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 02 Apr 2023 21:20:03 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.131.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-131-28.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ghosts-of-tabor.en.softonic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 02 Apr 2023 21:20:03 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
generate_204
tpc.googlesyndication.com/ Frame 7971 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?wJURjQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
0001_segment.ts
cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/ Frame CB79 		222 KB
223 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/0001_segment.ts?wid=0011r00002IkuLz_12078
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
84f247283d2d5c557b7d073b988a0f4e79eaa695741dafb1a1fe59161c518c79

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:03 GMT
Last-Modified
Fri, 31 Mar 2023 16:09:12 GMT
Server
AmazonS3
x-amz-request-id
0SP4V357FS0GGCYR
Age
37623
x-amz-server-side-encryption
AES256
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
Content-Length
227668
x-amz-id-2
oCeMC4CBT0OcsFRzxgOQgHONunKRsoZv0TXYuDZdk5bScU+SQWaCTVY3XypaSDztHl80RqJxrY0=
X-LLID
6a072b1c7d9e88c2e9dc8b38d62fc40a
Expires
Mon, 03 Apr 2023 10:53:00 GMT
map
bcp.crwdcntrl.net/6/ Frame 593F 		235 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.116.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-116-31.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
0287c989f52e070e1c778fa0f63e64c2132f4e290bb48c5a3b2f04b4775d7490

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:03 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
cache-control
no-cache
x-server
10.40.7.181
access-control-allow-credentials
true
content-length
235
expires
0
0002_segment.ts
cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/ Frame CB79 		158 KB
159 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/0002_segment.ts?wid=0011r00002IkuLz_12078
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
b1eb3611ac1836a0ff112beaaf159699df1aca136adf2c2aa19771f68402de50

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:03 GMT
Last-Modified
Fri, 31 Mar 2023 16:09:12 GMT
Server
AmazonS3
x-amz-request-id
SRY7NNZ9J3JKVZBP
Age
31153
x-amz-server-side-encryption
AES256
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
Content-Length
162244
x-amz-id-2
nrEzzT3ocYh7xoGKZXQtaFD4F0+KVORcWBiAzDYrH52CY6qetzAALoGiZxL9cj/oZ+O7PoVaTSg=
X-LLID
667d4efbeb95c96d63e93b41cb335d97
Expires
Mon, 03 Apr 2023 12:40:50 GMT
hadron.json
id.hadron.ad.gt/v1/ Frame 593F 		47 B
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=170&sync=0&domain=ghosts-of-tabor.en.softonic.com&url=about:blank
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=about%3Ablank&ref=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&_it=amazon&partner_id=170
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9465ef06764587af0a8d7dc16680b1c6dc29563bd7afa53f5ab28ab58da77387

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
cache-control
public,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
cf-ray
7b1c1d191844a23b-YYZ
content-length
47
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=170&sync=0&domain=ghosts-of-tabor.en.softonic.com&url=about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ghosts-of-tabor.en.softonic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
7b1c1d18dfbda23b-YYZ
content-length
0
content-type
application/json
date
Sun, 02 Apr 2023 21:20:04 GMT
debug
OPTIONS block
expires
Mon, 01 Apr 2024 21:20:03 GMT
server
cloudflare
0003_segment.ts
cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/ Frame CB79 		239 KB
239 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/0003_segment.ts?wid=0011r00002IkuLz_12078
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
795408bc1ab4b09c85ce6af8c1058b110e9124bd931a571193f029a51f41d3f1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:03 GMT
Last-Modified
Fri, 31 Mar 2023 16:09:12 GMT
Server
AmazonS3
x-amz-request-id
1ZKPFDT864Q5P9GH
Age
45559
x-amz-server-side-encryption
AES256
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
Content-Length
244400
x-amz-id-2
oYbLmccNJECvkPSxbJn+0wM/leUPOYaeKX5TNaypis/Zx3hl3qtpkW72x6nh9JQA4qaJ6CSibgQ=
X-LLID
ac4fcd38a1acf2c2022d8162d69fa91a
Expires
Mon, 03 Apr 2023 08:40:44 GMT
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&inx=0&rt=1256&val=ad%3Dhttps%253A%252F%252Fmarketplace.anyclip.com%252Fv1%252Fwaterfall%253Fsti%253Di0TMNoABdw63yRGprZvT%2526w%253D970%2526h%253D249%2526v%253D1%2526cb%253D413002464%2526pid%253Dsoftoniccom%2526sid%253DPddYHHs0UvmrJAKanTwMbW07Z9l1nyBb%2526cid%253Djf4uu4spjfruewlugyzuezdgnjqxirlf%2526wid%253D0011r00002IkuLz_12078%2526dom%253Dghosts-of-tabor.en.softonic.com%2526abc%253D%2526geo%253DCA%2526dev%253D1%2526bw%253Dchrome%2526os%253Dwindows%2526ip%253D149.56.153.178%2526url%253Dhttps%25253A%25252F%25252Fghosts-of-tabor.en.softonic.com%2526gdpr%253D%2526consent%253D%2526schain%253D1.0%252C1%2521anyclip.com%252C0011r00002IkuLzAAJ%252C1%252C%252C%252C%2526us_privacy%253D%2526utm%253D%2526pl%253Da%2526ima%253D4%2526clipPlayCounter%253D1%2526tid%253D%2524%255Btid%255D%2526amznbid%253D%2526amzniid%253D%2526ua%253DMozilla%25252F5.0%252520%2528Windows%252520NT%25252010.0%25253B%252520Win64%25253B%252520x64%2529%252520AppleWebKit%25252F537.36%252520%2528KHTML%25252C%252520like%252520Gecko%2529%252520Chrome%25252F111.0.5563.146%252520Safari%25252F537.36%2526domain%253Dghosts-of-tabor.en.softonic.com%2526page%253D%2524%255Bpage%255D%2526itemid%253D%2524%255Bitemid%255D%2526zone%253D%2524%255Bzone%255D%2526permutive%253D%2524%255Bpermutive%255D%2526key_custom3%253D%25255E0%25253D%25252F5302%25252Fdesktop%25252Fdesktop-Web-en%25252FApps%25252FDownload%25252FATF_Lea%25255E1%25253Dderboard_First%2526gpt%253D%2524%255Bgpt%255D%26mavs%3D0%26rqcm%3D1%26m%3D1%26ast%3D-1%26smb%3D1%26sid%3DPddYHHs0UvmrJAKanTwMbW07Z9l1nyBb%26imaw%3D0%26amd%3D1%26sf%3D0%26page_url%3Dhttps%253A%252F%252Fghosts-of-tabor.en.softonic.com%26wf%3D1%26af%3D1%26af_dp%3D0.1%26af_am%3Ddynamic%26af_mf%3D0.55%26pb_t%3D20000%26spb%3D0&wnx=1&abc=&ty=arq&v=1&ext=0&ta=1&lnx=0&us=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a&anx=1&arx=1&crt=63&s=0&aty=vid&tty=ac&rol=mid&sti=i0TMNoABdw63yRGprZvT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:03 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
events
marketplace.anyclip.com/v1/ Frame CB79 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&inx=0&rt=1257&val=&wnx=1&abc=&ty=frq&v=1&ext=0&ta=1&lnx=0&us=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a&anx=1&arx=1&crt=63&s=0&aty=vid&tty=ac&rol=mid&sti=i0TMNoABdw63yRGprZvT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.139.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-139-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
content-length
0
events
marketplace.anyclip.com/v1/ Frame CB79 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&inx=0&rt=1258&val=&wnx=1&abc=&ty=wfr&v=1&ext=0&ta=1&lnx=0&us=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a&anx=1&arx=1&crt=63&s=0&aty=vid&tty=ac&rol=mid&sti=i0TMNoABdw63yRGprZvT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.139.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-139-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
content-length
0
lreprx.js
player.anyclip.com/lreprx/js/v1/src/ Frame FF34 		195 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fmarketplace.anyclip.com%2Fv1%2Fwaterfall%3Fsti%3Di0TMNoABdw63yRGprZvT%26w%3D970%26h%3D249%26v%3D1%26cb%3D413002464%26pid%3Dsoftoniccom%26sid%3DPddYHHs0UvmrJAKanTwMbW07Z9l1nyBb%26cid%3Djf4uu4spjfruewlugyzuezdgnjqxirlf%26wid%3D0011r00002IkuLz_12078%26dom%3Dghosts-of-tabor.en.softonic.com%26abc%3D%26geo%3DCA%26dev%3D1%26bw%3Dchrome%26os%3Dwindows%26ip%3D149.56.153.178%26url%3Dhttps%253A%252F%252Fghosts-of-tabor.en.softonic.com%26gdpr%3D%26consent%3D%26schain%3D1.0%2C1!anyclip.com%2C0011r00002IkuLzAAJ%2C1%2C%2C%2C%26us_privacy%3D%26utm%3D%26pl%3Da%26ima%3D4%26clipPlayCounter%3D1%26tid%3D%24%5Btid%5D%26amznbid%3D%26amzniid%3D%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F111.0.5563.146%2520Safari%252F537.36%26domain%3Dghosts-of-tabor.en.softonic.com%26page%3D%24%5Bpage%5D%26itemid%3D%24%5Bitemid%5D%26zone%3D%24%5Bzone%5D%26permutive%3D%24%5Bpermutive%5D%26key_custom3%3D%255E0%253D%252F5302%252Fdesktop%252Fdesktop-Web-en%252FApps%252FDownload%252FATF_Lea%255E1%253Dderboard_First%26gpt%3D%24%5Bgpt%5D&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&imaw=0&wf=1
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
cbf4f0344c175cbd5e1dfc22ee610e5719107a9d6f48f022858db6ff8deab981

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
3Bh5sFQ28TXjFTPnAjoQBP1CKZ1Q4rUE
Content-Encoding
gzip
Date
Sun, 02 Apr 2023 21:20:04 GMT
x-amz-request-id
SEF2HWM7FWXRC1E2
Age
31572
x-amz-server-side-encryption
AES256
Content-Length
45111
x-amz-id-2
R59acJLrYvDfd/0hgiZCYzQxakxc+XCFFQA9UzoWgJ8ZNF4FbJruTsXv7hj/sowb2TA00JiMUdA=
Last-Modified
Thu, 30 Mar 2023 12:29:13 GMT
Server
AmazonS3
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=60
Accept-Ranges
bytes
X-LLID
92cb1ff85c4623065358d872863c4174
Expires
Sun, 02 Apr 2023 12:34:52 GMT
iu3
s.amazon-adsystem.com/ Frame C7E0 		331 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-onetag_n-MediaNet_n-Beeswax_cnv_an-db5_sovrn_n-Outbrain
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
6d79e0a3c6d09615223eb18f0ca85097a43196f3b816e2c2192c30dbfb20d580
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
331
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 02 Apr 2023 21:20:03 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
WQ281ECN5GSKHV6Q9C6M
0004_segment.ts
cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/ Frame CB79 		254 KB
254 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/0004_segment.ts?wid=0011r00002IkuLz_12078
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
c3fc08bb2329247ab68564902dec1d2f2aeafbd0c1530687d5498bebc712f847

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:04 GMT
Last-Modified
Fri, 31 Mar 2023 16:09:12 GMT
Server
AmazonS3
x-amz-request-id
7ZPW8DW9CRJKZEKG
Age
32060
x-amz-server-side-encryption
AES256
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
Content-Length
260004
x-amz-id-2
hDDlNERFRDS4EldNrh2RwU41L5r1ql3r/fwwUlubUvwaBAU9O1Ic+jPIC/7/OKh2FNkGLWBlW5p3dWdZhQ3K8g==
X-LLID
9cd1e74b2bfe96cb9c42eeaed0e105e4
Expires
Mon, 03 Apr 2023 12:25:44 GMT
pr
s.amazon-adsystem.com/v3/ Frame E712 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-onetag_n-MediaNet_n-Beeswax_cnv_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-onetag_n-MediaNet_n-Beeswax_cnv_an-db5_sovrn_n-Outbrain
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
b7470cd5acebfb134cb7c5db03fab7aebe7b137d56a1e782348c14b16aa2e9e6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-onetag_n-MediaNet_n-Beeswax_cnv_an-db5_sovrn_n-Outbrain
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1746
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 02 Apr 2023 21:20:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
D1P2TPVGBA7D1E70KT9H
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&inx=0&rt=1329&val=1.1.41_265_prod&wnx=1&abc=&ty=xlo&v=1&ext=0&ta=1&lnx=0&us=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a&sti=i0TMNoABdw63yRGprZvT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame FF34 		361 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fmarketplace.anyclip.com%2Fv1%2Fwaterfall%3Fsti%3Di0TMNoABdw63yRGprZvT%26w%3D970%26h%3D249%26v%3D1%26cb%3D413002464%26pid%3Dsoftoniccom%26sid%3DPddYHHs0UvmrJAKanTwMbW07Z9l1nyBb%26cid%3Djf4uu4spjfruewlugyzuezdgnjqxirlf%26wid%3D0011r00002IkuLz_12078%26dom%3Dghosts-of-tabor.en.softonic.com%26abc%3D%26geo%3DCA%26dev%3D1%26bw%3Dchrome%26os%3Dwindows%26ip%3D149.56.153.178%26url%3Dhttps%253A%252F%252Fghosts-of-tabor.en.softonic.com%26gdpr%3D%26consent%3D%26schain%3D1.0%2C1!anyclip.com%2C0011r00002IkuLzAAJ%2C1%2C%2C%2C%26us_privacy%3D%26utm%3D%26pl%3Da%26ima%3D4%26clipPlayCounter%3D1%26tid%3D%24%5Btid%5D%26amznbid%3D%26amzniid%3D%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F111.0.5563.146%2520Safari%252F537.36%26domain%3Dghosts-of-tabor.en.softonic.com%26page%3D%24%5Bpage%5D%26itemid%3D%24%5Bitemid%5D%26zone%3D%24%5Bzone%5D%26permutive%3D%24%5Bpermutive%5D%26key_custom3%3D%255E0%253D%252F5302%252Fdesktop%252Fdesktop-Web-en%252FApps%252FDownload%252FATF_Lea%255E1%253Dderboard_First%26gpt%3D%24%5Bgpt%5D&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&imaw=0&wf=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3dd3f9f6c6fb24816e23864a76aa3e52103730816a536e8fae82e264196a2f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123698
x-xss-protection
0
expires
Sun, 02 Apr 2023 21:20:04 GMT
waterfall
marketplace.anyclip.com/v1/ Frame FF34 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://marketplace.anyclip.com/v1/waterfall?sti=i0TMNoABdw63yRGprZvT&w=970&h=249&v=1&cb=413002464&pid=softoniccom&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&wid=0011r00002IkuLz_12078&dom=ghosts-of-tabor.en.softonic.com&abc=&geo=CA&dev=1&bw=chrome&os=windows&ip=149.56.153.178&url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&amznbid=&amzniid=
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fmarketplace.anyclip.com%2Fv1%2Fwaterfall%3Fsti%3Di0TMNoABdw63yRGprZvT%26w%3D970%26h%3D249%26v%3D1%26cb%3D413002464%26pid%3Dsoftoniccom%26sid%3DPddYHHs0UvmrJAKanTwMbW07Z9l1nyBb%26cid%3Djf4uu4spjfruewlugyzuezdgnjqxirlf%26wid%3D0011r00002IkuLz_12078%26dom%3Dghosts-of-tabor.en.softonic.com%26abc%3D%26geo%3DCA%26dev%3D1%26bw%3Dchrome%26os%3Dwindows%26ip%3D149.56.153.178%26url%3Dhttps%253A%252F%252Fghosts-of-tabor.en.softonic.com%26gdpr%3D%26consent%3D%26schain%3D1.0%2C1!anyclip.com%2C0011r00002IkuLzAAJ%2C1%2C%2C%2C%26us_privacy%3D%26utm%3D%26pl%3Da%26ima%3D4%26clipPlayCounter%3D1%26tid%3D%24%5Btid%5D%26amznbid%3D%26amzniid%3D%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F111.0.5563.146%2520Safari%252F537.36%26domain%3Dghosts-of-tabor.en.softonic.com%26page%3D%24%5Bpage%5D%26itemid%3D%24%5Bitemid%5D%26zone%3D%24%5Bzone%5D%26permutive%3D%24%5Bpermutive%5D%26key_custom3%3D%255E0%253D%252F5302%252Fdesktop%252Fdesktop-Web-en%252FApps%252FDownload%252FATF_Lea%255E1%253Dderboard_First%26gpt%3D%24%5Bgpt%5D&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&imaw=0&wf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.139.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-139-35.compute-1.amazonaws.com
Software
/
Resource Hash
6fe7a3bdd22e81fa4d9435461d0a97786d86cfd168396d36091da3219abb7ffc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
date
Sun, 02 Apr 2023 21:20:04 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
957
access-control-allow-methods
GET
content-type
application/json
rtimp
g.bidbrain.app/ Frame C8E8 		0
18 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp?sid=212ea882-d19c-11ed-aa31-16a81374bf49&d=ghosts-of-tabor.en.softonic.com&cr=ext_gen2_v10_start_sec5&gid=CAESEElzpDjK8ZqqKjDHDCuCbaU&a=vw&p=ZCnxgQAMXKoIaAuVAA_yDpPRhM1zu0b53TdRSA&r=1688661423&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:04 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
170
a.ad.gt/api/v1/u/matches/ Frame 593F 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/170?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=about%3Ablank&ref=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&_it=amazon&partner_id=170
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f04063a034a9568fa95895d466e17bbf6ef8cc1c63021b1ec418f9a3d770c22

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 02 Apr 2023 21:17:31 GMT
server
cloudflare
age
153
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
7b1c1d1a1d1f53e9-YYZ
ecm3
s.amazon-adsystem.com/ Frame E712
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=3c10f921
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=3c10f921
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-onetag_n-MediaNet_n-Beeswax_cnv_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C8Z9RRFRJREFCA800XGA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sun, 02 Apr 2023 21:20:04 GMT
via
1.1 6a2d00c5c73022efc4bc2786f44b3cdc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=3c10f921
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
5X0bz5N672rPjGY8E2GzLNDI-ih4FiNI8SFUPRGUvGHu6CKNVFbvGA==
/
onetag-sys.com/match/ Frame E712 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-onetag_n-MediaNet_n-Beeswax_cnv_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.187 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip187.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame E712
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3234720031454637000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3234720031454637000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-onetag_n-MediaNet_n-Beeswax_cnv_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z4PSZPB349CXRPSVE6SF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:04 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3234720031454637000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Sun, 02 Apr 2023 21:20:04 GMT
ecm3
s.amazon-adsystem.com/ Frame E712
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1
  • https://s.amazon-adsystem.com/ecm3?id=AABdqU7IU-MAACHm6G7N6w&ex=beeswax.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AABdqU7IU-MAACHm6G7N6w&ex=beeswax.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-onetag_n-MediaNet_n-Beeswax_cnv_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Y6QVBJ91E962BT5YF5N9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AABdqU7IU-MAACHm6G7N6w&ex=beeswax.com
Date
Sun, 02 Apr 2023 21:20:04 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame E712
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=TgmZxETM97TubJNGF99y
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=TgmZxETM97TubJNGF99y
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-onetag_n-MediaNet_n-Beeswax_cnv_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XV4EQ84FTP1TG7QYCFT1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:04 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=TgmZxETM97TubJNGF99y
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
101
Expires
Thu, 01 Dec 1994 16:00:00 GMT
0005_segment.ts
cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/ Frame CB79 		295 KB
296 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/0005_segment.ts?wid=0011r00002IkuLz_12078
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
405d2678459ffa6c115adb70f84ab12d40269080e1c47e26a06cb1a0f04fbd35

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:04 GMT
Last-Modified
Fri, 31 Mar 2023 16:09:12 GMT
Server
AmazonS3
x-amz-request-id
P29XH09CA1AG4PYG
Age
47185
x-amz-server-side-encryption
AES256
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
Content-Length
302492
x-amz-id-2
kgbrBigRiHam7V/fGYAQSjr82XhtaYULv3oyyzvxk/iNNlKvDo0ilS4L/ucZOP1n9pMAMw/s0ac=
X-LLID
1171e3fd229f6fb0371999b75f8feba2
Expires
Mon, 03 Apr 2023 08:13:39 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 67C6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstx4fdAFNfwfiKyu4FUv7Fu9s7vXutD8EFiCuNbUyrt90inR9LXJvSAP9-xAqLHUjM8u80lZi_uR6bfHwsLf6gEEzWLvJ3yOB9Sqv3Nwg3p-j9loPGEdplIROM4bFMV3Hnqv9OUPOgGvE0Lpy0jDU2hWfHk40rem26_zD0yC6856JSko_8uvYZ7pg&sig=Cg0ArKJSzMoPNtkf6XYXEAE&id=lidar2&mcvt=1013&p=439,991,1039,1291&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20230329&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2223804910&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680470402461&rpt=552&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 5F09
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=224cb405a1dd1641&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAACTWuFy428vgN_yDJdAAAAAAA&expiration=1680556804&is_secure=true
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAACTWuFy428vgN_yDJdAAAAAAA&expiration=1680556804&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-onetag_n-MediaNet_n-Beeswax_cnv_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 02 Apr 2023 21:20:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
C7YN662S2STDZTC83MXM

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Sun, 02 Apr 2023 21:20:04 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAACTWuFy428vgN_yDJdAAAAAAA&expiration=1680556804&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
ecm3
s.amazon-adsystem.com/ Frame CB1A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=4906628487835955293&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=4906628487835955293&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-onetag_n-MediaNet_n-Beeswax_cnv_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 02 Apr 2023 21:20:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
9RWNMY8ZKQZF3BZPQXRP

Redirect headers

AN-X-Request-Uuid
8b29607a-4471-4bd5-9fa0-520425f04bcb
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 02 Apr 2023 21:20:04 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=4906628487835955293&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
amazon
ap.lijit.com/beacon/ Frame FF36
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-onetag_n-MediaNet_n-Beeswax_cnv_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.69 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
a3fc5c6d058d02b985e4d967ecee05bf4ef6d3469cc061d87ca580e620daeb04

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
466
Content-Type
text/html
Date
Sun, 02 Apr 2023 21:20:04 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap3ewr1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Sun, 02 Apr 2023 21:20:04 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3ewr1
cbba0c29-0834-4606-9e84-2b3ac3c79d7c
https://ghosts-of-tabor.en.softonic.com/ Frame CB79 		489 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://ghosts-of-tabor.en.softonic.com/cbba0c29-0834-4606-9e84-2b3ac3c79d7c
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc9798fd5ebb8d163418a4a8088b226a9678532426493550e4f03261bef3739f

Request headers

Referer
Origin
https://ghosts-of-tabor.en.softonic.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length
489
Content-Type
image/png
0006_segment.ts
cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/ Frame CB79 		346 KB
346 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/0006_segment.ts?wid=0011r00002IkuLz_12078
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
02f8e9c460d80ad589f216e4cdbb00013c0d1b46c1f7337bc06049a99ebc2d51

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:04 GMT
Last-Modified
Fri, 31 Mar 2023 16:09:12 GMT
Server
AmazonS3
x-amz-request-id
SJ3032GFJNBDWC8A
Age
49953
x-amz-server-side-encryption
AES256
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
Content-Length
353816
x-amz-id-2
QbZvbhZLQcDgjLL+esHhPsEOp3kPsQI2NDejJT8FuTk9SW54HGU7doUnP/V2jKoQbb2lubwoVZs=
X-LLID
5bf8bda91665045fefcdc7c8a910fbb6
Expires
Mon, 03 Apr 2023 07:27:31 GMT
bridge3.566.2_en.html
imasdk.googleapis.com/js/core/ Frame 19C0 		711 KB
226 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.566.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a139618572b9c9b5e7e0d75d62f81c0d6aa6202f72db242ed62b860e805027db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
519669
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231184
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 27 Mar 2023 20:58:55 GMT
expires
Tue, 26 Mar 2024 20:58:55 GMT
last-modified
Mon, 27 Mar 2023 20:51:45 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame FF34 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 02 Apr 2023 21:20:04 GMT
hadron.js
cdn.hadronid.net/ Frame 593F 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?partner_id=170&sync=1&url=about%3Ablank
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/170?_it=amazon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 10:57:44 GMT
server
cloudflare
x-amz-request-id
R73R1YPRACF14W1S
age
5554
etag
W/"2280e2148e4ee3c06f679f8fac039778"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7b1c1d1a9b54a204-YYZ
x-amz-id-2
WpOFdHRh0gZH7PTUEqY5v8mEYbtnrkKVHNEuK91XPVGIyKANEnrrd1RZ9sjCZq9Ca2D9jqeWhgI=
170
p.ad.gt/api/v1/p/ Frame 593F 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/170
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/170?_it=amazon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f9d55f0949bd70d519b0783ee8ab32f4a9a8444d379b60d882aefb7231b4f9d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 02 Apr 2023 21:17:19 GMT
server
cloudflare
age
165
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7b1c1d1b0c6fa24a-YYZ
match
ids.ad.gt/api/v1/ Frame 593F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001680470404-0CJ8A44E-MX8X&adnxs_id=$UID&gdpr=0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001680470404-0CJ8A44E-MX8X&adnxs_id=4906628487835955293&gdpr=0
43 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001680470404-0CJ8A44E-MX8X&adnxs_id=4906628487835955293&gdpr=0
Protocol
H2
Server
44.238.78.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-78-48.us-west-2.compute.amazonaws.com
Software
nginx/1.23.3 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
cache-control
no-cache
server
nginx/1.23.3
content-length
43
content-type
image/gif

Redirect headers

Date
Sun, 02 Apr 2023 21:20:04 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
64b34915-4cc8-4a94-aae3-c0e3e98e9997
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001680470404-0CJ8A44E-MX8X&adnxs_id=4906628487835955293&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/ Frame 593F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001680470404-0CJ8A44E-MX8X&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=89f4937e-9350-458d-a1b8-16e98ea47418&id=AU1D-0100-001680470404-0CJ8A44E-MX8X
43 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=89f4937e-9350-458d-a1b8-16e98ea47418&id=AU1D-0100-001680470404-0CJ8A44E-MX8X
Protocol
H2
Server
44.238.78.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-78-48.us-west-2.compute.amazonaws.com
Software
nginx/1.23.3 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
cache-control
no-cache
server
nginx/1.23.3
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ids.ad.gt/api/v1/t_match?tdid=89f4937e-9350-458d-a1b8-16e98ea47418&id=AU1D-0100-001680470404-0CJ8A44E-MX8X
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
259
pbm_match
ids.ad.gt/api/v1/ Frame 593F
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001680470404-0CJ8A44E-MX8X
  • https://ids.ad.gt/api/v1/pbm_match?pbm=77836631-CA60-4F89-82D5-5254B3A0E098&id=AU1D-0100-001680470404-0CJ8A44E-MX8X
43 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=77836631-CA60-4F89-82D5-5254B3A0E098&id=AU1D-0100-001680470404-0CJ8A44E-MX8X
Protocol
H2
Server
44.238.78.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-78-48.us-west-2.compute.amazonaws.com
Software
nginx/1.23.3 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
cache-control
no-cache
server
nginx/1.23.3
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=77836631-CA60-4F89-82D5-5254B3A0E098&id=AU1D-0100-001680470404-0CJ8A44E-MX8X
date
Sun, 02 Apr 2023 21:20:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rub_match
ids.ad.gt/api/v1/ Frame 593F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001680470404-0CJ8A44E-MX8X&gdpr=0
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001680470404-0CJ8A44E-MX8X&rub=LFZWOT3X-20-BEUI&gdpr=0
43 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001680470404-0CJ8A44E-MX8X&rub=LFZWOT3X-20-BEUI&gdpr=0
Protocol
H2
Server
44.238.78.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-78-48.us-west-2.compute.amazonaws.com
Software
nginx/1.23.3 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
cache-control
no-cache
server
nginx/1.23.3
content-length
43
content-type
image/gif

Redirect headers

Location
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001680470404-0CJ8A44E-MX8X&rub=LFZWOT3X-20-BEUI&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tapad_match
ids.ad.gt/api/v1/ Frame 593F
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001680470404-0CJ8A44E-MX8X&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001680470404...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001680470404-0CJ8A44E-MX8X&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001680...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ab664ae0-ff15-4fcd-88be-b0364d0d2ade%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=89f4937e-9350-458d-a1b8-16e98ea47418&ttd_puid=ab664ae0-ff15-4fcd-88be-b0364d0d2ade%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001680470404-0CJ8A44E-MX8X&tapad_id=ab664ae0-ff15-4fcd-88be-b0364d0d2ade
43 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001680470404-0CJ8A44E-MX8X&tapad_id=ab664ae0-ff15-4fcd-88be-b0364d0d2ade
Protocol
H2
Server
44.238.78.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-78-48.us-west-2.compute.amazonaws.com
Software
nginx/1.23.3 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
cache-control
no-cache
server
nginx/1.23.3
content-length
43
content-type
image/gif

Redirect headers

date
Sun, 02 Apr 2023 21:20:04 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001680470404-0CJ8A44E-MX8X&tapad_id=ab664ae0-ff15-4fcd-88be-b0364d0d2ade
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/ Frame 593F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001680470404-0CJ8A44E-MX8X
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001680470404-0CJ8A44E-MX8X&google_gid=CAESEHgDuDlsBZoZtYa8CZMByfY&google_cver=1&google_ula=450542624,0
43 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001680470404-0CJ8A44E-MX8X&google_gid=CAESEHgDuDlsBZoZtYa8CZMByfY&google_cver=1&google_ula=450542624,0
Protocol
H2
Server
44.238.78.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-78-48.us-west-2.compute.amazonaws.com
Software
nginx/1.23.3 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
cache-control
no-cache
server
nginx/1.23.3
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001680470404-0CJ8A44E-MX8X&google_gid=CAESEHgDuDlsBZoZtYa8CZMByfY&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 593F
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001680470404-0CJ8A44E-MX8X
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY4MDQ3MDQwNC0wQ0o4QTQ0RS1NWDhY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY4MDQ3MDQwNC0wQ0o4QTQ0RS1NWDhY
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY4MDQ3MDQwNC0wQ0o4QTQ0RS1NWDhY
date
Sun, 02 Apr 2023 21:20:04 GMT
server
nginx/1.23.3
content-length
453
content-type
text/html; charset=utf-8
taboola
ids.ad.gt/api/v1/ Frame 593F
Redirect Chain
  • https://trc.taboola.com/sg/audigent/1/cm?redirect=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftaboola%3Fpartner_uid%3D%3CTUID%3E%3Fid%3DAU1D-0100-001680470404-0CJ8A44E-MX8X
  • https://ids.ad.gt/api/v1/taboola?partner_uid=11c288fe-4ec6-4f0f-9368-2190ffd815c0-tuctb237702?id=AU1D-0100-001680470404-0CJ8A44E-MX8X
43 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/taboola?partner_uid=11c288fe-4ec6-4f0f-9368-2190ffd815c0-tuctb237702?id=AU1D-0100-001680470404-0CJ8A44E-MX8X
Protocol
H2
Server
44.238.78.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-78-48.us-west-2.compute.amazonaws.com
Software
nginx/1.23.3 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
cache-control
no-cache
server
nginx/1.23.3
content-length
43
content-type
image/gif

Redirect headers

x-vcl-time-ms
10
date
Sun, 02 Apr 2023 21:20:04 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1680470404.289772,VS0,VE10
x-cache
MISS
location
https://ids.ad.gt/api/v1/taboola?partner_uid=11c288fe-4ec6-4f0f-9368-2190ffd815c0-tuctb237702?id=AU1D-0100-001680470404-0CJ8A44E-MX8X
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12826-YUL
ip_match
ids.ad.gt/api/v1/ Frame 593F 		0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001680470404-0CJ8A44E-MX8X
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.78.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-78-48.us-west-2.compute.amazonaws.com
Software
nginx/1.23.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
server
nginx/1.23.3
content-length
0
content-type
text/html; charset=utf-8
unruly
ids.ad.gt/api/v1/ Frame 593F
Redirect Chain
  • https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001680470404-0CJ8A44E-MX8X%26unruly_id%3D%5BRX_UUID%5D
  • https://sync.targeting.unrulymedia.com/csync/RX-8b8d7037-a50f-4704-8a06-111aa15a5124-005?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001680470404-0CJ8A44E-MX8X%26unruly_id%3D...
  • https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001680470404-0CJ8A44E-MX8X&unruly_id=RX-8b8d7037-a50f-4704-8a06-111aa15a5124-005
43 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001680470404-0CJ8A44E-MX8X&unruly_id=RX-8b8d7037-a50f-4704-8a06-111aa15a5124-005
Protocol
H2
Server
44.238.78.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-78-48.us-west-2.compute.amazonaws.com
Software
nginx/1.23.3 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
cache-control
no-cache
server
nginx/1.23.3
content-length
43
content-type
image/gif

Redirect headers

Date
Sun, 02 Apr 2023 21:20:04 GMT
Server
Tengine
ETag
RX8b8d7037a50f47048a06111aa15a5124005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001680470404-0CJ8A44E-MX8X&unruly_id=RX-8b8d7037-a50f-4704-8a06-111aa15a5124-005
Content-Type
text/html
Connection
keep-alive
ecm3
s.amazon-adsystem.com/ Frame FF36 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=GalgbPZHdFcfpUZERZ2npyNA&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SF4TR72ZF9BDKWGF0CCY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame FF36
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=4f050b32-8667-49fe-a556-ce0fc6bbe0af
43 B
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=4f050b32-8667-49fe-a556-ce0fc6bbe0af
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=4f050b32-8667-49fe-a556-ce0fc6bbe0af
date
Sun, 02 Apr 2023 21:20:04 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame FF36
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_user_id=80ca4228-81a4-4e25-8249-c1cf0b627468
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_user_id=80ca4228-81a4-4e25-8249-c1cf0b627468
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=4f050b32-8667-49fe-a556-ce0fc6bbe0af&ssp=fmx
  • https://ce.lijit.com/merge?pid=26&3pid=80ca4228-81a4-4e25-8249-c1cf0b627468&gdpr=&gdpr_consent=
43 B
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=80ca4228-81a4-4e25-8249-c1cf0b627468&gdpr=&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=80ca4228-81a4-4e25-8249-c1cf0b627468&gdpr=&gdpr_consent=
Date
Sun, 02 Apr 2023 21:20:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame FF36
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=4906628487835955293&gdpr=0&gdpr_consent=
43 B
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=4906628487835955293&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Sun, 02 Apr 2023 21:20:04 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
82e6b535-9501-4b31-b109-9ed580d4ba8e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=92&3pid=4906628487835955293&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame FF36
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=CfHEaFn0zmUS8JMzXvHbYl2nkmIS8MNnBvGE30g5
43 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=CfHEaFn0zmUS8JMzXvHbYl2nkmIS8MNnBvGE30g5
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=CfHEaFn0zmUS8JMzXvHbYl2nkmIS8MNnBvGE30g5
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame FF36
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?pid=85&3pid=AABdqU7IU-MAACHm6G7N6w&gdpr=0
43 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AABdqU7IU-MAACHm6G7N6w&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AABdqU7IU-MAACHm6G7N6w&gdpr=0
Date
Sun, 02 Apr 2023 21:20:04 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame CBC4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqDk2gHtMNLXdyRN1_0zu7k3kQvkWKze1qLjK0MWfDHzHskc3vnkXOwYA5897NvjWhC4TXQ-AZd-3aVoElAkRTtgmXcHEMaMaqc-p7ImwsPGEVJ17U&sig=Cg0ArKJSzDB7CIxo2nJwEAE&id=lidar2&mcvt=1043&p=0,285,48,1315&mtos=1043,1043,1043,1043,1043&tos=1043,0,0,0,0&v=20230329&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=2328513852&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680470402466&rpt=719&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CB79 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsui8acXN7ooXKDZN6jbMCD6Iqiqaa87KGcLhfNuBD71yK6rtqjxbr8KG1w5TO3NU1aJ9kw1zAJYfj1MiMMQIK0w3jq1LGEBk8I_HAm9uPqFiKxymrvi&sig=Cg0ArKJSzK12GnzwS9BXEAE&id=lidar2&mcvt=1046&p=148,315,370.5,1285&mtos=1046,1046,1046,1046,1046&tos=1046,0,0,0,0&v=20230329&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=64932583&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680470402470&rpt=767&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0007_segment.ts
cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/ Frame CB79 		321 KB
322 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/0007_segment.ts?wid=0011r00002IkuLz_12078
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
ad0da9b0e442363a832544f9f593ab8660e4d8ee57095f2f89ce55f7fec21e98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:04 GMT
Last-Modified
Fri, 31 Mar 2023 16:09:12 GMT
Server
AmazonS3
x-amz-request-id
M2N7S33QB7FQVXN8
Age
53170
x-amz-server-side-encryption
AES256
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
Content-Length
329000
x-amz-id-2
cq7YPWg+TC1mehyAAwSdOuZOrDW7Uf/Y+B7JFxtMEC1EQYP8JEkyjM+bMuoPMF9SsTQhkb8Nr8A=
X-LLID
256cc9dfb50b131b96b029906b1f9f55
Expires
Mon, 03 Apr 2023 06:33:54 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 538E 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
action
trafficmanager.anyclip.com/trafficmanager/api/videos/video/ Frame CB79 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trafficmanager.anyclip.com/trafficmanager/api/videos/video/action
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.16.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-16-102.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
date
Sun, 02 Apr 2023 21:20:04 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
access-control-allow-methods
GET,POST
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&inx=0&rt=1765&val=&wnx=1&abc=&ty=cmp&v=1&ext=0&ta=1&lnx=0&us=&trid=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
action
trafficmanager.anyclip.com/trafficmanager/api/videos/video/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trafficmanager.anyclip.com/trafficmanager/api/videos/video/action
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.16.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-16-102.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ghosts-of-tabor.en.softonic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET,POST
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Sun, 02 Apr 2023 21:20:04 GMT
events
marketplace.anyclip.com/v1/ Frame FF34 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=i0TMNoABdw63yRGprZvT&dti=9FiCU34B5vSrw48_v08-&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&v=1&cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&abc=&dev=1&dom=ghosts-of-tabor.en.softonic.com&bw=chrome&os=windows&cpm=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.139.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-139-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
content-length
0
integrator.js
adservice.google.com/adsid/ Frame FF34 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ghosts-of-tabor.en.softonic.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&inx=0&rt=1773&val=&wnx=1&abc=&ty=alo&v=1&ext=0&ta=1&lnx=0&us=&trid=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a&anx=1&arx=1&crt=579&s=0&aty=vid&tty=ac&rol=mid&sti=i0TMNoABdw63yRGprZvT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023032901&jk=65553759746854&bg=!qaqlqv7NAAbEgrg45II7ADkAdvg8WuHcEhOQCGmjzPNlscoh2xKaM-naxCwFC2xXtqpvkh2GnHuCHwa8T7dbiOYzYjYgu9COAS4CAAAAxFIAAAADaAEHmQKrgbdXpdmfdX_H3n4lCaleYdnmHBOG9raulFsIYP5RP_T2P1HxAyHN_S3Tf8fwmktgc_OvBuMw2YVsAzN6t-wW8ueH19UB1wvycQpwJ1whaRFYPieLMvdl9z0O5U-tzieFczx-XbKXnrdDftyhAF45O3I10u8qAiHQ1AGqdIFuXPV4zB0OHL34yv-vbqFenvrQVzOTq6nZqcftZ--eYSjxm6Y0gM5B864j7v3VzsNEaXm36lXJapCExgeY_xYG6NdpRDNH5_geMXRbSrpexJy02kv1QYQVreu5-VW5cRO0MTJFL15P1Fdlroe8WVcFZjk2-Kmm_c7TBt8bRUMIa8RCMXeIJj0fiil7o7E8lz4KzMsE7koee6v6Fy6DTTf4GYmpWLMpJLUeQ2jpFy2kgaS7SgEiUv5GQ-HKl-xP53RgxnSYimjpXpvNJdftLTT_U_N55eXnnQ6DkRvuB6EHHUpGdhXuPPgJlMPlAKeU12uxupFIVA5uOUATwOCkCBirt0ntCBIUGGqXghYG-gmQnY-rPQrG20QkbllVD57a3RKN23iSkadl5FvJdqqL5NyjUQ6pu0jOlA7tAAFiRiomSYnh15x-Gvb6_b59DjIywjLlY4kZnku5TM9ZCwi7rccjlnbg3k-NNItY3PYSe6_LVQ_eAuSwqfKkRG0uoBZbtpw_5lAi5DdAYw1ZNH20SWK6F84Y5EDkeITWg4KyuwoPSzSuWwCx-TsonsSyfM0glOWOlUFD2knbqj5SNYv6zbPNuoGYyim1FGqvplnJncezkjm4JWWIOCN2w2rBjYhFnorRbojknVMXfdOdpeCTpAkgqnryY6Rf2CPSu1qIcrGPCTaChAmZCfk6-oVmLEkcTIM1JqHYrlH6nenLfq6XSR4NRW98G_tkw3RY7l7e8hA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&inx=0&rt=1787&val=&wnx=1&abc=&ty=xil&v=1&ext=0&ta=1&lnx=0&us=&trid=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
analytics.js
www.google-analytics.com/ Frame 593F 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/170
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 02 Apr 2023 20:05:12 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4492
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sun, 02 Apr 2023 22:05:12 GMT
collect
a.ad.gt/api/v1/ Frame 593F 		0
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/170
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
date
Sun, 02 Apr 2023 21:20:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7b1c1d1c5c7aa240-YYZ
vary
Origin
content-type
text/html; charset=utf-8
getpixels
pixels.ad.gt/api/v1/ Frame 593F 		0
52 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=20fe803606282dab73cd930ad9b68f4e&url=about%3Ablank&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/170
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.130.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-130-85.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:04 GMT
server
nginx/1.20.0
ads
pubads.g.doubleclick.net/gampad/ Frame 19C0 		156 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22647169314%2C22646128729%2FSMG_AnyClip%2Fpreroll%2Ffloor_6&description_url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&vpmute=0&vpa=auto&url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&correlator=1283143881365611&ord=413002464&cust_params=domainname%3Dghosts-of-tabor.en.softonic.com&gdpr_consent=_755&gdpr&sdkv=h.3.566.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=1010664126&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.566.2&sid=A803E89E-C160-4865-A0D8-83AFA17B88D7&a3p=EhsKDGlkNS1zeW5jLmNvbRjxzt2e9DBIAFICCGo.&nel=0&eid=44748969%2C44752711%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&top=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&loc=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&dlt=1680470403961&idt=464&dt=1680470404543&cookie=ID%3D31c1ed9b481661b1%3AT%3D1680470401%3AS%3DALNI_MbC43qokuQCmXeIMUIcx-IKjY-5ZQ&gpic=UID%3D00000a3b5bd77932%3AT%3D1680470401%3ART%3D1680470401%3AS%3DALNI_MamCYdR_bZBAhP6CSL4dIxCdJ5EmA&scor=1631402383449037&ged=ve4_td1_tt1_pd1_la1000_er148.315.148.315_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.566.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/ Frame 593F 		1 KB
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 20:25:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3255
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 02 Apr 2023 21:25:49 GMT
ec.js
www.google-analytics.com/plugins/ua/ Frame 593F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 20:22:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
3432
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 02 Apr 2023 21:22:52 GMT
0008_segment.ts
cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/ Frame CB79 		295 KB
296 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/0008_segment.ts?wid=0011r00002IkuLz_12078
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
726d28f94aeb14c9cab3e50ad5b2f06e35856c3cac9c27087ce670f431720cae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:05 GMT
Last-Modified
Fri, 31 Mar 2023 16:09:12 GMT
Server
AmazonS3
x-amz-request-id
EV2SXBGBSKMJ5JHD
Age
30839
x-amz-server-side-encryption
AES256
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
Content-Length
302116
x-amz-id-2
V1SK6fgnkLaruSf0UMBV8Op/5Gs6F5q5G7cl2fbJDWr4kH69C2mZ1VQjMjx23zTqr6D7tVemFNY=
X-LLID
31221621393a17e85b79a126adb98033
Expires
Mon, 03 Apr 2023 12:46:06 GMT
csi
csi.gstatic.com/ Frame 19C0 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lfzwouml&c=4009227809736&slotId=2004613904868&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.566.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4002:801::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
marketplace.anyclip.com/v1/ Frame FF34 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=i0TMNoABdw63yRGprZvT&dti=0b-EU34BGT3pD1fjcNSM&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&v=1&cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&abc=&dev=1&dom=ghosts-of-tabor.en.softonic.com&bw=chrome&os=windows&cpm=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.139.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-139-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:05 GMT
content-length
0
integrator.js
adservice.google.com/adsid/ Frame FF34 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ghosts-of-tabor.en.softonic.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 19C0 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22647169314%2C22646128729%2FSMG_AnyClip%2Fpreroll%2Ffloor_4&description_url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&vpmute=0&vpa=auto&url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&correlator=3519791100543779&ord=413002464&cust_params=domainname%3Dghosts-of-tabor.en.softonic.com&gdpr_consent=_755&gdpr&sdkv=h.3.566.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=1010664126&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.566.2&sid=A803E89E-C160-4865-A0D8-83AFA17B88D7&a3p=EhsKDGlkNS1zeW5jLmNvbRjxzt2e9DBIAFICCGo.&nel=0&eid=44748969%2C44752711%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&top=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&loc=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&dlt=1680470403961&idt=464&dt=1680470405077&cookie=ID%3D31c1ed9b481661b1%3AT%3D1680470401%3AS%3DALNI_MbC43qokuQCmXeIMUIcx-IKjY-5ZQ&gpic=UID%3D00000a3b5bd77932%3AT%3D1680470401%3ART%3D1680470401%3AS%3DALNI_MamCYdR_bZBAhP6CSL4dIxCdJ5EmA&scor=3020309780790579&ged=ve4_td1_tt1_pd1_la1000_er148.315.148.315_vi0.0.1200.1600_vp0_ts0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.566.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame DBAC 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12445409&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e7e5b9bf9025cb0a1f86c0109a812908b4b4af621118fa7763cf6f488144a103

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 02 Apr 2023 21:20:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dcm
s.amazon-adsystem.com/ Frame 4BC8 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=77836631-CA60-4F89-82D5-5254B3A0E098&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 02 Apr 2023 21:20:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
MH4JKMCYFF1Y36ENAZCN
Pug
image2.pubmatic.com/AdServer/ Frame F499
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCZHFVN0lVLU1BQUNIbTZHN042dw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABdqU7IU-MAACHm6G7N6w&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_cu...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABdqU7IU-MAACHm6G7N6w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5797391859246030884&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABdqU7IU-MAACHm6G7N6w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5797391859246030884%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5797391859246030884&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AABdqU7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABdqU7IU-MAACHm6G7N6w&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABdqU7IU-MAACHm6G7N6w&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 02 Apr 2023 21:20:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 02 Apr 2023 21:20:05 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABdqU7IU-MAACHm6G7N6w&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 2473
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:21bb6429-f182-4f00-8f77-a2ecdf1666f5&gdpr=0&gdpr_consent=
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:21bb6429-f182-4f00-8f77-a2ecdf1666f5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 02 Apr 2023 21:20:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 02 Apr 2023 21:20:05 GMT
Expires
Sun, 02 Apr 2023 21:20:04 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 711 dd187f8 master ord-pixel-x50 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:21bb6429-f182-4f00-8f77-a2ecdf1666f5&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame BF3A
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=232a7594-d19c-11ed-8de2-3a5ec51d8b40
42 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=232a7594-d19c-11ed-8de2-3a5ec51d8b40
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 02 Apr 2023 21:20:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Sun, 02 Apr 2023 21:20:05 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=232a7594-d19c-11ed-8de2-3a5ec51d8b40
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-7
Pug
simage2.pubmatic.com/AdServer/ Frame A683
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4906628487835955293&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4906628487835955293&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 02 Apr 2023 21:20:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
aa47336e-bc78-4829-94a0-3d92ad8cefdb
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 02 Apr 2023 21:20:05 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4906628487835955293&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
usersync
usersync.gumgum.com/ Frame FDC7 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=77836631-CA60-4F89-82D5-5254B3A0E098
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 02 Apr 2023 21:20:05 GMT
Expires
0
Pragma
no-cache
sd
us-u.openx.net/w/1.0/ Frame DBAC 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=77836631-CA60-4F89-82D5-5254B3A0E098&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame DBAC 		43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=77836631-CA60-4F89-82D5-5254B3A0E098&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.139.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-139-137.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:05 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame DBAC 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=77836631-CA60-4F89-82D5-5254B3A0E098&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.9.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-9-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 02 Apr 2023 21:20:04 GMT
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame DBAC 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=77836631-CA60-4F89-82D5-5254B3A0E098&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.72.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-72-158.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:05 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
235b4200-d19c-11ed-8427-026a8e083d29
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-03909923ed582752f
SPug
image4.pubmatic.com/AdServer/ Frame DBAC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=77836631-CA60-4F89-82D5-5254B3A0E098&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CsGFsBBE2uXu87R7X8crvkL8kr8sDRQ-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CsGFsBBE2uXu87R7X8crvkL8kr8sDRQ-~A&gdpr=0
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:06 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CsGFsBBE2uXu87R7X8crvkL8kr8sDRQ-~A&gdpr=0
date
Sun, 02 Apr 2023 21:20:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
77836631-CA60-4F89-82D5-5254B3A0E098
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame DBAC 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/77836631-CA60-4F89-82D5-5254B3A0E098?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:460b:2b68:c137:43d7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame DBAC
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=51747092-343d-4325-ae8f-da6bfe08675d&gdpr=0&gdpr_consent=
1 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=51747092-343d-4325-ae8f-da6bfe08675d&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 02 Apr 2023 21:20:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=51747092-343d-4325-ae8f-da6bfe08675d&gdpr=0&gdpr_consent=
Date
Sun, 02 Apr 2023 21:20:05 GMT
Connection
keep-alive
X-CI-RTID
77b8ff62-40a4-4e3d-92f0-4f01713b3af2
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame DBAC
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=77836631-CA60-4F89-82D5-5254B3A0E098&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6198b7c6fa16067b&is_secure=true&networkId=17100&version=1&nuid=77836631-CA60-4F89-82D5-5254B3A0E098&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAH6AF7uZ8bKANmysZiAAAAAAA&expiration=1680556805&nuid=77836631-CA60-4F89-82D5-5254B3A0E098&...
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAH6AF7uZ8bKANmysZiAAAAAAA&expiration=1680556805&nuid=77836631-CA60-4F89-82D5-5254B3A0E098&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 02 Apr 2023 21:20:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:05 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAH6AF7uZ8bKANmysZiAAAAAAA&expiration=1680556805&nuid=77836631-CA60-4F89-82D5-5254B3A0E098&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame DBAC 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.206.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-206-215.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:05 GMT
csi
csi.gstatic.com/ Frame 19C0 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lfzwov4x&c=4009227809736&slotId=2004613904868&ghmsh_eids=44748969%2C44752711%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.566.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4002:801::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
marketplace.anyclip.com/v1/ Frame FF34 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=i0TMNoABdw63yRGprZvT&dti=yzWxRoABnFDhb_jOsy6h&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&v=1&cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&abc=&dev=1&dom=ghosts-of-tabor.en.softonic.com&bw=chrome&os=windows&cpm=2.4467790126800537
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.139.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-139-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:05 GMT
content-length
0
integrator.js
adservice.google.com/adsid/ Frame FF34 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ghosts-of-tabor.en.softonic.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 19C0 		8 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F127641337%2C22646128729%2FAdPoddingSoftonic.com6407&description_url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&env=vp&tfcd=0&correlator=3917741771563254&gdfp_req=1&output=xml_vmap1&sz=640x480&unviewed_position_start=1&ad_rule=1&npa=0&gdpr_consent=_755&gdpr&cust_params=domainname%3Dghosts-of-tabor.en.softonic.com%26clipid%3Djf4uu4spjfruewlugyzuezdgnjqxirlf%26sid%3DPddYHHs0UvmrJAKanTwMbW07Z9l1nyBb%26tid%3D%24%5Btid%5D%26sti%3Di0TMNoABdw63yRGprZvT%26dti%3DyzWxRoABnFDhb_jOsy6h%26viewability%3D1%26sspblockurl%3D&vpa=auto&vpmute=0&sdkv=h.3.566.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=1010664126&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.566.2&sid=A803E89E-C160-4865-A0D8-83AFA17B88D7&a3p=EhsKDGlkNS1zeW5jLmNvbRjxzt2e9DBIAFICCGo.&nel=0&eid=44748969%2C44752711%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&top=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&loc=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&dlt=1680470403961&idt=464&dt=1680470405425&cookie=ID%3D31c1ed9b481661b1%3AT%3D1680470401%3AS%3DALNI_MbC43qokuQCmXeIMUIcx-IKjY-5ZQ&gpic=UID%3D00000a3b5bd77932%3AT%3D1680470401%3ART%3D1680470401%3AS%3DALNI_MamCYdR_bZBAhP6CSL4dIxCdJ5EmA&scor=945235020207102&ged=ve4_td1_tt1_pd1_la1000_er148.315.148.315_vi0.0.1200.1600_vp0_ts0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.566.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84bd0fc845439923fd4ac59bbd46dc6d4000d4ebe117a0ce223cef1aed7a8ec6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1218
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 19C0 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F127641337%2FAdPoddingSoftonic.com6407&sz=640x480&ciu_szs&cust_params=domainname%3Dghosts-of-tabor.en.softonic.com%26clipid%3Djf4uu4spjfruewlugyzuezdgnjqxirlf%26sid%3DPddYHHs0UvmrJAKanTwMbW07Z9l1nyBb%26tid%3D%24%5Btid%5D%26sti%3Di0TMNoABdw63yRGprZvT%26dti%3DyzWxRoABnFDhb_jOsy6h%26viewability%3D1%26sspblockurl%3D&url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&bumper=before&min_ad_duration=0&max_ad_duration=10000&vrid=1163304&sb=1&sid=A803E89E-C160-4865-A0D8-83AFA17B88D7&adk=1010664126&correlator=3917741771563254&ctv=0&dlt=1680470403961&dt=1680470405532&gdpr&gdpr_consent=_755&ged=ve4_td2_tt2_pd2_la2000_er148.315.148.315_vi0.0.1200.1600_vp0_ts1_eb16619&idt=464&is_amp=0&loc=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&npa=false&omid_p=Google1%2Fh.3.566.2&osd=2&ptt=20&ref=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&scor=945235020207102&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44748969%2C44752711%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&hl=en&frm=0&sdki=445&sdkv=h.3.566.2&sdr=1&vpa=auto&vpmute=0&nel=0&cnc=22646128729&kfa=0&tfcd=0&a3p=EhsKDGlkNS1zeW5jLmNvbRjxzt2e9DBIAFICCGo.&cookie=ID%3D31c1ed9b481661b1%3AT%3D1680470401%3AS%3DALNI_MbC43qokuQCmXeIMUIcx-IKjY-5ZQ&gpic=UID%3D00000a3b5bd77932%3AT%3D1680470401%3ART%3D1680470401%3AS%3DALNI_MamCYdR_bZBAhP6CSL4dIxCdJ5EmA
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.566.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 19C0 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F127641337%2FAdPoddingSoftonic.com6407&sz=640x480&ciu_szs&cust_params=domainname%3Dghosts-of-tabor.en.softonic.com%26clipid%3Djf4uu4spjfruewlugyzuezdgnjqxirlf%26sid%3DPddYHHs0UvmrJAKanTwMbW07Z9l1nyBb%26tid%3D%24%5Btid%5D%26sti%3Di0TMNoABdw63yRGprZvT%26dti%3DyzWxRoABnFDhb_jOsy6h%26viewability%3D1%26sspblockurl%3D&url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&min_ad_duration=0&max_ad_duration=31000&vrid=1163304&sid=A803E89E-C160-4865-A0D8-83AFA17B88D7&adk=1010664126&correlator=3917741771563254&ctv=0&dlt=1680470403961&dt=1680470405627&gdpr&gdpr_consent=_755&ged=ve4_td2_tt2_pd2_la2000_er148.315.148.315_vi0.0.1200.1600_vp0_ts0_eb16619&idt=464&is_amp=0&loc=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&npa=false&omid_p=Google1%2Fh.3.566.2&osd=2&ptt=20&ref=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&scor=945235020207102&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44748969%2C44752711%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&hl=en&frm=0&sdki=445&sdkv=h.3.566.2&sdr=1&vpa=auto&vpmute=0&nel=0&cnc=22646128729&kfa=0&tfcd=0&a3p=EhsKDGlkNS1zeW5jLmNvbRjxzt2e9DBIAFICCGo.&cookie=ID%3D31c1ed9b481661b1%3AT%3D1680470401%3AS%3DALNI_MbC43qokuQCmXeIMUIcx-IKjY-5ZQ&gpic=UID%3D00000a3b5bd77932%3AT%3D1680470401%3ART%3D1680470401%3AS%3DALNI_MamCYdR_bZBAhP6CSL4dIxCdJ5EmA
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.566.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 19C0 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F127641337%2FAdPoddingSoftonic.com6407&sz=640x480&ciu_szs&cust_params=domainname%3Dghosts-of-tabor.en.softonic.com%26clipid%3Djf4uu4spjfruewlugyzuezdgnjqxirlf%26sid%3DPddYHHs0UvmrJAKanTwMbW07Z9l1nyBb%26tid%3D%24%5Btid%5D%26sti%3Di0TMNoABdw63yRGprZvT%26dti%3DyzWxRoABnFDhb_jOsy6h%26viewability%3D1%26sspblockurl%3D&url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=2&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1163304&sid=A803E89E-C160-4865-A0D8-83AFA17B88D7&adk=1010664126&correlator=3917741771563254&ctv=0&dlt=1680470403961&dt=1680470405988&gdpr&gdpr_consent=_755&ged=ve4_td2_tt2_pd2_la2000_er148.315.148.315_vi0.0.1200.1600_vp0_ts0_eb16619&idt=464&is_amp=0&loc=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&npa=false&omid_p=Google1%2Fh.3.566.2&osd=2&ptt=20&ref=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&scor=945235020207102&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44748969%2C44752711%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&hl=en&frm=0&sdki=445&sdkv=h.3.566.2&sdr=1&vpa=auto&vpmute=0&nel=0&cnc=22646128729&kfa=0&tfcd=0&a3p=EhsKDGlkNS1zeW5jLmNvbRjxzt2e9DBIAFICCGo.&cookie=ID%3D31c1ed9b481661b1%3AT%3D1680470401%3AS%3DALNI_MbC43qokuQCmXeIMUIcx-IKjY-5ZQ&gpic=UID%3D00000a3b5bd77932%3AT%3D1680470401%3ART%3D1680470401%3AS%3DALNI_MamCYdR_bZBAhP6CSL4dIxCdJ5EmA
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.566.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 19C0 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F127641337%2FAdPoddingSoftonic.com6407&sz=640x480&ciu_szs&cust_params=domainname%3Dghosts-of-tabor.en.softonic.com%26clipid%3Djf4uu4spjfruewlugyzuezdgnjqxirlf%26sid%3DPddYHHs0UvmrJAKanTwMbW07Z9l1nyBb%26tid%3D%24%5Btid%5D%26sti%3Di0TMNoABdw63yRGprZvT%26dti%3DyzWxRoABnFDhb_jOsy6h%26viewability%3D1%26sspblockurl%3D&url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&bumper=after&min_ad_duration=0&max_ad_duration=10000&vrid=1163304&sb=1&sid=A803E89E-C160-4865-A0D8-83AFA17B88D7&adk=1010664126&correlator=3917741771563254&ctv=0&dlt=1680470403961&dt=1680470406072&gdpr&gdpr_consent=_755&ged=ve4_td2_tt2_pd2_la2000_er148.315.148.315_vi0.0.1200.1600_vp0_ts0_eb16619&idt=464&is_amp=0&loc=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&npa=false&omid_p=Google1%2Fh.3.566.2&osd=2&ptt=20&ref=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&scor=945235020207102&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44748969%2C44752711%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&hl=en&frm=0&sdki=445&sdkv=h.3.566.2&sdr=1&vpa=auto&vpmute=0&nel=0&cnc=22646128729&kfa=0&tfcd=0&a3p=EhsKDGlkNS1zeW5jLmNvbRjxzt2e9DBIAFICCGo.&cookie=ID%3D31c1ed9b481661b1%3AT%3D1680470401%3AS%3DALNI_MbC43qokuQCmXeIMUIcx-IKjY-5ZQ&gpic=UID%3D00000a3b5bd77932%3AT%3D1680470401%3ART%3D1680470401%3AS%3DALNI_MamCYdR_bZBAhP6CSL4dIxCdJ5EmA
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.566.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
marketplace.anyclip.com/v1/ Frame FF34 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=i0TMNoABdw63yRGprZvT&dti=ul571X8B5vSrw48_1wF3&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&v=1&cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&abc=&dev=1&dom=ghosts-of-tabor.en.softonic.com&bw=chrome&os=windows&cpm=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.139.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-139-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:06 GMT
content-length
0
integrator.js
adservice.google.com/adsid/ Frame FF34 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ghosts-of-tabor.en.softonic.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 19C0 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C22647169314%2C22646128729%2Fapl%2Fac1984%2Fvast2target&description_url=http%3A%2F%2Fsoftonic.com&tfcd=0&npa=0&sz=400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=958452939094777&vpa=auto&vpmute=0&sdkv=h.3.566.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=1010664126&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.566.2&sid=A803E89E-C160-4865-A0D8-83AFA17B88D7&a3p=EhsKDGlkNS1zeW5jLmNvbRjxzt2e9DBIAFICCGo.&nel=0&eid=44748969%2C44752711%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&top=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&loc=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&dlt=1680470403961&idt=464&dt=1680470406173&cookie=ID%3D31c1ed9b481661b1%3AT%3D1680470401%3AS%3DALNI_MbC43qokuQCmXeIMUIcx-IKjY-5ZQ&gpic=UID%3D00000a3b5bd77932%3AT%3D1680470401%3ART%3D1680470401%3AS%3DALNI_MamCYdR_bZBAhP6CSL4dIxCdJ5EmA&scor=4241595848688740&ged=ve4_td2_tt2_pd2_la2000_er148.315.148.315_vi0.0.1200.1600_vp0_ts0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.566.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
marketplace.anyclip.com/v1/ Frame FF34 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=i0TMNoABdw63yRGprZvT&dti=cCmFVIYBoXv1W8tU9LJq&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&v=1&cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&abc=&dev=1&dom=ghosts-of-tabor.en.softonic.com&bw=chrome&os=windows&cpm=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.139.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-139-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:06 GMT
content-length
0
integrator.js
adservice.google.com/adsid/ Frame FF34 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ghosts-of-tabor.en.softonic.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 19C0 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F136431902%2C22647169314%2C22646128729%2Fapl%2Fac1984%2Fvast2&description_url=http%3A%2F%2Fsoftonic.com&tfcd=0&npa=0&sz=400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3469393768744073&vpa=auto&vpmute=0&sdkv=h.3.566.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=1010664126&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.566.2&sid=A803E89E-C160-4865-A0D8-83AFA17B88D7&a3p=EhsKDGlkNS1zeW5jLmNvbRjxzt2e9DBIAFICCGo.&nel=0&eid=44748969%2C44752711%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&top=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&loc=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&dlt=1680470403961&idt=464&dt=1680470406541&cookie=ID%3D31c1ed9b481661b1%3AT%3D1680470401%3AS%3DALNI_MbC43qokuQCmXeIMUIcx-IKjY-5ZQ&gpic=UID%3D00000a3b5bd77932%3AT%3D1680470401%3ART%3D1680470401%3AS%3DALNI_MamCYdR_bZBAhP6CSL4dIxCdJ5EmA&scor=3361771341681638&ged=ve4_td3_tt3_pd3_la3000_er148.315.148.315_vi0.0.1200.1600_vp0_ts1_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.566.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-R5K71YRXMV&gtm=45je33t0&_p=1562007908&cid=715226332.1680470402&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1680470401&sct=1&seg=0&dl=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&dt=Download%20Ghosts%20of%20Tabor%20-%20latest%20version&en=product_recommendation_popup&ep.page_type=download%20page&ep.product_recommendation_name=3&ep.product_recommendation_interaction=Request&_et=16
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R5K71YRXMV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid.js
player.anyclip.com/lreprx/js/v1/src/ Frame FF34 		531 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.anyclip.com/lreprx/js/v1/src/prebid.js
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fmarketplace.anyclip.com%2Fv1%2Fwaterfall%3Fsti%3Di0TMNoABdw63yRGprZvT%26w%3D970%26h%3D249%26v%3D1%26cb%3D413002464%26pid%3Dsoftoniccom%26sid%3DPddYHHs0UvmrJAKanTwMbW07Z9l1nyBb%26cid%3Djf4uu4spjfruewlugyzuezdgnjqxirlf%26wid%3D0011r00002IkuLz_12078%26dom%3Dghosts-of-tabor.en.softonic.com%26abc%3D%26geo%3DCA%26dev%3D1%26bw%3Dchrome%26os%3Dwindows%26ip%3D149.56.153.178%26url%3Dhttps%253A%252F%252Fghosts-of-tabor.en.softonic.com%26gdpr%3D%26consent%3D%26schain%3D1.0%2C1!anyclip.com%2C0011r00002IkuLzAAJ%2C1%2C%2C%2C%26us_privacy%3D%26utm%3D%26pl%3Da%26ima%3D4%26clipPlayCounter%3D1%26tid%3D%24%5Btid%5D%26amznbid%3D%26amzniid%3D%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F111.0.5563.146%2520Safari%252F537.36%26domain%3Dghosts-of-tabor.en.softonic.com%26page%3D%24%5Bpage%5D%26itemid%3D%24%5Bitemid%5D%26zone%3D%24%5Bzone%5D%26permutive%3D%24%5Bpermutive%5D%26key_custom3%3D%255E0%253D%252F5302%252Fdesktop%252Fdesktop-Web-en%252FApps%252FDownload%252FATF_Lea%255E1%253Dderboard_First%26gpt%3D%24%5Bgpt%5D&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&imaw=0&wf=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
b9b2d256e2d0cb3921fe5c136646dfee2ee7dacf5566554ba08bbcc2e5f9fbf5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
NzRTAgHqRsj.dkvQuCOmpsilgjDIQRba
Content-Encoding
gzip
Date
Sun, 02 Apr 2023 21:20:06 GMT
x-amz-request-id
SEFFXMCJ3D5FDB74
Age
31576
x-amz-server-side-encryption
AES256
Content-Length
168039
x-amz-id-2
WksHFAO+S8RarZ2QvoTf37BzJImVK/btD0eDX3VSwh0OF6H5dZNxfoZnJ+hvxy7AlQkr8AHhiFH6BpZ2XZZxrIZpAK7MuBIewxoZcdN6KoU=
Last-Modified
Thu, 30 Mar 2023 12:29:13 GMT
Server
AmazonS3
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=60
Accept-Ranges
bytes
X-LLID
a9d72261fcce1f75d007d1969b08c3c2
Expires
Sun, 02 Apr 2023 12:34:50 GMT
tag
oryj8-4pmb8.ads.tremorhub.com/ad/ Frame FF34 		55 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oryj8-4pmb8.ads.tremorhub.com/ad/tag?adCode=oryj8-86orj&playerWidth=970&playerHeight=249&srcPageUrl=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&supplyCode=oryj8-4pmb8&floor=USD:1.5&schain=1.0,1!anyclip.com,0011r00002IkuLzAAJ,1,,,&transactionId=08d08ff1-9666-43b2-828f-b3e326d36119&referrer=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&hb=1&fmt=json
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:439e:5582:9089:1d9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
3e1c702ca6b594e2fbb920772feed90a1058c1f24f38cf4e298cd61c1fd523fd

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:07 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
prebid
ib.adnxs.com/ut/v3/ Frame FF34 		19 B
998 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:06 GMT
AN-X-Request-Uuid
687f5495-e8bb-4a83-b3c6-136614d4d110
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ghosts-of-tabor.en.softonic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
events
marketplace.anyclip.com/v1/ Frame FF34 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=i0TMNoABdw63yRGprZvT&dti=ARnWUIMBhRNLCGGWv2IP&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&v=1&cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&abc=&dev=1&dom=ghosts-of-tabor.en.softonic.com&bw=chrome&os=windows&floor=1.5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.139.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-139-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:06 GMT
content-length
0
events
marketplace.anyclip.com/v1/ Frame FF34 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=i0TMNoABdw63yRGprZvT&dti=jNbdRoABdAdaDOL-pRkQ&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&v=1&cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&abc=&dev=1&dom=ghosts-of-tabor.en.softonic.com&bw=chrome&os=windows&floor=1.5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.139.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-139-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:06 GMT
content-length
0
pbjs
htlb.casalemedia.com/openrtb/ Frame FF34 		36 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=677622&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2253d84764b402da%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3%22%2C%22page%22%3A%22https%3A%2F%2Fghosts-of-tabor.en.softonic.com%22%2C%22domain%22%3A%22ghosts-of-tabor.en.softonic.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22softonic.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.9.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22i0SaN4ABdw63yRGpIJ2y%22%2C%22adunitcode%22%3A%22i0SaN4ABdw63yRGpIJ2y%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226d754b6b764414%22%2C%22ext%22%3A%7B%22siteID%22%3A%22677622%22%2C%22tid%22%3A%22f09661c6-aa6b-438b-98dd-e9ae47a07cb7%22%2C%22sid%22%3A%22970x249%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22minduration%22%3A0%2C%22maxduration%22%3A200%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%5D%2C%22api%22%3A%5B2%5D%2C%22startdelay%22%3A0%2C%22playbackmethod%22%3A%5B3%5D%2C%22protocols%22%3A%5B2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22placement%22%3A1%2C%22playerSize%22%3A%5B%5B970%2C249%5D%5D%2C%22w%22%3A970%2C%22h%22%3A249%7D%2C%22bidfloor%22%3A1.5%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22anyclip.com%22%2C%22sid%22%3A%220011r00002IkuLzAAJ%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Np7N4kxmibRoRsUhcfZ0d%2BewTAvM6MFnOFw5ZFDi76nY8mksYARNgcAnhfX7numxniGMdvFETC5CqT7yPjhx%2FIsD8CU%2F7YW2%2FQE%2Bv1mBRwLBwfUmjTXguE6mXWU4i80dW63p0%2Fui"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7b1c1d2c9abb53ef-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
events
marketplace.anyclip.com/v1/ Frame FF34 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=i0TMNoABdw63yRGprZvT&dti=i0SaN4ABdw63yRGpIJ2y&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&v=1&cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&abc=&dev=1&dom=ghosts-of-tabor.en.softonic.com&bw=chrome&os=windows&floor=1.5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.139.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-139-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:07 GMT
content-length
0
0009_segment.ts
cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/ Frame CB79 		175 KB
176 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/0009_segment.ts?wid=0011r00002IkuLz_12078
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
ec1e6f99eaec8599b28238a7d0faf406d9d527a02ad28d8c86ed567ebd1a3082

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:07 GMT
Last-Modified
Fri, 31 Mar 2023 16:09:12 GMT
Server
AmazonS3
x-amz-request-id
6F8021K9QPPMGG58
Age
47692
x-amz-server-side-encryption
AES256
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
Content-Length
179352
x-amz-id-2
Hzy8ifJCYdJU3WBKybqOOTd9HRV8oKfe6ua1Al1kl5MQFH+Vl+FiZeUkHsn3tSwVNVK9uYhrCPZBiMSFkVGMtA==
X-LLID
48aa685c51939a5abfac68a58e0ab9d8
Expires
Mon, 03 Apr 2023 08:05:15 GMT
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&inx=0&rt=4493&val=END_OF_CYCLE&wnx=1&abc=&ty=aer&v=1&ext=0&ta=1&lnx=0&us=&trid=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a&anx=1&arx=1&crt=3300&s=0&aty=vid&tty=ac&rol=mid&sti=i0TMNoABdw63yRGprZvT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:07 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
SPug
simage4.pubmatic.com/AdServer/ Frame DBAC 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bid
aax.amazon-adsystem.com/e/dtb/ Frame 593F 		103 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&pid=XpD7aYgm8zRHt&cb=1&ws=0x8&v=23.320.1710&t=2000&slots=%5B%7B%22id%22%3A%22AC_Sites%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22970x249%22%5D%7D%5D&pubid=171208af-037d-48f1-af92-1c24c2ee644a&gdprl=%7B%22status%22%3A%22tcfv2-error%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*dQizkrBwMnd20W48Y1B74N-IuuCjUS4GmA7SgF0gLqdBzyOHEl_G5k44PcysBTQlQdBMJsamV9qQzZ5F5bXaqw%22%2C%22pubcommon%22%3A%22bf480c6f-55ff-4f6a-9f53-00ed7f3bc786%22%2C%22audigent%22%3A%22060kil9lc7igeche97hbf97dd6kdhi7gec9yu060i2uqmism62sgo62kk0yksu2qm%22%2C%22lotame%22%3A%22205f3c52b8404ff0cf34c4134be416d5393878fbcc762422d81120485df8480e%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.94.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-94-225.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
c2b14b587d647eb2f07ac2dad2b5a7644d40c4be07af8e630c7b12c0f02168ed
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:07 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 58a45bf3f07dfdca95ebcb7935e84994.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
6KF9XKN4AX6ZS712MHCK
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
103
x-amz-cf-id
jZRgs_bAEukGjp5zFxJIvJqQAMOxiN3AVbMfXQ16gG32-buL5Dbs1g==
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&inx=0&rt=4816&val=ad%3Dhttps%253A%252F%252Fmarketplace.anyclip.com%252Fv1%252Fwaterfall%253Fsti%253Di0TMNoABdw63yRGprZvT%2526w%253D970%2526h%253D249%2526v%253D1%2526cb%253D587012238%2526pid%253Dsoftoniccom%2526sid%253DPddYHHs0UvmrJAKanTwMbW07Z9l1nyBb%2526cid%253Djf4uu4spjfruewlugyzuezdgnjqxirlf%2526wid%253D0011r00002IkuLz_12078%2526dom%253Dghosts-of-tabor.en.softonic.com%2526abc%253D%2526geo%253DCA%2526dev%253D1%2526bw%253Dchrome%2526os%253Dwindows%2526ip%253D149.56.153.178%2526url%253Dhttps%25253A%25252F%25252Fghosts-of-tabor.en.softonic.com%2526gdpr%253D%2526consent%253D%2526schain%253D1.0%252C1%2521anyclip.com%252C0011r00002IkuLzAAJ%252C1%252C%252C%252C%2526us_privacy%253D%2526utm%253D%2526pl%253Da%2526ima%253D4%2526clipPlayCounter%253D1%2526tid%253D%2524%255Btid%255D%2526amznbid%253D%2526amzniid%253D%2526ua%253DMozilla%25252F5.0%252520%2528Windows%252520NT%25252010.0%25253B%252520Win64%25253B%252520x64%2529%252520AppleWebKit%25252F537.36%252520%2528KHTML%25252C%252520like%252520Gecko%2529%252520Chrome%25252F111.0.5563.146%252520Safari%25252F537.36%2526domain%253Dghosts-of-tabor.en.softonic.com%2526page%253D%2524%255Bpage%255D%2526itemid%253D%2524%255Bitemid%255D%2526zone%253D%2524%255Bzone%255D%2526permutive%253D%2524%255Bpermutive%255D%2526key_custom3%253D%25255E0%25253D%25252F5302%25252Fdesktop%25252Fdesktop-Web-en%25252FApps%25252FDownload%25252FATF_Lea%25255E1%25253Dderboard_First%2526gpt%253D%2524%255Bgpt%255D%26mavs%3D0%26rqcm%3D1%26m%3D1%26ast%3D-1%26smb%3D1%26sid%3DPddYHHs0UvmrJAKanTwMbW07Z9l1nyBb%26imaw%3D0%26amd%3D1%26sf%3D0%26page_url%3Dhttps%253A%252F%252Fghosts-of-tabor.en.softonic.com%26wf%3D1%26af%3D1%26af_dp%3D0.1%26af_am%3Ddynamic%26af_mf%3D0.55%26pb_t%3D20000%26spb%3D0&wnx=1&abc=&ty=arq&v=1&ext=0&ta=1&lnx=0&us=&trid=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a&anx=2&arx=2&crt=3623&s=0&aty=vid&tty=ac&rol=mid&sti=i0TMNoABdw63yRGprZvT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:07 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
events
marketplace.anyclip.com/v1/ Frame CB79 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&inx=0&rt=4817&val=&wnx=1&abc=&ty=frq&v=1&ext=0&ta=1&lnx=0&us=&trid=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a&anx=2&arx=2&crt=3623&s=0&aty=vid&tty=ac&rol=mid&sti=i0TMNoABdw63yRGprZvT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.139.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-139-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:07 GMT
content-length
0
lreprx.js
player.anyclip.com/lreprx/js/v1/src/ Frame 7EB8 		195 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fmarketplace.anyclip.com%2Fv1%2Fwaterfall%3Fsti%3Di0TMNoABdw63yRGprZvT%26w%3D970%26h%3D249%26v%3D1%26cb%3D587012238%26pid%3Dsoftoniccom%26sid%3DPddYHHs0UvmrJAKanTwMbW07Z9l1nyBb%26cid%3Djf4uu4spjfruewlugyzuezdgnjqxirlf%26wid%3D0011r00002IkuLz_12078%26dom%3Dghosts-of-tabor.en.softonic.com%26abc%3D%26geo%3DCA%26dev%3D1%26bw%3Dchrome%26os%3Dwindows%26ip%3D149.56.153.178%26url%3Dhttps%253A%252F%252Fghosts-of-tabor.en.softonic.com%26gdpr%3D%26consent%3D%26schain%3D1.0%2C1!anyclip.com%2C0011r00002IkuLzAAJ%2C1%2C%2C%2C%26us_privacy%3D%26utm%3D%26pl%3Da%26ima%3D4%26clipPlayCounter%3D1%26tid%3D%24%5Btid%5D%26amznbid%3D%26amzniid%3D%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F111.0.5563.146%2520Safari%252F537.36%26domain%3Dghosts-of-tabor.en.softonic.com%26page%3D%24%5Bpage%5D%26itemid%3D%24%5Bitemid%5D%26zone%3D%24%5Bzone%5D%26permutive%3D%24%5Bpermutive%5D%26key_custom3%3D%255E0%253D%252F5302%252Fdesktop%252Fdesktop-Web-en%252FApps%252FDownload%252FATF_Lea%255E1%253Dderboard_First%26gpt%3D%24%5Bgpt%5D&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&imaw=0&wf=1
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
cbf4f0344c175cbd5e1dfc22ee610e5719107a9d6f48f022858db6ff8deab981

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
3Bh5sFQ28TXjFTPnAjoQBP1CKZ1Q4rUE
Content-Encoding
gzip
Date
Sun, 02 Apr 2023 21:20:07 GMT
x-amz-request-id
SEF2HWM7FWXRC1E2
Age
31576
x-amz-server-side-encryption
AES256
Content-Length
45111
x-amz-id-2
R59acJLrYvDfd/0hgiZCYzQxakxc+XCFFQA9UzoWgJ8ZNF4FbJruTsXv7hj/sowb2TA00JiMUdA=
Last-Modified
Thu, 30 Mar 2023 12:29:13 GMT
Server
AmazonS3
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=60
Accept-Ranges
bytes
X-LLID
b1482a6aeb855d630b157a2d770f1631
Expires
Sun, 02 Apr 2023 12:34:51 GMT
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&inx=0&rt=4880&val=1.1.41_265_prod&wnx=1&abc=&ty=xlo&v=1&ext=0&ta=1&lnx=0&us=&trid=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a&sti=i0TMNoABdw63yRGprZvT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:07 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 7EB8 		361 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fmarketplace.anyclip.com%2Fv1%2Fwaterfall%3Fsti%3Di0TMNoABdw63yRGprZvT%26w%3D970%26h%3D249%26v%3D1%26cb%3D587012238%26pid%3Dsoftoniccom%26sid%3DPddYHHs0UvmrJAKanTwMbW07Z9l1nyBb%26cid%3Djf4uu4spjfruewlugyzuezdgnjqxirlf%26wid%3D0011r00002IkuLz_12078%26dom%3Dghosts-of-tabor.en.softonic.com%26abc%3D%26geo%3DCA%26dev%3D1%26bw%3Dchrome%26os%3Dwindows%26ip%3D149.56.153.178%26url%3Dhttps%253A%252F%252Fghosts-of-tabor.en.softonic.com%26gdpr%3D%26consent%3D%26schain%3D1.0%2C1!anyclip.com%2C0011r00002IkuLzAAJ%2C1%2C%2C%2C%26us_privacy%3D%26utm%3D%26pl%3Da%26ima%3D4%26clipPlayCounter%3D1%26tid%3D%24%5Btid%5D%26amznbid%3D%26amzniid%3D%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F111.0.5563.146%2520Safari%252F537.36%26domain%3Dghosts-of-tabor.en.softonic.com%26page%3D%24%5Bpage%5D%26itemid%3D%24%5Bitemid%5D%26zone%3D%24%5Bzone%5D%26permutive%3D%24%5Bpermutive%5D%26key_custom3%3D%255E0%253D%252F5302%252Fdesktop%252Fdesktop-Web-en%252FApps%252FDownload%252FATF_Lea%255E1%253Dderboard_First%26gpt%3D%24%5Bgpt%5D&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&imaw=0&wf=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3dd3f9f6c6fb24816e23864a76aa3e52103730816a536e8fae82e264196a2f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123698
x-xss-protection
0
expires
Sun, 02 Apr 2023 21:20:07 GMT
waterfall
marketplace.anyclip.com/v1/ Frame 7EB8 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://marketplace.anyclip.com/v1/waterfall?sti=i0TMNoABdw63yRGprZvT&w=970&h=249&v=1&cb=587012238&pid=softoniccom&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&wid=0011r00002IkuLz_12078&dom=ghosts-of-tabor.en.softonic.com&abc=&geo=CA&dev=1&bw=chrome&os=windows&ip=149.56.153.178&url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&amznbid=&amzniid=
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fmarketplace.anyclip.com%2Fv1%2Fwaterfall%3Fsti%3Di0TMNoABdw63yRGprZvT%26w%3D970%26h%3D249%26v%3D1%26cb%3D587012238%26pid%3Dsoftoniccom%26sid%3DPddYHHs0UvmrJAKanTwMbW07Z9l1nyBb%26cid%3Djf4uu4spjfruewlugyzuezdgnjqxirlf%26wid%3D0011r00002IkuLz_12078%26dom%3Dghosts-of-tabor.en.softonic.com%26abc%3D%26geo%3DCA%26dev%3D1%26bw%3Dchrome%26os%3Dwindows%26ip%3D149.56.153.178%26url%3Dhttps%253A%252F%252Fghosts-of-tabor.en.softonic.com%26gdpr%3D%26consent%3D%26schain%3D1.0%2C1!anyclip.com%2C0011r00002IkuLzAAJ%2C1%2C%2C%2C%26us_privacy%3D%26utm%3D%26pl%3Da%26ima%3D4%26clipPlayCounter%3D1%26tid%3D%24%5Btid%5D%26amznbid%3D%26amzniid%3D%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F111.0.5563.146%2520Safari%252F537.36%26domain%3Dghosts-of-tabor.en.softonic.com%26page%3D%24%5Bpage%5D%26itemid%3D%24%5Bitemid%5D%26zone%3D%24%5Bzone%5D%26permutive%3D%24%5Bpermutive%5D%26key_custom3%3D%255E0%253D%252F5302%252Fdesktop%252Fdesktop-Web-en%252FApps%252FDownload%252FATF_Lea%255E1%253Dderboard_First%26gpt%3D%24%5Bgpt%5D&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&imaw=0&wf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.139.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-139-35.compute-1.amazonaws.com
Software
/
Resource Hash
6fe7a3bdd22e81fa4d9435461d0a97786d86cfd168396d36091da3219abb7ffc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
date
Sun, 02 Apr 2023 21:20:07 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
957
access-control-allow-methods
GET
content-type
application/json
rtimp
g.bidbrain.app/ Frame C8E8 		0
18 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp?sid=212ea882-d19c-11ed-aa31-16a81374bf49&d=ghosts-of-tabor.en.softonic.com&cr=ext_gen2_v10_start_sec5&gid=CAESEElzpDjK8ZqqKjDHDCuCbaU&a=vw&p=ZCnxgQAMXKoIaAuVAA_yDpPRhM1zu0b53TdRSA&r=1688661423&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by
Host: 9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:07 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
bridge3.566.2_en.html
imasdk.googleapis.com/js/core/ Frame FABF 		711 KB
226 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.566.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a139618572b9c9b5e7e0d75d62f81c0d6aa6202f72db242ed62b860e805027db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
519672
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231184
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 27 Mar 2023 20:58:55 GMT
expires
Tue, 26 Mar 2024 20:58:55 GMT
last-modified
Mon, 27 Mar 2023 20:51:45 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 7EB8 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 02 Apr 2023 21:20:07 GMT
events
marketplace.anyclip.com/v1/ Frame 7EB8 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=i0TMNoABdw63yRGprZvT&dti=9FiCU34B5vSrw48_v08-&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&v=1&cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&abc=&dev=1&dom=ghosts-of-tabor.en.softonic.com&bw=chrome&os=windows&cpm=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.139.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-139-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:07 GMT
content-length
0
integrator.js
adservice.google.com/adsid/ Frame 7EB8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ghosts-of-tabor.en.softonic.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&inx=0&rt=5010&val=&wnx=1&abc=&ty=alo&v=1&ext=0&ta=1&lnx=0&us=&trid=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a&anx=2&arx=2&crt=3816&s=0&aty=vid&tty=ac&rol=mid&sti=i0TMNoABdw63yRGprZvT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:07 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&inx=0&rt=5022&val=&wnx=1&abc=&ty=xil&v=1&ext=0&ta=1&lnx=0&us=&trid=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:07 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
ads
pubads.g.doubleclick.net/gampad/ Frame FABF 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22647169314%2C22646128729%2FSMG_AnyClip%2Fpreroll%2Ffloor_6&description_url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&vpmute=0&vpa=auto&url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&correlator=1777792926171424&ord=587012238&cust_params=domainname%3Dghosts-of-tabor.en.softonic.com&gdpr_consent=_755&gdpr&sdkv=h.3.566.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=1010664126&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.566.2&sid=53F25E34-C10D-4352-99EE-AB4A5D3C632C&a3p=EhsKDGlkNS1zeW5jLmNvbRjxzt2e9DBIAFICCGo.&nel=0&eid=44748969%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&top=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&loc=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&dlt=1680470407516&idt=337&dt=1680470407894&cookie=ID%3D31c1ed9b481661b1%3AT%3D1680470401%3AS%3DALNI_MbC43qokuQCmXeIMUIcx-IKjY-5ZQ&gpic=UID%3D00000a3b5bd77932%3AT%3D1680470401%3ART%3D1680470401%3AS%3DALNI_MamCYdR_bZBAhP6CSL4dIxCdJ5EmA&scor=1954104807748481&ged=ve4_td0_tt0_pd0_la0_er148.315.148.315_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.566.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame FABF 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lfzwoxam&c=4009227809736&slotId=2004613904868&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.566.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4002:801::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:08 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
marketplace.anyclip.com/v1/ Frame 7EB8 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=i0TMNoABdw63yRGprZvT&dti=0b-EU34BGT3pD1fjcNSM&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&v=1&cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&abc=&dev=1&dom=ghosts-of-tabor.en.softonic.com&bw=chrome&os=windows&cpm=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.139.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-139-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:08 GMT
content-length
0
integrator.js
adservice.google.com/adsid/ Frame 7EB8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ghosts-of-tabor.en.softonic.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame FABF 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22647169314%2C22646128729%2FSMG_AnyClip%2Fpreroll%2Ffloor_4&description_url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&vpmute=0&vpa=auto&url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&correlator=191321415488893&ord=587012238&cust_params=domainname%3Dghosts-of-tabor.en.softonic.com&gdpr_consent=_755&gdpr&sdkv=h.3.566.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=1010664126&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.566.2&sid=53F25E34-C10D-4352-99EE-AB4A5D3C632C&a3p=EhsKDGlkNS1zeW5jLmNvbRjxzt2e9DBIAFICCGo.&nel=0&eid=44748969%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&top=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&loc=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&dlt=1680470407516&idt=337&dt=1680470408417&cookie=ID%3D31c1ed9b481661b1%3AT%3D1680470401%3AS%3DALNI_MbC43qokuQCmXeIMUIcx-IKjY-5ZQ&gpic=UID%3D00000a3b5bd77932%3AT%3D1680470401%3ART%3D1680470401%3AS%3DALNI_MamCYdR_bZBAhP6CSL4dIxCdJ5EmA&scor=3869827576244579&ged=ve4_td0_tt0_pd0_la0_er148.315.148.315_vi0.0.1200.1600_vp0_ts0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.566.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame FABF 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lfzwoxns&c=4009227809736&slotId=2004613904868&ghmsh_eids=44748969%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.566.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4002:801::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:08 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
marketplace.anyclip.com/v1/ Frame 7EB8 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=i0TMNoABdw63yRGprZvT&dti=ul571X8B5vSrw48_1wF3&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&v=1&cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&abc=&dev=1&dom=ghosts-of-tabor.en.softonic.com&bw=chrome&os=windows&cpm=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.139.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-139-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:08 GMT
content-length
0
integrator.js
adservice.google.com/adsid/ Frame 7EB8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ghosts-of-tabor.en.softonic.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame FABF 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C22647169314%2C22646128729%2Fapl%2Fac1984%2Fvast2target&description_url=http%3A%2F%2Fsoftonic.com&tfcd=0&npa=0&sz=400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=498871075902833&vpa=auto&vpmute=0&sdkv=h.3.566.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=1010664126&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.566.2&sid=53F25E34-C10D-4352-99EE-AB4A5D3C632C&a3p=EhsKDGlkNS1zeW5jLmNvbRjxzt2e9DBIAFICCGo.&nel=0&eid=44748969%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&top=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&loc=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&dlt=1680470407516&idt=337&dt=1680470408795&cookie=ID%3D31c1ed9b481661b1%3AT%3D1680470401%3AS%3DALNI_MbC43qokuQCmXeIMUIcx-IKjY-5ZQ&gpic=UID%3D00000a3b5bd77932%3AT%3D1680470401%3ART%3D1680470401%3AS%3DALNI_MamCYdR_bZBAhP6CSL4dIxCdJ5EmA&scor=2745616293162299&ged=ve4_td1_tt1_pd1_la1000_er148.315.148.315_vi0.0.1200.1600_vp0_ts1_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.566.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
marketplace.anyclip.com/v1/ Frame 7EB8 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=i0TMNoABdw63yRGprZvT&dti=cCmFVIYBoXv1W8tU9LJq&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&v=1&cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&abc=&dev=1&dom=ghosts-of-tabor.en.softonic.com&bw=chrome&os=windows&cpm=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.139.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-139-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:09 GMT
content-length
0
integrator.js
adservice.google.com/adsid/ Frame 7EB8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ghosts-of-tabor.en.softonic.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame FABF 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F136431902%2C22647169314%2C22646128729%2Fapl%2Fac1984%2Fvast2&description_url=http%3A%2F%2Fsoftonic.com&tfcd=0&npa=0&sz=400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=246171598998355&vpa=auto&vpmute=0&sdkv=h.3.566.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=1010664126&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.566.2&sid=53F25E34-C10D-4352-99EE-AB4A5D3C632C&a3p=EhsKDGlkNS1zeW5jLmNvbRjxzt2e9DBIAFICCGo.&nel=0&eid=44748969%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&url=https%3A%2F%2Fghosts-of-tabor.en.softonic.com&top=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&loc=https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3&dlt=1680470407516&idt=337&dt=1680470409107&cookie=ID%3D31c1ed9b481661b1%3AT%3D1680470401%3AS%3DALNI_MbC43qokuQCmXeIMUIcx-IKjY-5ZQ&gpic=UID%3D00000a3b5bd77932%3AT%3D1680470401%3ART%3D1680470401%3AS%3DALNI_MamCYdR_bZBAhP6CSL4dIxCdJ5EmA&scor=566062494108247&ged=ve4_td1_tt1_pd1_la1000_er148.315.148.315_vi0.0.1200.1600_vp0_ts0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.566.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
0010_segment.ts
cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/ Frame CB79 		323 KB
324 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/hls_1680278951293/480x270/0010_segment.ts?wid=0011r00002IkuLz_12078
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
9a4b16384f941895b9f9b4649ad378d54e694ad653a4d92bb5e1619593851ab6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 21:20:09 GMT
Last-Modified
Fri, 31 Mar 2023 16:09:12 GMT
Server
AmazonS3
x-amz-request-id
HXN8WJ7KAEADJSA1
Age
39647
x-amz-server-side-encryption
AES256
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
Content-Length
331256
x-amz-id-2
/yewTk3jAneBAKiwc+XPj+DEId2BpwL9FAo2EayBsnRrVmFZ6XM49417Pe1NBX0iWJqb4CijE/U=
X-LLID
86eecba2a9003cd21c303377a889346b
Expires
Mon, 03 Apr 2023 10:19:22 GMT
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=6619&val=0&wnx=0&abc=&ty=grf&v=1&ext=0&ta=1&lnx=0&us=&trid=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:09 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=6620&val=0&wnx=0&abc=&ty=crf&v=1&ext=0&ta=1&lnx=0&us=&trid=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:09 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35
prebid.js
player.anyclip.com/lreprx/js/v1/src/ Frame 7EB8 		531 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.anyclip.com/lreprx/js/v1/src/prebid.js
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fmarketplace.anyclip.com%2Fv1%2Fwaterfall%3Fsti%3Di0TMNoABdw63yRGprZvT%26w%3D970%26h%3D249%26v%3D1%26cb%3D587012238%26pid%3Dsoftoniccom%26sid%3DPddYHHs0UvmrJAKanTwMbW07Z9l1nyBb%26cid%3Djf4uu4spjfruewlugyzuezdgnjqxirlf%26wid%3D0011r00002IkuLz_12078%26dom%3Dghosts-of-tabor.en.softonic.com%26abc%3D%26geo%3DCA%26dev%3D1%26bw%3Dchrome%26os%3Dwindows%26ip%3D149.56.153.178%26url%3Dhttps%253A%252F%252Fghosts-of-tabor.en.softonic.com%26gdpr%3D%26consent%3D%26schain%3D1.0%2C1!anyclip.com%2C0011r00002IkuLzAAJ%2C1%2C%2C%2C%26us_privacy%3D%26utm%3D%26pl%3Da%26ima%3D4%26clipPlayCounter%3D1%26tid%3D%24%5Btid%5D%26amznbid%3D%26amzniid%3D%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F111.0.5563.146%2520Safari%252F537.36%26domain%3Dghosts-of-tabor.en.softonic.com%26page%3D%24%5Bpage%5D%26itemid%3D%24%5Bitemid%5D%26zone%3D%24%5Bzone%5D%26permutive%3D%24%5Bpermutive%5D%26key_custom3%3D%255E0%253D%252F5302%252Fdesktop%252Fdesktop-Web-en%252FApps%252FDownload%252FATF_Lea%255E1%253Dderboard_First%26gpt%3D%24%5Bgpt%5D&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&imaw=0&wf=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-164-46-185.jfk.llnw.net
Software
AmazonS3 /
Resource Hash
b9b2d256e2d0cb3921fe5c136646dfee2ee7dacf5566554ba08bbcc2e5f9fbf5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
NzRTAgHqRsj.dkvQuCOmpsilgjDIQRba
Content-Encoding
gzip
Date
Sun, 02 Apr 2023 21:20:09 GMT
x-amz-request-id
SEFFXMCJ3D5FDB74
Age
31578
x-amz-server-side-encryption
AES256
Content-Length
168039
x-amz-id-2
WksHFAO+S8RarZ2QvoTf37BzJImVK/btD0eDX3VSwh0OF6H5dZNxfoZnJ+hvxy7AlQkr8AHhiFH6BpZ2XZZxrIZpAK7MuBIewxoZcdN6KoU=
Last-Modified
Thu, 30 Mar 2023 12:29:13 GMT
Server
AmazonS3
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=60
Accept-Ranges
bytes
X-LLID
378b720e214e73c494633bc8c638cc41
Expires
Sun, 02 Apr 2023 12:34:51 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 7EB8 		19 B
998 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 21:20:09 GMT
AN-X-Request-Uuid
82f057da-483f-4288-9b8c-9eca4cb4f0ca
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ghosts-of-tabor.en.softonic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
events
marketplace.anyclip.com/v1/ Frame 7EB8 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=i0TMNoABdw63yRGprZvT&dti=ARnWUIMBhRNLCGGWv2IP&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&v=1&cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&abc=&dev=1&dom=ghosts-of-tabor.en.softonic.com&bw=chrome&os=windows&floor=1.35
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.139.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-139-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:09 GMT
content-length
0
pbjs
htlb.casalemedia.com/openrtb/ Frame 7EB8 		36 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=677622&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%223b23d2f90de57b%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%3Fex%3DDINS-635.3%22%2C%22page%22%3A%22https%3A%2F%2Fghosts-of-tabor.en.softonic.com%22%2C%22domain%22%3A%22ghosts-of-tabor.en.softonic.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22softonic.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.9.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fghosts-of-tabor.en.softonic.com%2Fdownload%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22i0SaN4ABdw63yRGpIJ2y%22%2C%22adunitcode%22%3A%22i0SaN4ABdw63yRGpIJ2y%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224b83bfa6b2ccee%22%2C%22ext%22%3A%7B%22siteID%22%3A%22677622%22%2C%22tid%22%3A%2267879cea-cdd0-4e17-a628-6097907e61fb%22%2C%22sid%22%3A%22970x249%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22minduration%22%3A0%2C%22maxduration%22%3A200%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%5D%2C%22api%22%3A%5B2%5D%2C%22startdelay%22%3A0%2C%22playbackmethod%22%3A%5B3%5D%2C%22protocols%22%3A%5B2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22placement%22%3A1%2C%22playerSize%22%3A%5B%5B970%2C249%5D%5D%2C%22w%22%3A970%2C%22h%22%3A249%7D%2C%22bidfloor%22%3A1.35%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22anyclip.com%22%2C%22sid%22%3A%220011r00002IkuLzAAJ%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ghosts-of-tabor.en.softonic.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 21:20:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7%2B%2FSu3vtM4ngMaia5I8vBXcJAtVyJAlbbal6%2F1b4%2FUVEQNn5eK8wb8FBjK12ukCEpLHDoi9qxk9823poy0j0iYu32Yvq4cVNyRdaQYtmV6pjIqYv4vWpxKcB0ObUe%2BRMxbNaGg9"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ghosts-of-tabor.en.softonic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7b1c1d3b88a353ef-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
events
marketplace.anyclip.com/v1/ Frame 7EB8 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=i0TMNoABdw63yRGprZvT&dti=i0SaN4ABdw63yRGpIJ2y&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&v=1&cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&abc=&dev=1&dom=ghosts-of-tabor.en.softonic.com&bw=chrome&os=windows&floor=1.35
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.139.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-139-35.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:09 GMT
content-length
0
vmp.gif
pixel.anyclip.com/ Frame CB79 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=jf4uu4spjfruewlugyzuezdgnjqxirlf&inx=0&rt=6897&val=END_OF_CYCLE&wnx=1&abc=&ty=aer&v=1&ext=0&ta=1&lnx=0&us=&trid=&sid=PddYHHs0UvmrJAKanTwMbW07Z9l1nyBb&pid=softoniccom&wid=0011r00002IkuLz_12078&pt=a&anx=2&arx=2&crt=5704&s=0&aty=vid&tty=ac&rol=mid&sti=i0TMNoABdw63yRGprZvT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.134.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-134-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ghosts-of-tabor.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 21:20:09 GMT
last-modified
Mon, 27 Feb 2023 14:05:46 GMT
server
nginx
etag
"63fcb8ba-23"
content-type
image/gif
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
35

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.8proof.com
URL
https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-800.woff2
Domain
cdn.8proof.com
URL
https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-600.woff2
Domain
en.softonic.com
URL
https://en.softonic.com/ads-download-url?appId=e9b8b260-96d0-11e6-98d4-00163ec9f5fa&appUrl=https://www.opera.com/partner%3Futm_medium%3Dpb%26utm_source%3Dsoftonic%26utm_campaign%3Doutdated_new
Domain
cs.emxdgt.com
URL
https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEAvo9XB_clDh7-X-p448JBI&google_cver=1&google_push=Aer7DvL1oa-xrVghmNOuhmPQqvWxlHwAOaY6OeoDPlXjEiskjfM6bHWtz4vri6O8uhAp4GiUkgXjOxTwB5fMF06Z8Z47WAb2KswD
Domain
cdn5.anyclip.com
URL
https://cdn5.anyclip.com/IyJrOIcBYt63BdfjatEe/1680278829161_414x270_thumbnail.jpg?wid=0011r00002IkuLz_12078

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 boolean| credentialless object| dataLayer string| GoogleAnalyticsObject function| ga function| gtag function| gtag_report_conversion object| revampAdRendered object| eventTracker function| fbq function| _fbq string| deviceType object| criteo_q function| obApi object| uetq function| UET function| UET_init function| UET_push object| ueto_ba28de08c4 function| apiObj object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| postscribe object| google_tag_manager_external object| webpackJsonp function| hj object| _hjSettings function| onYouTubeIframeAPIReady object| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| webpackChunk_softonic_revamp_api object| revamp object| aax function| tdDisplaySlots function| tdDisplayInterstitial object| apstag undefined| google_measure_js_timing object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| GooglebQhCsO object| globalParamsObj object| dataGlobalJson string| rawJson string| userId object| countryRegions string| countryCode string| countryNormalize string| regionNormalize string| userBrowserLanguage string| localeNormalize string| pageIdNormalize string| categoryNormalize string| platformIdNormalize object| DD_RUM boolean| apstagLOADED object| apscustom object| _aps object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt object| gaGlobal object| gaplugins boolean| __bt_already_invoked function| setImmediate function| clearImmediate object| ID5 object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| Waypoint object| gaData object| categoryConfig string| category string| imgPath string| imgSrc object| GoogleGcLKhOms object| hadron boolean| __halo_loaded__ object| au number| google_global_correlator object| closure_lm_900367 object| google_image_requests object| closure_lm_810009

204 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CgsKCQj_____BxDnFA
.en.softonic.com/ Name: _usr_orgn
Value: direct
.en.softonic.com/ Name: _swo_vis
Value: DINS-635.3
.en.softonic.com/ Name: _swo_pos
Value: 180
.softonic.com/ Name: _uetsid
Value: 20982330d19c11edad945b2257524d49
.softonic.com/ Name: _uetvid
Value: 20983440d19c11ed80409b9b123e5d61
.bing.com/ Name: MUID
Value: 3EFFFD1388126BE72E87EFF489296A10
.bat.bing.com/ Name: MR
Value: 0
.softonic.com/ Name: _gcl_au
Value: 1.1.1335048650.1680470401
.criteo.com/ Name: uid
Value: 0d60c95f-0c44-480b-bc51-3fc004242db2
.softonic.com/ Name: rv_google_ppid
Value: ef7b2014-9b4f-47ed-b08d-05f185e185ed
ghosts-of-tabor.en.softonic.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.softonic.com/ Name: persistent.fpmUserId
Value: 1486c66a-db58-4877-a637-2c14e8adb21a
.softonic.com/ Name: session.fpmSessionId
Value: bfd8ee9e-8362-4f5d-9e48-f378224fd240
.softonic.com/ Name: _fbp
Value: fb.1.1680470401353.1948239048
ghosts-of-tabor.en.softonic.com/ Name: outbrain_cid_fetch
Value: true
.softonic.com/ Name: _hjSessionUser_424839
Value: eyJpZCI6IjNlMTBlYTI3LTQ4ZjItNTRkZi04YmZmLTljZmRkYWIzZDNjMCIsImNyZWF0ZWQiOjE2ODA0NzA0MDE1NDMsImV4aXN0aW5nIjpmYWxzZX0=
.softonic.com/ Name: _hjFirstSeen
Value: 1
.softonic.com/ Name: _hjIncludedInSessionSample_424839
Value: 0
.softonic.com/ Name: _hjSession_424839
Value: eyJpZCI6IjQxNGE5ZmQzLTZiZjQtNDkxYS1iOTk3LTMzY2I2MjViNTE0OSIsImNyZWF0ZWQiOjE2ODA0NzA0MDE1NTUsImluU2FtcGxlIjpmYWxzZX0=
.softonic.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
ghosts-of-tabor.en.softonic.com/ Name: _hjHasCachedUserAttributes
Value: true
.softonic.com/ Name: _ga_R5K71YRXMV
Value: GS1.1.1680470401.1.0.1680470401.60.0.0
.softonic.com/ Name: cto_bundle
Value: GB-8Ml9OWnRFS0owTEdvUng0RTVieDY4amZudGV6TEpJcVV3SSUyQmFReWpVYkRoc1I0eEF6aWUlMkJKTEF6M2Z0bDlpTlhMM0V1VzR6TGElMkYlMkJxSFRNRCUyRndhODY3MXNjSFolMkJBQklncmxqd25XMFVINW0lMkJLTFJQVGo1eDhnRlZjdVhWRXI5a1hsSVlWUWVyVmJRcCUyRm12aEVuTFIxSm5BJTNEJTNE
.softonic.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.softonic.com/ Name: _ga
Value: GA1.2.715226332.1680470402
.softonic.com/ Name: _gid
Value: GA1.2.1469002498.1680470402
.softonic.com/ Name: _dc_gtm_UA-152357-1
Value: 1
.ghosts-of-tabor.en.softonic.com/ Name: _ga
Value: GA1.4.715226332.1680470402
.ghosts-of-tabor.en.softonic.com/ Name: _gid
Value: GA1.4.1469002498.1680470402
.softonic.com/ Name: _gat_UA-152357-1
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: A64ha0K9XkAFoKjxESMvqV0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.3lift.com/ Name: tluid
Value: 2633585719758297007346
.gumgum.com/ Name: vst
Value: u_7a7dccd4-e78a-471c-95d0-f6eb708c05ec
.yahoo.com/ Name: A3
Value: d=AQABBILxKWQCEBnTxpVuFT5IO_M17vt2pY4FEgEBAQFDK2QzZAAAAAAA_eMAAA&S=AQAAAnUvaal9urUajT_7vSatmp0
.openx.net/ Name: i
Value: d6b29af9-b984-427d-8a9b-bd8b4e2bda0c|1680470402
.adnxs.com/ Name: uuid2
Value: 4906628487835955293
.deepintent.com/ Name: CDIUSER
Value: di_4f43946ff14e40978bbd0
.adsrvr.org/ Name: TDID
Value: 89f4937e-9350-458d-a1b8-16e98ea47418
.technoratimedia.com/ Name: tads_uidp_88
Value: 1858176530630978342959
.technoratimedia.com/ Name: tads_uidp_44
Value: LFYRP74X-1D-E0OV
.technoratimedia.com/ Name: tads_uidp_45
Value: 8C8AF31A-7246-4AD2-8B0B-4C6536E9B760
.technoratimedia.com/ Name: tads_uidp_46
Value: 3870857833461902090
.technoratimedia.com/ Name: tads_uidp_79
Value: 963eabd1-db26-4bcb-8461-b37e7f0a8628
.technoratimedia.com/ Name: tads_uidp_48
Value: 8cc5dd35-54d0-47f8-9c2a-a89259d90b23
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAMaIGQQWEsSwN9RgxgAAAAAAA
.technoratimedia.com/ Name: tads_uidp_7
Value: 87fa36c8-48b8-4bba-885c-066c858bc137
.technoratimedia.com/ Name: tads_uidp_80
Value: y-4X2zTpBE2uGY3fSba6mjQ8VUFKv0y8dc~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZCjklLCrpdaa9b3DKv2TggAA&1386
.technoratimedia.com/ Name: tads_uidp_50
Value: 70896b93-cde8-4fe3-b629-e28fe0b7eff8
.technoratimedia.com/ Name: tads_uidp_61
Value: 212133708120168
.technoratimedia.com/ Name: tads_uidp_62
Value: 3234031571455795000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: 1aUGtMjLZ14d605TrF20GzzdfDB18IKy
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-54af7f21-6132-4448-8639-d4871f13391a-005
.technoratimedia.com/ Name: tads_uid
Value: 16F85AA78ED646369CC5112051089037
.technoratimedia.com/ Name: tads_uid_cd
Value: 20221014204242+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.ipredictive.com/ Name: cu
Value: 51747092-343d-4325-ae8f-da6bfe08675d|1680470402246
.smartadserver.com/ Name: pid
Value: 5797391859246030884
.admanmedia.com/ Name: admtr
Value: 43883f18-74cc-4179-92fe-1ebd79eb0e7f
.admanmedia.com/ Name: ac_r
Value: CS71
.mathtag.com/ Name: uuid
Value: 21bb6429-f182-4f00-8f77-a2ecdf1666f5
.bidswitch.net/ Name: tuuid
Value: 80ca4228-81a4-4e25-8249-c1cf0b627468
.bidswitch.net/ Name: c
Value: 1680470402
.bidswitch.net/ Name: tuuid_lu
Value: 1680470402
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZCnxggAA0PsrhQBW
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-72e8f41c-c614-5c44-7a44-34baa58f8010.IPcq7KuvXIvHy%2Fcm%2FOr1SuLbzetz6mNMVoKWfhwS3Og
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Acuj0HMYUXER6RDS6pY-AEJU4mbI.1BDflfuSpSy9M6DovaXXdkYv87jFdIf1EPfp8GLZa1g
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Acuj0HMYUXER6RDS6pY-AEJU4mbI.1BDflfuSpSy9M6DovaXXdkYv87jFdIf1EPfp8GLZa1g
.casalemedia.com/ Name: CMID
Value: ZCnxgobKgrXuOQ3PvkszlgAA
.casalemedia.com/ Name: CMPS
Value: 3649
.casalemedia.com/ Name: CMPRO
Value: 3649
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 77836631-CA60-4F89-82D5-5254B3A0E098
.360yield.com/ Name: tuuid
Value: 180a06f6-123a-4dc0-8e44-98a84b585ba3
.360yield.com/ Name: tuuid_lu
Value: 1680470402
.id5-sync.com/ Name: id5
Value: 60fc822b-624c-71ce-aadd-d45e31970f82#1680470402356#1
.rubiconproject.com/ Name: khaos
Value: LFZWOT3X-20-BEUI
.doubleclick.net/ Name: IDE
Value: AHWqTUn-s1gvc1_KcDkzBii1F6HAwsUDG-rQ2xo6fP_cd3R1_2vwK8wUo7rZwhFE-CA
.softonic.com/ Name: __gads
Value: ID=31c1ed9b481661b1:T=1680470401:S=ALNI_MbC43qokuQCmXeIMUIcx-IKjY-5ZQ
.softonic.com/ Name: __gpi
Value: UID=00000a3b5bd77932:T=1680470401:RT=1680470401:S=ALNI_MamCYdR_bZBAhP6CSL4dIxCdJ5EmA
.contextweb.com/ Name: V
Value: qMmxevOZMT1Z
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 3bacab64f2f6c9cf
.outbrain.com/ Name: obuid
Value: f2fcc5c9-a4b2-4b6b-8b5b-965a7259c158
.zemanta.com/ Name: zuid
Value: TgmZxETM97TubJNGF99y
.simpli.fi/ Name: suid
Value: 70392DB35B2F446BB99E43B3F68BEDCE
.turn.com/ Name: uid
Value: 8161507818813469546
.creative-serving.com/ Name: tuuid
Value: 27a51034-3450-42a2-af51-38368804529a
.creative-serving.com/ Name: c
Value: 1680470402
.creative-serving.com/ Name: tuuid_lu
Value: 1680470402
.creativecdn.com/ Name: u
Value: cdVueV8wywNfvJsIc4ol
.creativecdn.com/ Name: ts
Value: 1680470402
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-89f4937e-9350-458d-a1b8-16e98ea47418&KRTB&22918-89f4937e-9350-458d-a1b8-16e98ea47418&KRTB&23031-89f4937e-9350-458d-a1b8-16e98ea47418
.thrtle.com/ Name: mc
Value: eyJpZCI6IjBkZTViYzMxLTFlNzQtNDE4My05ZjMzLTk0ZjY0NTM2MjY0MCIsImwiOjE2ODA0NzA0MDI1MjcsInQiOjF9
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8161507818813469546&KRTB&23150-8161507818813469546
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8b8d7037-a50f-4704-8a06-111aa15a5124-005%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:70392DB35B2F446BB99E43B3F68BEDCE
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEP47ZIu7WuH546paX3Up1-A&KRTB&22987-CAESEP47ZIu7WuH546paX3Up1-A&KRTB&23025-CAESEP47ZIu7WuH546paX3Up1-A&KRTB&23386-CAESEP47ZIu7WuH546paX3Up1-A
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: f615b3568f4aecac2fe3122a9cc232a7
.taboola.com/ Name: t_gid
Value: 11c288fe-4ec6-4f0f-9368-2190ffd815c0-tuctb237702
.bluekai.com/ Name: bku
Value: ikG99/nhvVutVF6s
.bidbrain.app/ Name: uid_cross
Value: 21926386-d19c-11ed-984a-3e3599269e8e
.bidbrain.app/ Name: sid_cross
Value: 212ea882-d19c-11ed-aa31-16a81374bf49
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8b8d7037-a50f-4704-8a06-111aa15a5124-005%22%7D
.adform.net/ Name: C
Value: 1
.socdm.com/ Name: SOC
Value: ZCnxgsCo8YoAAPfBFnEAAAAA
ghosts-of-tabor.en.softonic.com/ Name: ac_cclang
Value:
.adform.net/ Name: uid
Value: 5415445301091102796
.linkedin.com/ Name: bcookie
Value: "v=2&a410fca2-5d08-42b2-8470-1b3ad226bbea"
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2870:u=1:x=1:i=1680470402:t=1680556802:v=2:sig=AQGWkBkFrw6zAyq9Kx38OCW_P0ZZQjsA"
.gammaplatform.com/ Name: _aCMR_1
Value: 5
.gammaplatform.com/ Name: _aGeoIp
Value: ES|Valencia
.gammaplatform.com/ Name: _aUID
Value: 15nh0qta8k52
.bidswitch.net/ Name: google_push
Value: Aer7DvK_pPiJMYht3I0Vo1VNyovx3DQ6dotroCwrL_WRQLEcqM3KIuqHM2tUUb2yIefvYZdQqHy1tJlwbrqA3cy1Z6wyk_wsiJQ
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-TtX2qijvyFIBPWl5H4Rj3GvVhDRV_DCyFUMw8A&KRTB&23144-uid:k-TtX2qijvyFIBPWl5H4Rj3GvVhDRV_DCyFUMw8A&KRTB&23286-uid:k-TtX2qijvyFIBPWl5H4Rj3GvVhDRV_DCyFUMw8A&KRTB&23287-uid:k-TtX2qijvyFIBPWl5H4Rj3GvVhDRV_DCyFUMw8A
.360yield.com/ Name: um
Value: !38,cho4gpJaAwSxCqbqaaeZLF4H83llFVziQnGqtxvoyVJwzTfFPLp1NmAE7Tq7vWFB-trPPl6k,1688246403
.360yield.com/ Name: umeh
Value: !38,0,1742678403,-1
.adkernel.com/ Name: ADKUID
Value: A3811633554147411710
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2HaRr22#N!@wnfH1YdP.dEXlSkbWb?]'RQW8nZWp66UpWs''t(xUytC8Eoh(kAx>F80]?U*VR?3%xRDv-LyKP(hw9P-HC_#twrB+O8_Z
ghosts-of-tabor.en.softonic.com/ Name: ac_user_id
Value: acnpbnjdxlsbjxld6246c788f0040e009465b11e90dbd5ef6fae979b2ac12c8a8d2a654ff2919b9
.sharethrough.com/ Name: stx_user_id
Value: 46e5daa2-735f-4aa3-8a97-0a884fe17792
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A3811633554147411710
.bluekai.com/ Name: bkdc
Value: phx
.teads.tv/ Name: tt_viewer
Value: 25a53f63-1fd2-4f8c-897f-290c7e378246
.ads.stickyadstv.com/ Name: UID
Value: d25df3c08aed9866c2c38d71aa2fbeea
.ads.stickyadstv.com/ Name: uid-bp-11554
Value: k-bLLPDCjvyFIBPWl5H4Rj3GvVhDSHen4lw-HSdQ
.media.net/ Name: data-g
Value: CAESEBC0bI1AHowoZXUIMT6lmU0~~3
.dyntrk.com/ Name: dyn_u
Value: 05010005_6429f1837d094
.liadm.com/ Name: lidid
Value: 2088e8a3-830e-44bb-9654-15b1640a4d98
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%22221fdbd0-d19c-11ed-9c20-8d20c75b9377%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: mv_tokens_invalidate-verizon-pushes
Value: %7B%22mv_uuid%22%3A%22221fdbd0-d19c-11ed-9c20-8d20c75b9377%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%22221fdbd0-d19c-11ed-9c20-8d20c75b9377%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: am_tokens_invalidate-verizon-pushes
Value: %7B%22mv_uuid%22%3A%22221fdbd0-d19c-11ed-9c20-8d20c75b9377%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-fWiaGyjvyFIBPWl5H4Rj3GvVhDRD1ACFiMbY7g%22%2C%22version%22%3A%22criteo%22%7D
.c.bing.com/ Name: MR
Value: 0
.media.net/ Name: visitor-id
Value: 3234720031454637000V10
.media.net/ Name: data-c-ts
Value: 1680470403
.media.net/ Name: data-c
Value: k-SDxoYCjvyFIBPWl5H4Rj3GvVhDTL-nrbzMmC-g~~3
.omnitagjs.com/ Name: ayl_visitor
Value: 8858e9a0c8a76d7e8a4bb2d51604ccff
.smaato.net/ Name: SCM
Value: 3c10f921
.tremorhub.com/ Name: tvid
Value: da3b4d2580e64ab58949c5777e498b5a
.tremorhub.com/ Name: tv_UICR
Value: k-ONN1GSjvyFIBPWl5H4Rj3GvVhDTfdl7wW1ASOQ
.demdex.net/ Name: demdex
Value: 43541687620935552451371928094886369891
.smaato.net/ Name: SCM1001851
Value: 3c10f921
.dpm.demdex.net/ Name: dpm
Value: 43541687620935552451371928094886369891
.softonic.com/ Name: lotame_domain_check
Value: softonic.com
.softonic.com/ Name: _cc_id
Value: f615b3568f4aecac2fe3122a9cc232a7
.softonic.com/ Name: panoramaId_expiry
Value: 1681075203920
.softonic.com/ Name: panoramaId
Value: 205f3c52b8404ff0cf34c4134be416d5393878fbcc762422d81120485df8480e
.softonic.com/ Name: panoramaIdType
Value: panoIndiv
.smaato.net/ Name: SCMaps
Value: 3c10f921
.lijit.com/ Name: ljt_reader
Value: GalgbPZHdFcfpUZERZ2npyNA
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrIwVbIyNLMAIgMDAxMdJQtzVL6RGZhvYGpobAbimxijylsaIfNrAZhfED8%3D
ghosts-of-tabor.en.softonic.com/ Name: _au_1d
Value: AU1D-0100-001680470404-0CJ8A44E-MX8X
ghosts-of-tabor.en.softonic.com/ Name: _au_last_seen_pixels
Value: eyJhcG4iOjE2ODA0NzA0MDQsInR0ZCI6MTY4MDQ3MDQwNCwicHViIjoxNjgwNDcwNDA0LCJydWIiOjE2ODA0NzA0MDQsInRhcGFkIjoxNjgwNDcwNDA0LCJhZHgiOjE2ODA0NzA0MDQsImdvbyI6MTY4MDQ3MDQwNCwidGFib29sYSI6MTY4MDQ3MDQwNCwidW5ydWx5IjoxNjgwNDcwNDA0fQ%3D%3D
.rubiconproject.com/ Name: audit
Value: 1|G4uiFzc90VxTHPMu/BIpkETavgpXkekng9dN3YTG/skeECEUBMheijIhw1/fs2Sb8p9uT9pQ1s7qFTrNE4+z9rZt8l/LxmARH9HRYzrkXhB+UyYbne8ne+bbgsO9WeTs
.bidr.io/ Name: bito
Value: AABdqU7IU-MAACHm6G7N6w
.bidr.io/ Name: bitoIsSecure
Value: ok
.tapad.com/ Name: TapAd_TS
Value: 1680470404300
.tapad.com/ Name: TapAd_DID
Value: ab664ae0-ff15-4fcd-88be-b0364d0d2ade
.bidr.io/ Name: checkForPermission
Value: ok
.quantserve.com/ Name: d
Value: EFcBDQHUKN-owQA
.quantserve.com/ Name: mc
Value: 6429f184-5eba4-3bbd3-55694
.mfadsrvr.com/ Name: c
Value: 1680470404
.mfadsrvr.com/ Name: tuuid_lu
Value: 1680470404
.mfadsrvr.com/ Name: tuuid
Value: 4f050b32-8667-49fe-a556-ce0fc6bbe0af
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwi2k6DewfLZOxAFEhUKBmNhc2FsZRILCKryxt7B8tk7EAUSFgoHcnViaWNvbhILCIikg-HB8tk7EAUSFAoFdGFwYWQSCwiI9KbywfLZOxAFGAEgASgCMgsIiOypn9jy2TsQBTgBWgV0YXBhZGAC
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1680470404
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!2229
ghosts-of-tabor.en.softonic.com/ Name: _ga
Value: GA1.1.715226332.1680470402
ghosts-of-tabor.en.softonic.com/ Name: _gid
Value: GA1.1.1469002498.1680470402
.lijit.com/ Name: _ljtrtb_92
Value: 4906628487835955293
.lijit.com/ Name: _ljtrtb_43
Value: CfHEaFn0zmUS8JMzXvHbYl2nkmIS8MNnBvGE30g5
.lijit.com/ Name: _ljtrtb_85
Value: AABdqU7IU-MAACHm6G7N6w
.ad.gt/ Name: au_id
Value: AU1D-0100-001680470404-0CJ8A44E-MX8X
.ad.gt/ Name: g_hosted
Value:
.lijit.com/ Name: _ljtrtb_87
Value: 4f050b32-8667-49fe-a556-ce0fc6bbe0af
.lijit.com/ Name: _ljtrtb_26
Value: 80ca4228-81a4-4e25-8249-c1cf0b627468
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: DPSync3
Value: 1681603200%3A258_263_262_201_245_261_260_259
.pubmatic.com/ Name: SyncRTB3
Value: 1681603200%3A250_7_178_22_71_166_165_104_3_54_220_21_13%7C1680998400%3A2_223_15
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2av9:18zh~2av9:18z8~2av9"
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:21bb6429-f182-4f00-8f77-a2ecdf1666f5&KRTB&16736-uid:21bb6429-f182-4f00-8f77-a2ecdf1666f5&KRTB&23019-uid:21bb6429-f182-4f00-8f77-a2ecdf1666f5&KRTB&23114-uid:21bb6429-f182-4f00-8f77-a2ecdf1666f5
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-51747092-343d-4325-ae8f-da6bfe08675d&KRTB&23011-51747092-343d-4325-ae8f-da6bfe08675d&KRTB&23355-51747092-343d-4325-ae8f-da6bfe08675d
.adgrx.com/ Name: ADGRX_UID
Value: 232a7594-d19c-11ed-8de2-3a5ec51d8b40
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.bfmio.com/ Name: __187_cid
Value: 77836631-CA60-4F89-82D5-5254B3A0E098
.bfmio.com/ Name: __io_cid
Value: e9363c2c0367eec6787e9c6e88897ace5b476c97
.kargo.com/ Name: ktcid
Value: 4ac1722c-e15c-09bd-53ab-973ed0947ab6
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-232a7594-d19c-11ed-8de2-3a5ec51d8b40&KRTB&23275-232a7594-d19c-11ed-8de2-3a5ec51d8b40
.dotomi.com/ Name: DotomiTest
Value: 6198b7c6fa16067b
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4906628487835955293&KRTB&23339-4906628487835955293
.smartadserver.com/ Name: csync
Value: 79:k-MPlXEyjvyFIBPWl5H4Rj3GvVhDQOm66D_eMk7w|127:AABdqU7IU-MAACHm6G7N6w
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAH6AF7uZ8bKANmysZiAAAAAAA&KRTB&22713-AAAH6AF7uZ8bKANmysZiAAAAAAA&KRTB&22715-AAAH6AF7uZ8bKANmysZiAAAAAAA
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1jt4|7dN.0.AABdqU7IU-MAACHm6G7N6w|7bq.0.1
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABdqU7IU-MAACHm6G7N6w
.pubmatic.com/ Name: PugT
Value: 1680470403
.tremorhub.com/ Name: tvv
Value: 1
.tremorhub.com/ Name: tvrg_60420
Value: 1,1680470407
.pubmatic.com/ Name: SPugT
Value: 1680470407
ghosts-of-tabor.en.softonic.com/ Name: _dd_s
Value: rum=0&expire=1680471301404

7 Console Messages

Source Level URL
Text
javascript error URL: https://8proof.com/app/rtbmarkup/5111?id=396161125546&ctd=51034&crid=984&ap=ZCnxgQAMXKcIaAuVAA_yDqjDJgfz13Xf2wNWxg
Message:
Access to font at 'https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-800.woff2' from origin 'https://8proof.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-800.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://8proof.com/app/rtbmarkup/5111?id=396161125546&ctd=51034&crid=984&ap=ZCnxgQAMXKcIaAuVAA_yDqjDJgfz13Xf2wNWxg
Message:
Access to font at 'https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-600.woff2' from origin 'https://8proof.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-600.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Message:
Access to XMLHttpRequest at 'https://en.softonic.com/ads-download-url?appId=e9b8b260-96d0-11e6-98d4-00163ec9f5fa&appUrl=https://www.opera.com/partner%3Futm_medium%3Dpb%26utm_source%3Dsoftonic%26utm_campaign%3Doutdated_new' from origin 'https://9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://en.softonic.com/ads-download-url?appId=e9b8b260-96d0-11e6-98d4-00163ec9f5fa&appUrl=https://www.opera.com/partner%3Futm_medium%3Dpb%26utm_source%3Dsoftonic%26utm_campaign%3Doutdated_new
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEAUwTFU2ypsu59l-yKe845s&google_cver=1&google_push=Aer7DvLaVYwPo3iDLnXwqOPPFw99E2l9uycXdYgnwBqrZzJIyp9WnwgCfaVGQdJFPXtME05Hc8JX6evac8GSPXM_PQ9lUOkNTIA
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8proof.com
9f760b1cde579c1b106803f8338555d5.safeframe.googlesyndication.com
a.ad.gt
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ade.clmbtech.com
ads.creative-serving.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.ca
adservice.google.com
amazon-tam-match.dotomi.com
ampcid.google.ca
ampcid.google.com
amplify.outbrain.com
analytics.google.com
ap.lijit.com
api.btloader.com
articles-img.sftcdn.net
assets.anyclip.com
b1sync.zemanta.com
bat.bing.com
bcp.crwdcntrl.net
bh.contextweb.com
btloader.com
c.aaxads.com
c.amazon-adsystem.com
c.bing.com
c.eu1.dyntrk.com
c1.adform.net
cdn.8proof.com
cdn.hadronid.net
cdn.id5-sync.com
cdn5.anyclip.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
config.anyclip.com
connect.facebook.net
contextual.media.net
crb.kargo.com
creativecdn.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cs.admanmedia.com
cs.chocolateplatform.com
cs.emxdgt.com
cs.media.net
csi.gstatic.com
dis.criteo.com
dpm.demdex.net
dsp.adkernel.com
dsum-sec.casalemedia.com
eb2.3lift.com
en.softonic.com
eus.rubiconproject.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
g.bidbrain.app
ghosts-of-tabor.en.softonic.com
googleads.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.sftcdn.net
imasdk.googleapis.com
ipv4.icanhazip.com
lb.eu-1-id5-sync.com
marketplace.anyclip.com
match.360yield.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
notix.io
onetag-sys.com
oryj8-4pmb8.ads.tremorhub.com
p.ad.gt
pagead2.googlesyndication.com
partner.mediawallahscript.com
pixel-us-east.rubiconproject.com
pixel.anyclip.com
pixel.rubiconproject.com
pixel.tapad.com
pixels.ad.gt
player.anyclip.com
pr-bh.ybp.yahoo.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.casalemedia.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb2-useast.e-volution.ai
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
sc.sftcdn.net
script.hotjar.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
softonic.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
sslwidget.criteo.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
storage.googleapis.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
tags.bluekai.com
tags.crwdcntrl.net
tg.socdm.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.outbrain.com
trafficmanager.anyclip.com
trc.taboola.com
trends.revcontent.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
vid.springserve.com
visitor-usa02.omnitagjs.com
visitor.omnitagjs.com
www.datadoghq-browser-agent.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
cdn.8proof.com
cdn5.anyclip.com
cs.emxdgt.com
en.softonic.com
104.107.5.93
104.126.112.185
104.18.115.97
104.18.25.185
104.36.115.113
104.72.156.23
108.138.106.124
108.138.128.124
124.146.215.52
13.225.224.171
130.211.23.194
135.125.160.160
139.45.240.92
141.226.224.48
142.251.40.226
143.204.151.99
151.101.193.91
151.101.66.49
159.203.145.121
162.19.138.117
162.19.138.118
172.217.165.134
173.231.178.115
174.129.16.102
174.137.133.49
18.164.94.225
18.164.96.46
184.28.136.221
184.28.137.117
184.28.137.83
185.167.164.39
185.184.8.90
185.255.84.152
192.40.39.223
195.244.31.11
198.148.27.139
199.127.204.147
199.187.193.197
199.187.193.202
2001:4860:4802:34::181
216.200.232.253
216.52.2.16
23.216.84.23
23.40.172.207
23.92.190.69
2600:1400:d:4a6::29cc
2600:1400:d::1721:ee09
2600:141b:13::17d7:8379
2600:1f18:4e9:5a02:460b:2b68:c137:43d7
2600:1f18:612b:4200:2359:9f97:ea6d:7162
2600:1f18:612b:4200:439e:5582:9089:1d9
2600:1f18:ed:550a:f829:6715:25ad:4b5d
2600:9000:2209:3600:1b:5138:8a40:93a1
2603:c020:400d:3000:7130:bb0b:d7e:bee2
2606:4700:10::6816:3456
2606:4700:10::6816:34ad
2606:4700:10::6816:445
2606:4700:10::ac43:17ea
2606:4700:10::ac43:4e7
2606:4700:20::681a:246
2606:4700:20::ac43:4686
2606:ae80:1471:11::410
2607:f8b0:4004:c09::9d
2607:f8b0:4006:806::2006
2607:f8b0:4006:809::2001
2607:f8b0:4006:809::2004
2607:f8b0:4006:809::200e
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80d::200e
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::200a
2607:f8b0:4006:816::2002
2607:f8b0:4006:817::2002
2607:f8b0:4006:817::200e
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81d::2010
2607:f8b0:4006:81e::2001
2607:f8b0:4006:81f::2003
2607:f8b0:4006:81f::2008
2607:f8b0:4006:821::2002
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
2620:1ec:c11::200
2800:3f0:4002:801::2003
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42::300
3.220.205.252
3.221.116.31
3.222.243.70
3.225.218.10
3.33.220.150
34.102.128.115
34.111.113.62
34.117.157.22
34.150.170.96
34.192.9.105
34.196.131.192
34.230.139.137
34.232.131.28
34.98.64.218
35.166.130.85
35.173.101.214
35.207.24.140
35.211.178.172
35.227.233.104
35.71.139.29
38.91.45.7
44.206.182.6
44.207.77.179
44.208.221.23
44.238.78.48
51.222.39.187
52.116.53.150
52.18.137.128
52.200.72.107
52.204.125.50
52.206.134.14
52.207.206.215
52.207.45.55
52.220.229.2
52.3.62.68
52.46.151.131
52.95.126.138
54.166.160.90
54.220.72.158
54.234.211.69
54.237.139.35
54.83.15.219
63.251.28.233
64.74.236.63
68.67.160.114
68.67.160.186
69.164.46.185
70.42.32.159
72.247.65.83
74.119.118.138
74.119.119.139
74.119.119.150
8.28.7.83
8.28.7.84
8.43.72.97
8.43.72.98
80.77.87.162
0287c989f52e070e1c778fa0f63e64c2132f4e290bb48c5a3b2f04b4775d7490
02f8e9c460d80ad589f216e4cdbb00013c0d1b46c1f7337bc06049a99ebc2d51
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
099c242b7f21357ba887e27ac080dd6799d369d07511e1a788c633f40a6790b0
09ab648e63f8e3d319fa49d01ffccb0ebde87fc743822dfa6689dfe4f9a7ad47
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b7b74a139779fba8e1d17d597aa7cbffa27bd33d2b5c43d8039264c2a627412
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb3b3b1d8ed07e33a6c281929004f89ac36d3a7a1b1c2ff8bc3cddef4f6d74c
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c6e2e8d8cd53d596fe911a8ca19eb732e1fafa5c772e8f054e3be7761211048
11888b806f1b524c1cc686b947db8624604cae44a8e04d9830a1cb1a6123c7c2
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825
1647d4854b9b3e043293d751d7c4423d89ecb6e248e6fdfc7b7d8c7b158cf908
16e23798c6668c7e3229fbb943cc07a4844edf1f2bede94a7db7341891c2d723
17cda8493cc31adfd7d933da62afc4ee8cd4a8a78d8b5dd39e32c3528dd565c9
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19317c3d6f36f8680cffd5df413c082cac3c37b6eb794bdc7b0972ab8523ac33
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
1aeb76fe4a743fd07233e24e6f6e6758ea829e8bece2e9754562c565176ece92
1bccd9eba01b5b9421d483f06a5437f8482a44b30618b5152bcc11de09402251
1cddad0be685304684aac39c6dbf7c0857879de0e0045be8a5351c1031720b5d
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1dd0164d7a288b7733fa105f3251d65b37466d556301df4b967f89294ac3af7e
1e8565c2fefd99bae229bf5912b8a400f64eed0f6e6762f7101771328ea1bd48
1e9165f562ac45abb2e5161f85b71494adf9939643adef85277b3e6c52a1b5d1
2088f5aa1ebfab0d8de47886b0418c34f5b36d5b19286b9c87616547dfa3562d
23b8f59d68dcc728b3fa0608d1755d0910fff6469f37c4e9712f684a06d1920a
23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a
263b5c14ea0c8dba145eaa30a0e60b7f9e0d3cb3c8f2356f59832ff329fa6d38
26840d8e6a3847df23553537b405e9badca0dff237b0854f15d04656dd57e40e
276a1691faf443e5795da8e335f58cf983cb4babe42f73a2e36d5e84e0bcc4f4
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b2f8884f06e588675848471606a49693553a2d032a32fce85a5203ae7c796a6
2bf4b5202559dbe01d8188a3adb26d68755a69064f233ef63f284b08efaed6ad
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea20390225c677e4eff95be80257e5913849133d9fd55879d8ce08890c9bb2b
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3352e33c0676ccd897c42bd47ff4d9c85b5328ed5f2372db4a9266c3e6790a4e
3488ddcfa7089f9185630191bad8dab763f32a966a61a37bc8fd18dd9f6b9e19
34f8aa180f224cdcac8b01831dbd0bb6bc5fb0f9b7c965f2df3f66483ccdafe8
35695b774f47352d08af65123ca47ee75237a7ce4375d55c1889da84588b6a27
3679a2ad89d2768799b2ee540197e2d8af593e0b79f9c55cb2d4495c1934c8e5
3ad01840b7008ea1128bf71869ce0a1e040464ed18e8686f0852080f067f159b
3cc9389c9cfdbc0fb7c282c3026c3cd9c11894913f4cf60cf9d1140a1415ad0a
3dd3f9f6c6fb24816e23864a76aa3e52103730816a536e8fae82e264196a2f4f
3e1c702ca6b594e2fbb920772feed90a1058c1f24f38cf4e298cd61c1fd523fd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40171a7226bd317add9bffa993668816a24c1894b52a450c5b756513ae093fb3
405d2678459ffa6c115adb70f84ab12d40269080e1c47e26a06cb1a0f04fbd35
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b79bf4245a412cec86a713712b018d81778a61f5021a7e4842eabf05819ba7e
4bdf12b03becbdd600d8ffc06d03ca84e73c1097e0d61bc2b1a99315b4164e50
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52ff4dafe5cc869764fc7b007efbfa9375cb7b8d0ebbeb5144506093ae60b922
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55775baf70d2f1d40bac3a60de82e8e42b7e34687802f73671f25f2f60fdc6d4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55cb95b168a4388dea5fd4bee40b202d81552da080413b6a8cbad86f9a4b3d61
55dfd90b384d0b20657286c31971ccd35c111eb7e26471fcfa6a3ced11fba2a4
55f6bea005e8b09b9c2ca1ac17efd0205fd164dcbc9bf089fcde8e627b4697ed
56eadc0e7b4fcfd8942f5f6af95e82fdde4f5e89e69e01ec68ce749e7ae46ddf
56eec970d49d047c19adb98e5bb4b701f208cdef8768caaf76cdacc4083a1b97
58020f939aafcc326a509ea78fff8dae140989c84eb68d873da58198cf116b2b
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d6bfbb2215ad4fb941eb5933e3e7fe942c288abd75b09a6d64ddc4ae4d96e3e
5e3c0fc205b9835c14369c3968aeb8800a20e1ddb601e69ceea830e01b10c0d4
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60a98b029056cc2e2148db3b0e88a0b58fe7a3284382ef896ef847fedfe491fa
60bd8b1ac363e0f3251c73fabdd9d3e4822b20eac538ddfb896670ea0c4cb529
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6248d26097243293144a2c446b330ef62be51f9407430894f8c8ce4218643371
63366603b6b4f2ff5fd3cedfc2a503668acbfbb4c11e63ce80f5b57144bc7df4
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
66bb481ae57ed9e56f6ee08dbbe5def1e9ffb7d1586dc59d098eaa868916c819
68bbd844ba04e9bfaa217f7ed795d8151c697ee4084e42f008238b8a86f84df5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b3c83e050c374cfdd13f77640509c6bf68fd787b8f35bfeef2aae4a3372355d
6d79e0a3c6d09615223eb18f0ca85097a43196f3b816e2c2192c30dbfb20d580
6e7427b8419cc7f191acc60e33a1afa153c59423f183182cb731f8a9f0c612d4
6f9d55f0949bd70d519b0783ee8ab32f4a9a8444d379b60d882aefb7231b4f9d
6fe7a3bdd22e81fa4d9435461d0a97786d86cfd168396d36091da3219abb7ffc
726d28f94aeb14c9cab3e50ad5b2f06e35856c3cac9c27087ce670f431720cae
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
73b1ad8ca90df7f68a9b5c9f2ffe3f08ae9abc8128d2d361e843713f7e58228e
795408bc1ab4b09c85ce6af8c1058b110e9124bd931a571193f029a51f41d3f1
7cb2b177ef2c7560273c716faa3e8619d6493c29e6ebd2b4fae4459e28d66bde
7f04063a034a9568fa95895d466e17bbf6ef8cc1c63021b1ec418f9a3d770c22
8020da01addd0ddd98598b91b8ebaa8f39100c3304cdfba4b305591a453055a4
80884445f9ffc3a58c770b201a2bb10215af2630819aa8f8434e728d82e74a5f
8117ea09b5caab594dd88ba8826f107ef9f3a5f91e36b1f89672b03dc33ae48e
81bf7859a2ccab77c41c58b57ab31a1afc56d7bcca020a02a1c420aacb259b6e
82627e711fb54b8db834de8bc5afcd1a75f19fad3663dbd75990eb3d9cf6e69d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84bd0fc845439923fd4ac59bbd46dc6d4000d4ebe117a0ce223cef1aed7a8ec6
84f247283d2d5c557b7d073b988a0f4e79eaa695741dafb1a1fe59161c518c79
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
87322c000f2a6fe99cea44cb18cc96e186082f9e5b433d4311825d8871dfabc8
8810587be117a41395b3e4453cecc81889b4fccc9fb6c52ddaff3583b958c96b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
915dae9d8aca6eb04da1b93bf83138295d043857b949466d2dd48aa3526c2b0b
9465ef06764587af0a8d7dc16680b1c6dc29563bd7afa53f5ab28ab58da77387
96ca6631cc96baf92b0ab5e218e3a25a6f30e7e0f994e8b0167ab2e79115bbaf
9817f2233ba498de6032a5ff48c57b6c6c1e7dd846415df2e01317f632212385
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4b16384f941895b9f9b4649ad378d54e694ad653a4d92bb5e1619593851ab6
9a76aa8c31c3d1f59c5b3a6d86b39bdb03bd8a9af6cfdeb7cb432d16db964196
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a139618572b9c9b5e7e0d75d62f81c0d6aa6202f72db242ed62b860e805027db
a1584abe7ea49c72af53bf1719d4f0cd3c03af2e7847da0fa5b1d47b3df2d33e
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a214ed2951f0b00b7fdf78d5377ea93408b0435922d36df75c7f1e8e12092d86
a2ba7c4534e883c295fa1f8d94b49e267d498c5178000c3cf28e74b2cca82468
a3fc5c6d058d02b985e4d967ecee05bf4ef6d3469cc061d87ca580e620daeb04
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a722786d1373623af5f882d8767a011a63e75ba728fcce1c2431e65250c9c1f7
a7fc7e3b5ded6d75a8f1a751aa663ef1bd567cdab27706c742f4474799c359c0
a9c21f73e5781b07e9ae478497472051a87ee326e95761bb2d82387b07cbbcf6
aa1f9c66e99fe9ca2bbe73ea1c4aef8ea9dfd9ef5f594dfec07f377cc30a7861
aadceda6ac29f88fdd80f43e6630da80c6f863be565d2205f0c45b1a3066ee2b
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad0da9b0e442363a832544f9f593ab8660e4d8ee57095f2f89ce55f7fec21e98
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aedb16e34b863ced62d14881fabc52e4a763e2af4fb1ccf2221eeac6310a739f
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afc1541049b5c3fdc51bac7e5cf9e81d0124e8ffa1ca9c46805833c15e0eca65
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1eb3611ac1836a0ff112beaaf159699df1aca136adf2c2aa19771f68402de50
b7470cd5acebfb134cb7c5db03fab7aebe7b137d56a1e782348c14b16aa2e9e6
b762270cf0cd9758dde71e6b91ed6e506b10df15695c65e551e44afc193626c0
b85e92549b7167d4604ede3057e363b081e0c13962264bf3ed1bdb633fedaa5e
b9b2d256e2d0cb3921fe5c136646dfee2ee7dacf5566554ba08bbcc2e5f9fbf5
b9ec2d6f02b69a0484181b9d71ac0831a6c6f8e581e5fa0848fe28bebdb86a0c
baaed91f573700e80e626f7c89cec39795909c216dd87082241204aecf21a46d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbf6ca02c6fe83030721871210725c265830e31dda90dda3fad90ce18232377c
bf8a3d71354828a837da5f234fdeab608b2e535b11b4851e89d75b1686686635
c00f53abc4895a0dfaaf9faf2a0188c8ad2f9aff011d6143934cd27e17dad670
c1ff4e5c14f02980b8030437c0e853d8e6a82ec3e73aab9052a985f01aed5721
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c23f9d5aa272416023902cbf21d80d8b33a9395d2aed8ccacfd802026c5bd379
c2b14b587d647eb2f07ac2dad2b5a7644d40c4be07af8e630c7b12c0f02168ed
c3389763a5dd72fbaabd38aa99691fe3ff9ed60451cca66464294be416a15e70
c3fc08bb2329247ab68564902dec1d2f2aeafbd0c1530687d5498bebc712f847
c6cbc21c55c1cde6715c32ffb1523cb0a7af7b5480578f54514b15f22ee43ea9
c7fa093da06c5a1c94cb5473e5f48f46aba48f140527c047d634e0d3368fa0a7
ca29644fbe4e5610aa57791a1bc30b9a1d20ce8dc786049a0ee4f28987c0050e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbf4f0344c175cbd5e1dfc22ee610e5719107a9d6f48f022858db6ff8deab981
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cc9798fd5ebb8d163418a4a8088b226a9678532426493550e4f03261bef3739f
cd55d653c930d2f2660d557e496ca034dc71329b806a7713cc9658b3dc1284ba
ce1953f3e5a0b4256e789bddd865ecb6fa8fd31bb72c04303e18ceae616ca7d6
ce62eee32fe228e364fbdbe2fa399d26a199e5c3838f28e6f27bc6766f7edabc
cefa5646355420f679508c065e359e002014016b174948ff69b1c53bd197e0fb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf696d77a52e8c8d1db0a229de4f684bb9a85cdb1f2c3289d4d7067cf82c330c
d03b2a573e13c69a70a4efb22ca78f769ff96692861433bc7fd967e3907f4bca
d08f896529caca0370f68506748ff69c8f731718e6fdf90e0d1d72fe1dcd8c56
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d4648418fbcf2bffd5fadac83662d7048a5e786d3fae44f8717d7a5bf5cb7eba
d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100
d4a3e5f08b3a49db39b669fe317f4bb062a367615048875f5fb8225804e1eada
d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a
d544eae637d61ee786c0a45bb0a7f250f9280bcd2ea1576655a761f1d397b8df
d82a7364256545760e9eec8aebd6d0c844ce7cfc0a2403d60e06b5ddea17f4c8
d8dac4dfb15299ed2b7c3b13a3ee6ad080342ee87638f44190dea188ea674120
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
dcfbb6724aa1cd2321ff9542d93aef49c139e87c563202ef8ffb1fedd7293e2a
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
df3f0c0389c2ea301984acdc503000b2daff2c37f7a68c31abf2958d71c9e208
e10260aceb13c1fc315664d60a0ba5a5474e09e9bf551dc78b09314be29a80e7
e2ffbe9668df9a29783b6f8e7cad3e763e788c37228c9b7e9498bbd2d36d0fb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e527034c8643f0da7c4a27881a51c0bedaf1a865d0b8315a6f68b1af5bb23a53
e7468707393898a49321296bbd71c211fb78ee386094076814d36da33f724641
e7e5b9bf9025cb0a1f86c0109a812908b4b4af621118fa7763cf6f488144a103
e904dd1247092b849cbac2dabab05502d22cc63ddd19681b6639bb35a361ed71
ea721098e6f1003b7879f4fe35715d01383c54a1bbf1ce648d8713fdc829b14c
ec1e6f99eaec8599b28238a7d0faf406d9d527a02ad28d8c86ed567ebd1a3082
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09652e7287e5a03c2547d723b866846672fdc4bb560b2cdaafe192c0310e502
f14c06a76c71462de6512d7daf40777db88c7545b25141b10b3e2cff52b689a5
f5dce08a1aa58293961d58ae6049a3db0571f1813faf721192678cba84943ab3
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f820bf998b2552b2b25f79e19654f124471486a8a98eaa4285d0d41683284305
f917a7481c873ece921db24f0d9e960211d960007177752a7ba7bf3029abe6a9
f9dc00a29bb76d8400dcdc45c36a160d3e5bd4b3b376712f0673279f0bf84ddb
fd67f389aff22d6e5f56894ee306ac4fb9b55ccf52879ba0360d6b38dc19f60e
fee573c3813a436aaf595a213e8157561eef708fa942f793fe07891e7e4114bb